chore(deps): update all minor dependencies#1114
Open
renovate[bot] wants to merge 1 commit intomainfrom
Open
Conversation
renovate
bot
force-pushed
the
renovate/all-minor
branch
8 times, most recently
from
de09a7e to
2294924
Compare
renovate
bot
force-pushed
the
renovate/all-minor
branch
8 times, most recently
from
fe85611 to
4b694d8
Compare
renovate
bot
force-pushed
the
renovate/all-minor
branch
9 times, most recently
from
1efc618 to
b309212
Compare
renovate
bot
force-pushed
the
renovate/all-minor
branch
from
b309212 to
c8deb28
Compare
renovate
bot
force-pushed
the
renovate/all-minor
branch
7 times, most recently
from
028d6ba to
7142e52
Compare
renovate
bot
force-pushed
the
renovate/all-minor
branch
7 times, most recently
from
88b3752 to
988dc04
Compare
renovate
bot
force-pushed
the
renovate/all-minor
branch
7 times, most recently
from
559f4c9 to
853a240
Compare
Staging: network✅ Terraform Init: Plan: 1 to move, 19 to add, 6 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
+ create
~ update in-place
Terraform will perform the following actions:
# aws_cloudwatch_log_group.forms will be created
+ resource "aws_cloudwatch_log_group" "forms" {
+ arn = (known after apply)
+ deletion_protection_enabled = (known after apply)
+ id = (known after apply)
+ kms_key_id = "arn:aws:kms:ca-central-1:687401027353:key/c5c2a1c2-c092-4fa1-8daf-3414f3511b1d"
+ log_group_class = (known after apply)
+ name = "Network-Firewall"
+ name_prefix = (known after apply)
+ region = "ca-central-1"
+ retention_in_days = 14
+ skip_destroy = false
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Terraform" = "true"
}
}
# aws_nat_gateway.forms[0] will be updated in-place
~ resource "aws_nat_gateway" "forms" {
id = "nat-0bc32e0a102af6307"
+ regional_nat_gateway_address = (known after apply)
tags = {
"Name" = "forms NAT GW"
}
# (14 unchanged attributes hidden)
}
# aws_nat_gateway.forms[1] will be updated in-place
~ resource "aws_nat_gateway" "forms" {
id = "nat-0e15bed048be78449"
+ regional_nat_gateway_address = (known after apply)
tags = {
"Name" = "forms NAT GW"
}
# (14 unchanged attributes hidden)
}
# aws_nat_gateway.forms[2] will be updated in-place
~ resource "aws_nat_gateway" "forms" {
id = "nat-0baf8923e7bdf4142"
+ regional_nat_gateway_address = (known after apply)
tags = {
"Name" = "forms NAT GW"
}
# (14 unchanged attributes hidden)
}
# aws_networkfirewall_firewall.forms will be created
+ resource "aws_networkfirewall_firewall" "forms" {
+ arn = (known after apply)
+ availability_zone_change_protection = false
+ delete_protection = true
+ description = "Firewall limiting outbound traffic. WAF handles inbound"
+ firewall_policy_arn = (known after apply)
+ firewall_status = (known after apply)
+ id = (known after apply)
+ name = "GCForms"
+ region = "ca-central-1"
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Terraform" = "true"
}
+ transit_gateway_owner_account_id = (known after apply)
+ update_token = (known after apply)
+ vpc_id = "vpc-0ad5b3739860129d0"
+ availability_zone_mapping (known after apply)
+ subnet_mapping {
+ ip_address_type = "IPV4"
+ subnet_id = "subnet-02f5e1518cb9b8687"
}
+ subnet_mapping {
+ ip_address_type = "IPV4"
+ subnet_id = "subnet-04d5fe34c570252ad"
}
+ subnet_mapping {
+ ip_address_type = "IPV4"
+ subnet_id = "subnet-0db171c9d80cdcc04"
}
}
# aws_networkfirewall_firewall_policy.forms will be created
+ resource "aws_networkfirewall_firewall_policy" "forms" {
+ arn = (known after apply)
+ id = (known after apply)
+ name = "forms"
+ region = "ca-central-1"
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Terraform" = "true"
}
+ update_token = (known after apply)
+ firewall_policy {
+ stateless_default_actions = [
+ "aws:forward_to_sfe",
]
+ stateless_fragment_default_actions = [
+ "aws:forward_to_sfe",
]
+ stateful_rule_group_reference {
+ deep_threat_inspection = (known after apply)
+ resource_arn = (known after apply)
}
}
}
# aws_networkfirewall_logging_configuration.forms will be created
+ resource "aws_networkfirewall_logging_configuration" "forms" {
