Update Terraform cloudposse/cloudfront-s3-cdn/aws to v1 - autoclosed by renovate[bot] · Pull Request #8 · flmesh/gha-testing

renovate · 2025-08-13T08:10:09Z

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/cloudfront-s3-cdn/aws (source)	module	major	`0.97.0` → `1.1.1`

Release Notes

cloudposse/terraform-aws-cloudfront-s3-cdn (cloudposse/cloudfront-s3-cdn/aws)

`v1.1.1`

Compare Source

docs: clarify distribution comment is the description @oycyc (#353)

The comment corresponds to the description on the AWS console UI! Updating the text here so it's more easily aware.

Generate readme for submodules @goruha (#362)

what

Generate readme for submodules

why

Allow all to keep the README updated

references

https://linear.app/cloudposse/issue/DEV-3521/make-cicd-workflow-support-readmes-in-modules-subfolders

`v1.1.0`

Compare Source

fix: error: No more than 1 "s3_origin_config" blocks are allowed @Eyjafjallajokull (#359)

what

Fixed No more than 1 s3_origin_config blocks are allowed error when using multiple S3 origins with origin access identity enabled
Changed for_each from iterating over var.s3_origins to using [1] to create a single s3_origin_config block

why

AWS CloudFront only allows one s3_origin_config block per origin
The previous implementation incorrectly created multiple blocks when multiple S3 origins were configured

references

fixes #325

to reproduce error

in examples/complete/main.tf#L102 replace origin_access_control with origin_access_identity
https://github.com/Eyjafjallajokull/terraform-aws-cloudfront-s3-cdn/blob/96703043867c986ff3fc1550448118111a9f5659/examples/complete/main.tf#L102
terraform plan fails with the above error.

`v1.0.1`

Compare Source

🚀 Enhancements

fix: Resolve unsupported attribute error in S3 website block @jwadolowski (#358)

what

Restore lookup() calls in main.tf to address the website_enabled = true use case that was broken when #340 replaced them with explicit variable calls to avoid silent default value assignments. Additionally includes corresponding module instances in the test suite.

why

website_enabled = true implies a reference to 2 mutually exclusive configurations defined as the local.website_config variable. In the default case, index_document, error_document, and routing_rules elements exist, but redirect_all_requests_to does not, which leads to the following error:

╷
│ Error: Unsupported attribute
│
│   on ../../main.tf line 325, in resource "aws_s3_bucket" "origin":
│  325:       redirect_all_requests_to = website.value.redirect_all_requests_to
│     ├────────────────
│     │ website.value is object with 3 attributes
│
│ This object does not have an attribute named "redirect_all_requests_to".
╵

Similarly, website_enabled = true combined with redirect_all_requests_to = "https://example.com" would result in missing references to the index_document, error_document, and routing_rules fields.

All in all, in this particular case, the lookup() usage is definitely justified and does not mean a silent/hidden injection of a variable default.

references

resolves #354

`v1.0.0`

Compare Source

feat: Backport cloudposse/cloudfront-cdn/aws improvements @jwadolowski (#340)

what

Backport of the following cloudposse/terraform-aws-cloudfront-cdn improvements:

Detailed breakdown:

aws_s3_bucket_cors_configuration is deployed only when at least one CORS origin is defined (examples/complete/minimal.tf fails if this isn't handled)
don't use lookup() (or any other default variable value fallback method) - all defaults should be defined in the variables.tf file
wrap optional variables with optional() and provide sane defaults (in most cases that'd be empty string/list/null or predefined AWS default when applicable, e.g. timeout values)
default origin
- add origin_keepalive_timeout and origin_read_timeout
custom origin improvements
- enable shield configuration
custom s3 origins
- allow for shield configuration
- fix origin_access_control_id assignment (origin.value.s3_origin_config.origin_access_control_id doesn't exist, but origin.value.origin_access_control_id does)
ordered cache improvements
- gRPC support
cookie block should set whitelisted_names param only when forward=whitelist (in all other cases, all and none, the whitelisted_names is automatically set to null)

why

Both CloudPosse CDN modules should stay in sync (feature-wise) and leverage the same set of improvements.

references

~~includes #347 to re-generate docs after changes. #347 should get merged first~~

