·
1 commit
to main
since this release
feat(ssm-secrets): add support for extra config options @RoseSecurity (#45)
## what- Added support for specifying
parameter_store_pathsandresourcesin the values passed to theexternal_ssm_secretsmodule, enabling more granular control over which secrets and resources are managed. - Introduced a
serviceAccountconfiguration that sets the service account name based onmodule.this.name, improving service account management. - Added an
rbacconfiguration block with acreateflag controlled byvar.rbac_enabled, allowing for optional RBAC resource creation.
why
- This updates the configuration for the
external_ssm_secretsmodule to support additional customization and RBAC (Role-Based Access Control) options. The main changes expand the set of values passed to the module, allowing for more flexible and secure integration.
Summary by CodeRabbit
-
New Features
- Configure multiple Parameter Store paths for external secrets.
- Add resource requests/limits configuration for pods.
- Specify custom ServiceAccount names and toggle RBAC creation.
- Maintains existing region configuration.
-
Chores
- Updated chart/values structure to support the new configuration options without changing existing behavior.
🚀 Enhancements
chore(deps): bump github.com/ulikunitz/xz from 0.5.11 to 0.5.14 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#40)
Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.14.Commits
7184815Preparation of release v0.5.1488ddf1dAddress Security Issue GHSA-jc7w-c686-c4v9c8314b8Add new package xio with WriteCloserStack4f11dceUpdate README.md and SECURITY.md to address security questionsf56ebbfTODO.md: fix a typo- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
🤖 Automatic Updates
Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#44)
## what This is an auto-generated PR that updates the README.md and docswhy
To have most recent changes of README.md and doc from origin templates
chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.43.0 @[renovate[bot]](https://github.com/apps/renovate) (#43)
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842).This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| terraform-linters/tflint-ruleset-aws | plugin | minor | 0.42.0 -> 0.43.0 |
Release Notes
terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)
v0.43.0
What's Changed
Breaking Changes
Enhancements
- Update AWS provider/module and generated content by @github-actions[bot] in #921
- Update AWS provider/module and generated content by @github-actions[bot] in #948
Chores
- Bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in #927
- Bump the aws-sdk group with 7 updates by @dependabot[bot] in #928
- Bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 by @dependabot[bot] in #931
- Bump github.com/hashicorp/terraform-json from 0.25.0 to 0.26.0 by @dependabot[bot] in #930
- Bump the aws-sdk group with 7 updates by @dependabot[bot] in #929
- Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #932
- Bump the aws-sdk group with 7 updates by @dependabot[bot] in #933
- Bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @dependabot[bot] in #934
- Bump github.com/zclconf/go-cty from 1.16.3 to 1.16.4 by @dependabot[bot] in #935
- dependabot: allow actions writes by @wata727 in #936
- Fix E2E tests to take into account the newly added JSON fields by @wata727 in #944
- Bump actions/attest-build-provenance from 2.4.0 to 3.0.0 by @dependabot[bot] in #937
- Bump github.com/aws/smithy-go from 1.22.5 to 1.23.0 by @dependabot[bot] in #938
- Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 by @dependabot[bot] in #940
- Bump github.com/zclconf/go-cty from 1.16.4 to 1.17.0 by @dependabot[bot] in #942
- Bump github.com/hashicorp/aws-sdk-go-base/v2 from 2.0.0-beta.65 to 2.0.0-beta.66 by @dependabot[bot] in #943
- Bump the aws-sdk group with 7 updates by @dependabot[bot] in #939
- Bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in #941
- Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by @dependabot[bot] in #945
- Bump golang.org/x/net from 0.43.0 to 0.44.0 by @dependabot[bot] in #946
- deps: Bump Go version to 1.25 by @wata727 in #950
Full Changelog: terraform-linters/tflint-ruleset-aws@v0.42.0...v0.43.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#42)
## what This is an auto-generated PR that updates the README.md and docswhy
To have most recent changes of README.md and doc from origin templates
Migrate README generation to atmos @goruha (#41)
## what - Update README.yamlwhy
- Use atmos to generate readme
chore(deps): bump github.com/ulikunitz/xz from 0.5.11 to 0.5.14 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#40)
Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.14.Commits
7184815Preparation of release v0.5.1488ddf1dAddress Security Issue GHSA-jc7w-c686-c4v9c8314b8Add new package xio with WriteCloserStack4f11dceUpdate README.md and SECURITY.md to address security questionsf56ebbfTODO.md: fix a typo- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#39)
## what This is an auto-generated PR that updates the README.md and docswhy
To have most recent changes of README.md and doc from origin templates
chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.42.0 @[renovate[bot]](https://github.com/apps/renovate) (#38)
This PR contains the following updates:| Package | Type | Update | Change |
|---|---|---|---|
| terraform-linters/tflint-ruleset-aws | plugin | minor | 0.41.0 -> 0.42.0 |
Release Notes
terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)
v0.42.0
What's Changed
Breaking Changes
- Remove aws_guardduty_member_invalid_email rule by @wata727 in https://github.com/terraform-linters/tflint-ruleset-aws/pull/925
- This auto-generated rule had invalid regexp.
Chores
- Bump the aws-sdk group with 7 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9244
Full Changelog: terraform-linters/tflint-ruleset-aws@v0.41.0...v0.42.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.41.0 @[renovate[bot]](https://github.com/apps/renovate) (#37)
This PR contains the following updates:| Package | Type | Update | Change |
|---|---|---|---|
| terraform-linters/tflint-ruleset-aws | plugin | minor | 0.40.0 -> 0.41.0 |
Release Notes
terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)
v0.41.0
What's Changed
Breaking Changes
- fix: update mappings for AWS Provider v6 compatibility by @bendrucker in https://github.com/terraform-linters/tflint-ruleset-aws/pull/902
Enhancements
- Update AWS provider/module and generated content by @github-actions[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8888
- Update AWS provider/module and generated content by @github-actions[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9199
Chores
- Bump the aws-sdk group with 2 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8877
- Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.222.0 to 1.224.0 in the aws-sdk group by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8899
- Bump golang.org/x/net from 0.40.0 to 0.41.0 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8911
- Bump the aws-sdk group with 6 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8922
- Bump github.com/hashicorp/aws-sdk-go-base/v2 from 2.0.0-beta.64 to 2.0.0-beta.65 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8900
- Bump actions/attest-build-provenance from 2.3.0 to 2.4.0 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8944
- Bump the aws-sdk group with 7 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8955
- Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8966
- Bump the aws-sdk group with 7 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8977
- Bump the aws-sdk group with 4 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9055
- Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9066
- Clarify README by @excavator-matt in https://github.com/terraform-linters/tflint-ruleset-aws/pull/907
- Bump the aws-sdk group with 3 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9088
- Bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9099
- Bump github.com/hashicorp/hcl/v2 from 2.23.0 to 2.24.0 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9100
- Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.230.0 to 1.231.0 in the aws-sdk group by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9111
- Bump the aws-sdk group with 7 updates by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9144
- Bump sigstore/cosign-installer from 3.9.1 to 3.9.2 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9155
- Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.233.1 to 1.236.0 in the aws-sdk group by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9166
- Bump github.com/aws/smithy-go from 1.22.4 to 1.22.5 by @dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9177
- Draw attention to rules disabled by default by @excavator-matt in https://github.com/terraform-linters/tflint-ruleset-aws/pull/918
- Remove unneeded repository info from goreleaser.yml by @wata727 in https://github.com/terraform-linters/tflint-ruleset-aws/pull/920
New Contributors
- @excavator-matt made their first contribution in https://github.com/terraform-linters/tflint-ruleset-aws/pull/907
Full Changelog: terraform-linters/tflint-ruleset-aws@v0.40.0...v0.41.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
Contributors
goruha and RoseSecurity