Releases: terraform-aws-modules/terraform-aws-eks
Releases · terraform-aws-modules/terraform-aws-eks
v17.0.3
v17.0.2
v17.0.1
v17.0.0
FEATURES:
- Add ability to use Security Groups as source for private endpoint access (#1274)
- Define Root device name for Windows self-managed worker groups (#1401)
- Drop random pets from Managed Node Groups (#1372)
- Add multiple selectors on the creation of Fargate profile (#1378)
- Rename
config_output_pathintokubeconfig_output_pathfor naming consistency (#1399) - Kubeconfig file should not be world or group readable by default (#1114)
- Add tags on network interfaces (#1362)
- Add instance store volume option for instances with local disk (#1213)
BUG FIXES:
- Add back
depends_onfordata.wait_for_cluster(#1389)
DOCS:
- Clarify about the
cluster_endpoint_private_access_cidrsusage (#1400) - Add KMS aliases handling to IAM permissions (#1288)
BREAKING CHANGES:
- The private endpoint security group rule has been renamed to allow the use of CIDR blocks and Security Groups as source. This will delete the
cluster_private_accessSecurity Group Rule for existing cluster. Please rename byaws_security_group_rule.cluster_private_access[0]intoaws_security_group_rule.cluster_private_access_cidrs_source[0]. - We now decided to remove
random_petresources in Managed Node Groups (MNG). Those were used to recreate MNG if something change and also simulate the newly added argumentnode_group_name_prefix. But they were causing a lot of troubles. To upgrade the module without recreating your MNG, you will need to explicitly reuse their previous name and set them in your MNGnameargument. Please see upgrade docs for more details. - To support multiple selectors for Fargate profiles, we introduced the
selectorsargument which is a list of map. This will break previous configuration with a single selectornamespaceandlabels. You'll need to rewrite your configuration to use theselectorsargument. See examples dans docs for details. - The variable
config_output_pathis renamed intokubeconfig_output_pathfor naming consistency. Please upgrade your configuration accordingly.
NOTES:
- Since we now search only for Linux or Windows AMI if there is a worker groups for the corresponding plateform, we can now define different default root block device name for each plateform. Use locals
root_block_device_nameandroot_block_device_name_windowsto define your owns. - The kubeconfig file permission is not world and group readable anymore. The default permission is now
600. This value can be changed with the variablevar.kubeconfig_file_permission.
v16.2.0
v16.1.0
FEATURES:
- Search for Windows or Linux AMIs only if they are needed (#1371)
BUG FIXES:
- Set an ASG's launch template version to an explicit version to automatically trigger instance refresh (#1370)
- Add description for private API ingress Security Group Rule (#1299)
DOCS:
NOTES:
- Set an ASG's launch template version to an explicit version automatically. This will ensure that an instance refresh will be triggered whenever the launch template changes. The default
launch_template_versionis now used to determine the latest or default version of the created launch template for self-managed worker groups.
v16.0.1
v16.0.0
FEATURES:
- Add support for Auto Scaling Group Instance Refresh for self-managed worker groups (#1224)
- Drop
asg_recreate_on_changefeature to encourage the usage of Instance Refresh for EC2 Auto Scaling (#1360) - Add timeout of 5mn when waiting for cluster (#1359)
- Remove dependency on deprecated
hashicorp/templateprovider (#1297) - Replace the local-exec script with a http datasource for waiting cluster (#1339)
BUG FIXES:
- Remove provider from required providers (#1357)
- Bump AWS provider version to add Warm Pool support (#1340)
CI:
- Bump terraform-docs to 0.13 (#1335)
BREAKING CHANGES:
- This module used
random_petresources to create a random name for the autoscaling group to force the autoscaling group to be re-created when the launch configuration or launch template was changed (ifrecreate_asg_when_lc_changes = truewas set), causing the instances to be removed and re-provisioned each time there was an update. Those random_pet resources has been removed and in its place there is now a set of functionality provided by AWS and the Terraform AWS provider - Instance Refresh. We encourage those users to move on Instance Refresh for EC2 Auto Scaling. - We remove the dependency on the deprecated
hashicorp/templateprovider and use the Terraform built intemplatefilefunction. This will broke some workflows due to previously being able to pass in the raw contents of a template file for processing. Thetemplatefilefunction requires a template file that exists before running a plan.
NOTES:
- Using the terraform-aws-modules/http provider is a more platform agnostic way to wait for the cluster availability than using a local-exec. With this change we're able to provision EKS clusters and manage the
aws_authconfigmap while still using thehashicorp/tfc-agentdocker image.
v15.2.0
FEATURES:
- Add tags on additional IAM resources like IAM policies, instance profile, OIDC provider (#1321)
- Allow to override cluster and workers egress CIDRs (#1237)
- Allow to specify the managed cluster IAM role name (#1199)
- Add support for ASG Warm Pools (#1310)
- Add support for specifying elastic inference accelerator (#1176)
- Create launch template for Managed Node Groups (#1138)
BUG FIXES:
- Replace
listwithtolistfunction for working with terraform v0.15.0 (#1317) - Limit cluster_name when creating fargate IAM Role (#1270)
- Add mission metadata block for launch configuration (#1301)
- Add missing IAM permission for NLB with EIPs (#1226)
- Change back the default disk type to
gp2(#1208)
DOCS:
- Update helm instructions for irsa example (#1251)