`v0.98.2`

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/s3-log-storage/aws to v1.4.5 (release/v0) @[renovate[bot]](https://redirect.github.com/apps/renovate) (#351)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/s3-log-storage/aws (source)	module	patch	`1.4.2` -> `1.4.5`

Release Notes

cloudposse/terraform-aws-s3-log-storage (cloudposse/s3-log-storage/aws)

`v1.4.5`

Compare Source

🚀 Enhancements

fix: remove join calls on bucket arn + id usage @carterdanko-dw (#125)

what

Initially put the wrong values for coditions, just needs to be a list
Bucket should be single resource vs joining on a list.

references

issue #122

🐛 Bug Fixes

fix: remove join calls on bucket arn + id usage @carterdanko-dw (#125)

what

Initially put the wrong values for coditions, just needs to be a list
Bucket should be single resource vs joining on a list.

references

issue #122

`v1.4.4`

Compare Source

🚀 Enhancements

Issue-122/Values expect list of strings vs string @carterdanko-dw (#123)

what

Updating the sqs iam permissions, as the values expects to be a list of strings vs just the single string arn that is the output of the module.

why

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam\\_policy\\_document#condition-1 expects to be a list of strings, vs just the single string arn of the s3 bucket.

references

Github issue #122

🐛 Bug Fixes

Issue-122/Values expect list of strings vs string @carterdanko-dw (#123)

what

Updating the sqs iam permissions, as the values expects to be a list of strings vs just the single string arn that is the output of the module.

why

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam\\_policy\\_document#condition-1 expects to be a list of strings, vs just the single string arn of the s3 bucket.

references

Github issue #122

🤖 Automatic Updates

Migrate new test account @osterman (#119)

what

Update .github/settings.yml
Update .github/chatops.yml files

why

Re-apply .github/settings.yml from org level to get terratest environment
Migrate to new test account

References

DEV-388 Automate clean up of test account in new organization
DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
DEV-386 Update terratest to use new testing account with GitHub OIDC

Update .github/settings.yml @osterman (#118)

what

Update .github/settings.yml
Drop .github/auto-release.yml files

why

Re-apply .github/settings.yml from org level
Use organization level auto-release settings

references

DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update .github/settings.yml @osterman (#112)

what

Update .github/settings.yml
Drop .github/auto-release.yml files

why

Re-apply .github/settings.yml from org level
Use organization level auto-release settings

references

DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update .github/settings.yml @osterman (#111)

what

Update .github/settings.yml
Drop .github/auto-release.yml files

why

Re-apply .github/settings.yml from org level
Use organization level auto-release settings

references

DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update release workflow to allow pull-requests: write @osterman (#110)

what

Update workflow (.github/workflows/release.yaml) to have permission to comment on PR

why

So we can support commenting on PRs with a link to the release

Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#109)

what

Update workflows (.github/workflows) to use shared workflows from .github repo

why

Reduce nested levels of reusable workflows

Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#108)

what

Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action

why

The ReviewDog action will comment with line-level suggestions based on linting failures

Update GitHub workflows @osterman (#107)

what

Update workflows (.github/workflows/settings.yaml)

why

Support new readme generation workflow.
Generate banners

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#106)

what

Install latest GitHub Action Workflows

why

Use shared workflows from cldouposse/.github repository
Simplify management of workflows from centralized hub of configuration

Add GitHub Settings @osterman (#104)

what

Install a repository config (.github/settings.yaml)

why

Programmatically manage GitHub repo settings

Update README.md and docs @cloudpossebot (#99)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update Scaffolding @osterman (#100)

what

Reran make readme to rebuild README.md from README.yaml
Migrate to square badges
Add scaffolding for repo settings and Mergify

why

Upstream template changed in the .github repo
Work better with repository rulesets
Modernize look & feel

`v1.4.3`

Compare Source

🤖 Automatic Updates

Update Terraform cloudposse/s3-bucket/aws to v3.1.3 (main) @renovate (#95)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/s3-bucket/aws (source)	module	patch	`3.1.2` -> `3.1.3`

Release Notes

cloudposse/terraform-aws-s3-bucket (cloudposse/s3-bucket/aws)

`v3.1.3`

Compare Source

Unfortunately, this change makes count unknown at plan time in certain situations. In general, you cannot use the output of compact() in count.

