Releases: terraform-aws-modules/terraform-aws-eks
Releases · terraform-aws-modules/terraform-aws-eks
v11.0.0
FEATURES:
- Add instance tag specifications to Launch Template (#822)
- Add support for additional volumes in launch templates and launch configurations (#800)
- Add interpreter option to
wait_for_cluster_cmd(#795)
ENHANCEMENTS:
- Use
aws_partitionto build IAM policy ARNs (#820) - Generate
aws-authconfigmap's roles from Object. No more string concat. (#790) - Add timeout to default wait_for_cluster_cmd (#791)
- automate changelog management (#786)
BUG FIXES:
- Fix destroy failure when talking to EKS endpoint on private network (#815)
- add ip address when manage_aws_auth is true and public_access is false (#745)
- Add node_group direct dependency on eks_cluster (#796)
- Do not recreate cluster when no SG given (#798)
- Create
falseand avoid waiting forever for a non-existent cluster to respond (#789) - fix git-chglog template to format changelog
Typenicely (#803) - fix git-chglog configuration (#802)
CI:
- Restrict sementic PR to validate PR title only (#804)
TESTS:
- remove unused kitchen test related stuff (#787)
v10.0.0
BREAKING CHANGES:
- Added support for EKS 1.15 (by @sc250024)
ENHANCEMENTS:
- Ensuring that ami lookup hierarchy is worker_group_launch_templates and worker_groups -> worker_group_defaults -> and finally aws ami lookup (by @ck3mp3r)
- Adding
encryptedoption to worker's root_block_device as read from the worker configurations (by @craig-rueda) - Add support for ASG max instance lifetime (by @sidprak)
- Add
default_cooldownandhealth_check_grace_periodoptions to workers ASG (by @ArieLevs) - Add support for envelope encryption of Secrets (by @babilen5)
BUG FIXES:
- Fix issue with terraform plan phase when IRSA was enabled and create_eks switches to false (by @daroga0002)
- Remove obsolete assumption from README (kubectl & aws-iam-authenticator) (by @pierresteiner)
- Fix doc about spot instances, cluster-autoscaler should be scheduled on normal instances instead of spot (by @simowaer)
- Use correct policy arns for CN regions (cn-north-1, cn-northwest-1) (by @cofyc)
- Fix support for ASG max instance lifetime for workers (by @barryib)
NOTES:
From EKS 1.15, the VPC tag kubernetes.io/cluster/<cluster-name>: shared is no longer required. So we dropped those tags from exemples.
v9.0.0
- Breaking: Removal of autoscaling IAM policy and tags (by @max-rocket-internet)
- Revert #631. Add back manage security group flags. (by @ryanooi)
- Changed timeout for creating EKS (by @confiq)
- Added instructions for how to add Windows nodes (by @ivanguravel)
- [CI] Switch
Validategithub action to use env vars (by @max-rocket-internet) - [CI] Bump pre-commit-terraform version (by @barryib)
- Added example
examples/irsafor IAM Roles for Service Accounts (by @max-rocket-internet) - Add
iam:{Create,Delete,Get}OpenIDConnectProvidergrants to the list of required IAM permissions indocs/iam-permissions.md(by @danielelisi) - Add a
nameparameter to be able to manually name EKS Managed Node Groups (by @splieth) - Pinned kubernetes provider version to exactly 1.10.0 across all examples and README.md's (by @andres-de-castro)
- Change variable default
wait_for_cluster_cmdfrom curl to wget (by @daroga0002)
v8.2.0
- Include ability to configure custom os-specific command for waiting until kube cluster is healthy (@sanjeevgiri)
- Disable creation of ingress rules if worker nodes security groups are exists (@andjelx)
- [CI] Update pre-commit and re-generate docs to work with terraform-docs >= 0.8.1 (@barryib)
Just a small release
Node groups, IRSA, k8s provider, wow🔥
🔥 There's many changes in this release including 2 breaking changes 🔥
Now we use the Kubernetes Terraform provider for managing the aws-auth configmap.
Managed Node Groups are now released. Please bear in mind this feature is not only new this module but also EKS. There's still quite a few basic features not supported.
If you have problems and see unexpected plan output then be sure to consult the changelog for this release to see how or why this might be.
This release took way too long to create and we know we must release at a faster pace 🏎
There's some good discussion about the future of this module in #635
A few bug fixes 💅
- Test against minimum versions specified in
versions.tf(by @dpiddockcmp) - Updated
instance_profile_namesandinstance_profile_arnsoutputs to also consider launch template as well as asg (by @ankitwal) - Fix broken terraform plan/apply on a cluster < 1.14 (by @hodduc)
- Updated application of
aws-authconfigmap to createkube_config.yamlandaws_auth_configmap.yamlin sequence (and not parallel) tokubectl apply(by @knittingdev)
Windows support 🚀
Added
- Breaking: Allow for specifying a custom AMI for the worker nodes. (by @bmcstdio)
- Added support for Windows workers AMIs (by @hodduc)
- Allow for replacing the full userdata text with a
userdata_template_filetemplate anduserdata_template_extra_argsinworker_groups(by @snstanton) - Write your awesome addition here (by @you)
Changed
- Breaking: The
kubectlconfiguration file can now be fully-specified usingconfig_output_path. Previously it was assumed thatconfig_output_pathreferred to a directory and always ended with a forward slash. This is a breaking change ifconfig_output_pathdoes not end with a forward slash (which was advised against by the documentation). - Changed logic for setting default ebs_optimized to only require maintaining a list of instance types that don't support it (by @jeffmhastings)
- Bumped minimum terraform version to 0.12.2 to prevent an error on yamlencode function (by @toadjaune)
- Access conditional resource using join function in combination with splat syntax (by @miguelaferreira)
v6.0.2
Added
- Added
tagstoaws_eks_clusterintroduced by terraform-provider-aws 2.31.0 (by @morganchristiansson)
Changed
- Add option to enable lifecycle hooks creation (by @barryib)
- Remove helm chart value
sslCertPathdescribed indocs/autoscaling.md(by @wi1dcard) - Attaching of IAM policies for autoscaler and CNI to the worker nodes now optional (by @dpiddockcmp)