+ enable_monitoring_dashboard = true
+ firewall_arn = (known after apply)
+ id = (known after apply)
+ region = "ca-central-1"
+ logging_configuration {
+ log_destination_config {
+ log_destination = {
+ "logGroup" = "Network-Firewall"
}
+ log_destination_type = "CloudWatchLogs"
+ log_type = "ALERT"
}
}
}
# aws_networkfirewall_rule_group.general will be created
+ resource "aws_networkfirewall_rule_group" "general" {
+ arn = (known after apply)
+ capacity = 10
+ description = "Only allow web traffic and deny everything else"
+ id = (known after apply)
+ name = "general"
+ region = "ca-central-1"
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Terraform" = "true"
}
+ type = "STATEFUL"
+ update_token = (known after apply)
+ rule_group {
+ rules_source {
+ stateful_rule {
+ action = "PASS"
+ header {
+ destination = "172.16.48.0/20"
+ destination_port = "ANY"
+ direction = "FORWARD"
+ protocol = "HTTP"
+ source = "ANY"
+ source_port = "ANY"
}
+ rule_option {
+ keyword = "sid"
+ settings = [
+ "1",
]
}
}
+ stateful_rule {
+ action = "PASS"
+ header {
+ destination = "172.16.64.0/20"
+ destination_port = "ANY"
+ direction = "FORWARD"
+ protocol = "HTTP"
+ source = "ANY"
+ source_port = "ANY"
}
+ rule_option {
+ keyword = "sid"
+ settings = [
+ "2",
]
}
}
+ stateful_rule {
+ action = "PASS"
+ header {
+ destination = "172.16.80.0/20"
+ destination_port = "ANY"
+ direction = "FORWARD"
+ protocol = "HTTP"
+ source = "ANY"
+ source_port = "ANY"
}
+ rule_option {
+ keyword = "sid"
+ settings = [
+ "3",
]
}
}
+ stateful_rule {
+ action = "ALERT"
+ header {
+ destination = "ANY"
+ destination_port = "ANY"
+ direction = "FORWARD"
+ protocol = "IP"
+ source = "172.16.48.0/20"
+ source_port = "ANY"
}
+ rule_option {
+ keyword = "sid"
+ settings = [
+ "4",
]
}
}
+ stateful_rule {
+ action = "ALERT"
+ header {
+ destination = "ANY"
+ destination_port = "ANY"
+ direction = "FORWARD"
+ protocol = "IP"
+ source = "172.16.64.0/20"
+ source_port = "ANY"
}
+ rule_option {
+ keyword = "sid"
+ settings = [
+ "5",
]
}
}
+ stateful_rule {
+ action = "ALERT"
+ header {
+ destination = "ANY"
+ destination_port = "ANY"
+ direction = "FORWARD"
+ protocol = "IP"
+ source = "172.16.80.0/20"
+ source_port = "ANY"
}
+ rule_option {
+ keyword = "sid"
+ settings = [
+ "6",
]
}
}
+ stateful_rule {
+ action = "DROP"
+ header {
+ destination = "ANY"
+ destination_port = "ANY"
+ direction = "ANY"
+ protocol = "IP"
+ source = "ANY"
+ source_port = "ANY"
}
+ rule_option {
+ keyword = "sid"
+ settings = [
+ "7",
]
}
}
}
}
}
# aws_route.ig[0] will be created
+ resource "aws_route" "ig" {
+ destination_cidr_block = "172.16.48.0/20"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ region = "ca-central-1"
+ route_table_id = (known after apply)
+ state = (known after apply)
+ vpc_endpoint_id = (known after apply)
}
# aws_route.ig[1] will be created
+ resource "aws_route" "ig" {
+ destination_cidr_block = "172.16.64.0/20"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ region = "ca-central-1"
+ route_table_id = (known after apply)
+ state = (known after apply)
+ vpc_endpoint_id = (known after apply)
}
# aws_route.ig[2] will be created
+ resource "aws_route" "ig" {
+ destination_cidr_block = "172.16.80.0/20"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ region = "ca-central-1"
+ route_table_id = (known after apply)
+ state = (known after apply)
+ vpc_endpoint_id = (known after apply)
}
# aws_route_table.firewall will be created
+ resource "aws_route_table" "firewall" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ region = "ca-central-1"
+ route = [
+ {
+ cidr_block = "0.0.0.0/0"
+ gateway_id = "igw-0aca6f076a25af86f"
# (11 unchanged attributes hidden)
},
]
+ tags = {
+ "Name" = "Firewall Inspection Route Table"
}
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Name" = "Firewall Inspection Route Table"
+ "Terraform" = "true"
}
+ vpc_id = "vpc-0ad5b3739860129d0"
}