The solution is to stop using the deprecated policy input and revert to 3.1.2 or upgrade to 4.0.

🚀 Enhancements

Fix `source_policy_documents` combined with `var.policy` being ignored @&#8203;johncblandii (#&#8203;201)

what

Changed var.source_policy_documents to local.source_policy_documents so var.policy usage was still supported

why

The ternary check uses var,source_policy_documents so var.policy being combined with var.source_policy_documents into local.source_policy_documents does not provide true for the ternary to execute

references

https://github.com/cloudposse/terraform-aws-config-storage/pull/39

Update README.md and docs @cloudpossebot (#94)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

`v0.98.1`

Compare Source

fix(lambda@edge): Add support for doc auto-generation with atmos @jwadolowski (#347)

what

README.md generation support with atmos CLI.

why

#342 replaced Makefile with atmos.yaml for the main module, but Lambda@Edge submodule got overlooked.

references

#342

🤖 Automatic Updates

Fix go version in tests @osterman (#343)

what

Update go 1.24

why

Error loading shared library libresolv.so.2 in Go 1.20

References

Replace Makefile with atmos.yaml @osterman (#342)

what

Remove Makefile
Add atmos.yaml

why

Replace build-harness with atmos for readme genration

References

DEV-3229 Migrate from build-harness to atmos

`v0.98.0`

Compare Source

fix: terratest w/ go updates @oycyc (#337)

Not familiar with how Go works, but following the suggestions to update packages looks to fix the tests in this repository!

The commands I executed per @Nuru 's suggestion on Slack:

cd test/src
go get -u ./... [github.com/gruntwork-io/terratest](http://github.com/gruntwork-io/terratest) [github.com/stretchr/testify](http://github.com/stretchr/testify) go@1.23
go mod tidy

Slack thread here on CloudPosse: https://sweetops.slack.com/archives/G014YEKDH4K/p1748635698940509?thread_ts=1746672149.263629&cid=G014YEKDH4K

🚀 Enhancements

replace TLSv1.2_2019 with TLSv1.2_2021 as default policy @jamerply (#294)

what

This PR updates the mimimum_protocol_version variable so that it defaults to TLSv1.2_2021 (the current recommended security policy recommended by AWS) instead of TLSv1.2_2019.

why

The most current security policy is no longer TLSv1.2_2019 but is TLSv1.2_2021.

references

See the "Security Policy" heading under the "Distribution Setting" section of the AWS CloudFront Documentation for further information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate Bot force-pushed the renovate/cloudposse-cloudfront-s3-cdn-aws-1.x branch from f792fe2 to 420ceb5 Compare September 14, 2025 15:49

renovate Bot force-pushed the renovate/cloudposse-cloudfront-s3-cdn-aws-1.x branch from 420ceb5 to df16446 Compare October 23, 2025 20:10

Update Terraform cloudposse/cloudfront-s3-cdn/aws to v1

8c1f23a

renovate Bot force-pushed the renovate/cloudposse-cloudfront-s3-cdn-aws-1.x branch from df16446 to 8c1f23a Compare January 10, 2026 10:35

renovate Bot changed the title ~~Update Terraform cloudposse/cloudfront-s3-cdn/aws to v1~~ Update Terraform cloudposse/cloudfront-s3-cdn/aws to v1 - autoclosed Jan 16, 2026

renovate Bot closed this Jan 16, 2026

renovate Bot deleted the renovate/cloudposse-cloudfront-s3-cdn-aws-1.x branch January 16, 2026 20:07

Conversation

renovate Bot commented Aug 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

what

why

references

what

why

references

to reproduce error

🚀 Enhancements

what

why

references

what

why

references

🤖 Automatic Updates

Release Notes

🚀 Enhancements

what

references

🐛 Bug Fixes

what

references

🚀 Enhancements

what

why

references

🐛 Bug Fixes

what

why

references

🤖 Automatic Updates

what

why

References

what

why

references

what

why

references

what

why

references

what

why

what

why

what

why

what

why

what

why

what

why

what

why

what

why

🤖 Automatic Updates

Release Notes

🚀 Enhancements

what

why

references

what

why

Configuration

what

why

references

🤖 Automatic Updates

what

why

References

what

renovate Bot commented Aug 13, 2025 •

edited

Loading