domain_endpoint_options_enforce_https enabled by default (#95)

maximmi · web-flow · commit 7f64e0d452a2 · 2021-01-26T11:37:31.000+07:00
* domain_endpoint_options_enforce_https enabled by default, tests fixed for TF 0.14

* formatting for TF 0.13 applied
diff --git a/.gitignore b/.gitignore
@@ -6,6 +6,8 @@
 .terraform
 .idea
 *.iml
+**/.terraform.lock.hcl
+test.log
 
 **/.build-harness
 **/build-harness
diff --git a/README.md b/README.md
@@ -185,7 +185,7 @@ Available targets:
 | dedicated\_master\_type | Instance type of the dedicated master nodes in the cluster | `string` | `"t2.small.elasticsearch"` | no |
 | delimiter | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.<br>Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
 | dns\_zone\_id | Route53 DNS Zone ID to add hostname records for Elasticsearch domain and Kibana | `string` | `""` | no |
-| domain\_endpoint\_options\_enforce\_https | Whether or not to require HTTPS | `bool` | `false` | no |
+| domain\_endpoint\_options\_enforce\_https | Whether or not to require HTTPS | `bool` | `true` | no |
 | domain\_endpoint\_options\_tls\_security\_policy | The name of the TLS security policy that needs to be applied to the HTTPS endpoint | `string` | `"Policy-Min-TLS-1-0-2019-07"` | no |
 | domain\_hostname\_enabled | Explicit flag to enable creating a DNS hostname for ES. If `true`, then `var.dns_zone_id` is required. | `bool` | `false` | no |
 | ebs\_iops | The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type | `number` | `0` | no |
diff --git a/docs/terraform.md b/docs/terraform.md
@@ -41,7 +41,7 @@
 | dedicated\_master\_type | Instance type of the dedicated master nodes in the cluster | `string` | `"t2.small.elasticsearch"` | no |
 | delimiter | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.<br>Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
 | dns\_zone\_id | Route53 DNS Zone ID to add hostname records for Elasticsearch domain and Kibana | `string` | `""` | no |
-| domain\_endpoint\_options\_enforce\_https | Whether or not to require HTTPS | `bool` | `false` | no |
+| domain\_endpoint\_options\_enforce\_https | Whether or not to require HTTPS | `bool` | `true` | no |
 | domain\_endpoint\_options\_tls\_security\_policy | The name of the TLS security policy that needs to be applied to the HTTPS endpoint | `string` | `"Policy-Min-TLS-1-0-2019-07"` | no |
 | domain\_hostname\_enabled | Explicit flag to enable creating a DNS hostname for ES. If `true`, then `var.dns_zone_id` is required. | `bool` | `false` | no |
 | ebs\_iops | The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type | `number` | `0` | no |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -4,7 +4,7 @@ provider "aws" {
 
 module "vpc" {
   source  = "cloudposse/vpc/aws"
-  version = "0.17.0"
+  version = "0.18.2"
 
   cidr_block = "172.16.0.0/16"
 
@@ -13,7 +13,7 @@ module "vpc" {
 
 module "subnets" {
   source  = "cloudposse/dynamic-subnets/aws"
-  version = "0.30.0"
+  version = "0.34.0"
 
   availability_zones   = var.availability_zones
   vpc_id               = module.vpc.vpc_id
diff --git a/main.tf b/main.tf
@@ -1,17 +1,17 @@
 module "user_label" {
   source  = "cloudposse/label/null"
-  version = "0.22.0"
+  version = "0.22.1"
 
-  attributes = compact(concat(module.this.attributes, ["user"]))
+  attributes = ["user"]
 
   context = module.this.context
 }
 
 module "kibana_label" {
   source  = "cloudposse/label/null"
-  version = "0.22.0"
+  version = "0.22.1"
 
-  attributes = compact(concat(module.this.attributes, ["kibana"]))
+  attributes = ["kibana"]
 
   context = module.this.context
 }
@@ -262,7 +262,7 @@ resource "aws_elasticsearch_domain_policy" "default" {
 
 module "domain_hostname" {
   source  = "cloudposse/route53-cluster-hostname/aws"
-  version = "0.8.0"
+  version = "0.10.0"
 
   enabled  = module.this.enabled && var.domain_hostname_enabled
   dns_name = var.elasticsearch_subdomain_name == "" ? module.this.id : var.elasticsearch_subdomain_name
@@ -275,7 +275,7 @@ module "domain_hostname" {
 
 module "kibana_hostname" {
   source  = "cloudposse/route53-cluster-hostname/aws"
-  version = "0.8.0"
+  version = "0.10.0"
 
   enabled  = module.this.enabled && var.kibana_hostname_enabled
   dns_name = var.kibana_subdomain_name == "" ? module.kibana_label.id : var.kibana_subdomain_name
diff --git a/test/src/go.mod b/test/src/go.mod
@@ -3,6 +3,6 @@ module github.com/cloudposse/terraform-aws-elasticsearch
 go 1.14
 
 require (
-	github.com/gruntwork-io/terratest v0.30.0
+	github.com/gruntwork-io/terratest v0.31.4
 	github.com/stretchr/testify v1.6.1
 )
diff --git a/variables.tf b/variables.tf
@@ -144,7 +144,7 @@ variable "encrypt_at_rest_kms_key_id" {
 
 variable "domain_endpoint_options_enforce_https" {
   type        = bool
-  default     = false
+  default     = true
   description = "Whether or not to require HTTPS"
 }
 

Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,6 @@ module github.com/cloudposse/terraform-aws-elasticsearch`
`3`	`3`	`go 1.14`
`4`	`4`
`5`	`5`	`require (`
`6`		`- github.com/gruntwork-io/terratest v0.30.0`
	`6`	`+ github.com/gruntwork-io/terratest v0.31.4`
`7`	`7`	`github.com/stretchr/testify v1.6.1`
`8`	`8`	`)`
Original file line number	Diff line number	Diff line change
`@@ -144,7 +144,7 @@ variable "encrypt_at_rest_kms_key_id" {`
`144`	`144`
`145`	`145`	`variable "domain_endpoint_options_enforce_https" {`
`146`	`146`	`type = bool`
`147`		`- default = false`
	`147`	`+ default = true`
`148`	`148`	`description = "Whether or not to require HTTPS"`
`149`	`149`	`}`
`150`	`150`