# aws_route_table.forms_public_subnet[0] will be updated in-place
# (moved from aws_route_table.forms_public_subnet)
~ resource "aws_route_table" "forms_public_subnet" {
id = "rtb-03b4c5e3b272ae847"
~ route = [
- {
- cidr_block = "0.0.0.0/0"
- gateway_id = "igw-0aca6f076a25af86f"
# (11 unchanged attributes hidden)
},
+ {
+ cidr_block = "0.0.0.0/0"
+ vpc_endpoint_id = (known after apply)
# (11 unchanged attributes hidden)
},
]
~ tags = {
~ "Name" = "Public Subnet Route Table" -> "Public Subnet Route Table 0"
}
~ tags_all = {
~ "Name" = "Public Subnet Route Table" -> "Public Subnet Route Table 0"
# (2 unchanged elements hidden)
}
# (5 unchanged attributes hidden)
}
# aws_route_table.forms_public_subnet[1] will be created
+ resource "aws_route_table" "forms_public_subnet" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ region = "ca-central-1"
+ route = [
+ {
+ cidr_block = "0.0.0.0/0"
+ vpc_endpoint_id = (known after apply)
# (11 unchanged attributes hidden)
},
]
+ tags = {
+ "Name" = "Public Subnet Route Table 1"
}
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Name" = "Public Subnet Route Table 1"
+ "Terraform" = "true"
}
+ vpc_id = "vpc-0ad5b3739860129d0"
}
# aws_route_table.forms_public_subnet[2] will be created
+ resource "aws_route_table" "forms_public_subnet" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ region = "ca-central-1"
+ route = [
+ {
+ cidr_block = "0.0.0.0/0"
+ vpc_endpoint_id = (known after apply)
# (11 unchanged attributes hidden)
},
]
+ tags = {
+ "Name" = "Public Subnet Route Table 2"
}
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Name" = "Public Subnet Route Table 2"
+ "Terraform" = "true"
}
+ vpc_id = "vpc-0ad5b3739860129d0"
}
# aws_route_table.ig will be created
+ resource "aws_route_table" "ig" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ region = "ca-central-1"
+ route = (known after apply)
+ tags = {
+ "Name" = "Internet Gateway Ingress Route Table"
}
+ tags_all = {
+ "CostCentre" = "forms-platform-staging"
+ "Name" = "Internet Gateway Ingress Route Table"
+ "Terraform" = "true"
}
+ vpc_id = "vpc-0ad5b3739860129d0"
}
# aws_route_table_association.firewall[0] will be created
+ resource "aws_route_table_association" "firewall" {
+ id = (known after apply)
+ region = "ca-central-1"
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# aws_route_table_association.firewall[1] will be created
+ resource "aws_route_table_association" "firewall" {
+ id = (known after apply)
+ region = "ca-central-1"
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# aws_route_table_association.firewall[2] will be created
+ resource "aws_route_table_association" "firewall" {
+ id = (known after apply)
+ region = "ca-central-1"
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# aws_route_table_association.forms[1] will be updated in-place
~ resource "aws_route_table_association" "forms" {
id = "rtbassoc-0e5879abdca260c20"
~ route_table_id = "rtb-03b4c5e3b272ae847" -> (known after apply)
# (3 unchanged attributes hidden)
}
# aws_route_table_association.forms[2] will be updated in-place
~ resource "aws_route_table_association" "forms" {
id = "rtbassoc-0a9fdbbde3ccedb67"
~ route_table_id = "rtb-03b4c5e3b272ae847" -> (known after apply)
# (3 unchanged attributes hidden)
}
# aws_route_table_association.ig will be created
+ resource "aws_route_table_association" "ig" {
+ gateway_id = "igw-0aca6f076a25af86f"
+ id = (known after apply)
+ region = "ca-central-1"
+ route_table_id = (known after apply)
}
# aws_subnet.firewall[0] will be created
+ resource "aws_subnet" "firewall" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "ca-central-1a"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.16.112.0/28"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ region = "ca-central-1"
+ tags = {
+ "Access" = "public"
+ "Name" = "Firewall Subnet"
}
+ tags_all = {
+ "Access" = "public"
+ "CostCentre" = "forms-platform-staging"
+ "Name" = "Firewall Subnet"
+ "Terraform" = "true"
}
+ vpc_id = "vpc-0ad5b3739860129d0"
}
# aws_subnet.firewall[1] will be created
+ resource "aws_subnet" "firewall" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "ca-central-1b"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.16.112.16/28"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ region = "ca-central-1"
+ tags = {
+ "Access" = "public"
+ "Name" = "Firewall Subnet"
}
+ tags_all = {
+ "Access" = "public"
+ "CostCentre" = "forms-platform-staging"
+ "Name" = "Firewall Subnet"
+ "Terraform" = "true"
}
+ vpc_id = "vpc-0ad5b3739860129d0"
}
# aws_subnet.firewall[2] will be created
+ resource "aws_subnet" "firewall" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "ca-central-1d"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.16.112.32/28"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ region = "ca-central-1"
+ tags = {
+ "Access" = "public"
+ "Name" = "Firewall Subnet"
}
+ tags_all = {
+ "Access" = "public"
+ "CostCentre" = "forms-platform-staging"
+ "Name" = "Firewall Subnet"
+ "Terraform" = "true"
}
+ vpc_id = "vpc-0ad5b3739860129d0"
}
Plan: 19 to add, 6 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_default_network_acl.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_default_security_group.default"]
WARN - plan.json - main - Missing Common Tags: ["aws_eip.forms_natgw[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_eip.forms_natgw[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_eip.forms_natgw[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_flow_log.vpc_flow_logs[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_internet_gateway.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_nat_gateway.forms[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_nat_gateway.forms[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_nat_gateway.forms[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_networkfirewall_firewall.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_networkfirewall_firewall_policy.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_networkfirewall_rule_group.general"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.firewall"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_private_subnet[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_private_subnet[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_private_subnet[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_public_subnet[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_public_subnet[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_public_subnet[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.ig"]
WARN - plan.json - main - Missing Common Tags: ["aws_security_group.api_ecs"]
WARN - plan.json - main - Missing Common Tags: ["aws_security_group.api_end_to_end_test_lambda"]
WARN -... |
Staging: load_balancer❌ Terraform Init: Show Init resultsInitializing the backend...
Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing modules...
Downloading git::https://github.com/cds-snc/terraform-modules.git?ref=v5.1.11 for waf_ip_blocklist...
�[0;90m17:18:13.538�[0m �[0;32mINFO �[0m Downloading Terraform configurations from ../../../aws into ./.terragrunt-cache/8CJu3E6tls1VOlHT6vQAFFRgrcQ/-syjFrdAaB-6kNXhMmF1nXBOp7o
Error: Failed to expand subdir globs
subdir "waf_ip_blocklist" not found
�[0;90m17:18:15.056�[0m �[0;31mERROR �[0m error occurred:
* Failed to execute "terraform init -no-color" in ./.terragrunt-cache/8CJu3E6tls1VOlHT6vQAFFRgrcQ/-syjFrdAaB-6kNXhMmF1nXBOp7o/load_balancer
Error: Failed to expand subdir globs
subdir "waf_ip_blocklist" not found
exit status 1
Show Validate resultsError: Failed to expand subdir globs
subdir "waf_ip_blocklist" not found
�[0;90m17:18:19.497�[0m �[0;31mERROR �[0m error occurred:
* Failed to execute "terraform init -no-color" in ./.terragrunt-cache/8CJu3E6tls1VOlHT6vQAFFRgrcQ/-syjFrdAaB-6kNXhMmF1nXBOp7o/load_balancer
Error: Failed to expand subdir globs
subdir "waf_ip_blocklist" not found
exit status 1
Show planInitializing the backend...
Initializing modules...
Downloading git::https://github.com/cds-snc/terraform-modules.git?ref=v5.1.11 for waf_ip_blocklist...
Error: Failed to expand subdir globs
subdir "waf_ip_blocklist" not found
�[0;90m17:18:28.939�[0m �[0;31mERROR �[0m error occurred:
* Failed to execute "terraform init -no-color" in ./.terragrunt-cache/8CJu3E6tls1VOlHT6vQAFFRgrcQ/-syjFrdAaB-6kNXhMmF1nXBOp7o/load_balancer
Error: Failed to expand subdir globs
subdir "waf_ip_blocklist" not found
exit status 1
|
⚠ Terrform update availableTerragrunt: 1.0.1 (using 1.0.0) |
Staging: s3✅ Terraform Init: Plan: 0 to add, 5 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# aws_s3_bucket_server_side_encryption_configuration.archive_storage will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "archive_storage" {
id = "forms-staging-archive-storage"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
# aws_s3_bucket_server_side_encryption_configuration.audit_logs_archive_storage will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "audit_logs_archive_storage" {
id = "forms-staging-audit-logs-archive-storage"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
# aws_s3_bucket_server_side_encryption_configuration.prisma_migration_storage will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "prisma_migration_storage" {
id = "forms-staging-prisma-migration-storage"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
# aws_s3_bucket_server_side_encryption_configuration.reliability_file_storage will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "reliability_file_storage" {
id = "forms-staging-reliability-file-storage"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
# aws_s3_bucket_server_side_encryption_configuration.vault_file_storage will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "vault_file_storage" {
id = "forms-staging-vault-file-storage"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
Plan: 0 to add, 5 to change, 0 to destroy.
Warning: Argument is deprecated
with module.etl_bucket.aws_s3_bucket.this,
on .terraform/modules/etl_bucket/S3/main.tf line 8, in resource "aws_s3_bucket" "this":
8: resource "aws_s3_bucket" "this" {
versioning is deprecated. Use the aws_s3_bucket_versioning resource instead.
(and 11 more similar warnings elsewhere)
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket.archive_storage"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket.audit_logs_archive_storage"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket.prisma_migration_storage"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket.reliability_file_storage"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket.vault_file_storage"]
24 tests, 19 passed, 5 warnings, 0 failures, 0 exceptions
|
Staging: network✅ Terraform Init: Plan: 0 to add, 1 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# aws_networkfirewall_logging_configuration.forms_flow will be updated in-place
~ resource "aws_networkfirewall_logging_configuration" "forms_flow" {
id = "arn:aws:network-firewall:ca-central-1:687401027353:firewall/GCForms"
# (3 unchanged attributes hidden)
~ logging_configuration {
- log_destination_config {
- log_destination = {
- "logGroup" = "Network-Firewall-Alert"
} -> null
- log_destination_type = "CloudWatchLogs" -> null
- log_type = "ALERT" -> null
}
+ log_destination_config {
+ log_destination = {
+ "logGroup" = "Network-Firewall-Flow"
}
+ log_destination_type = "CloudWatchLogs"
+ log_type = "ALERT"
}
}
}
Plan: 0 to add, 1 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.forms_alert"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.forms_flow"]
WARN - plan.json - main - Missing Common Tags: ["aws_default_network_acl.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_default_security_group.default"]
WARN - plan.json - main - Missing Common Tags: ["aws_eip.forms_natgw[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_eip.forms_natgw[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_eip.forms_natgw[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_flow_log.vpc_flow_logs[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_internet_gateway.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_nat_gateway.forms[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_nat_gateway.forms[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_nat_gateway.forms[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_networkfirewall_firewall.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_networkfirewall_firewall_policy.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_networkfirewall_rule_group.suricata_rules"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.firewall"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_private_subnet[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_private_subnet[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_private_subnet[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_public_subnet[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_public_subnet[1]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.forms_public_subnet[2]"]
WARN - plan.json - main - Missing Common Tags: ["aws_route_table.ig"]
WARN - plan.json - main - Missing Common Tags: ["aws_security_group.api_ecs"]
WARN -... |
Staging: load_balancer✅ Terraform Init: Plan: 0 to add, 1 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# aws_s3_bucket_server_side_encryption_configuration.maintenance_mode will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "maintenance_mode" {
id = "gc-forms-staging-application-maintenance-page"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
Plan: 0 to add, 1 to change, 0 to destroy.
Warning: Deprecated attribute
on .terraform/modules/waf_ip_blocklist/waf_ip_blocklist/data.tf line 6, in locals:
6: athena_region = var.athena_region != "" ? var.athena_region : data.aws_region.current.name
The attribute "name" is deprecated. Refer to the provider documentation for
details.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.form_viewer"]
WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.form_viewer_maintenance_mode"]
WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.forms_api"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener_rule.forms_api"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener_rule.security_txt"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudfront_distribution.maintenance_mode"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.UnHealthyHostCount-TargetGroup1"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.UnHealthyHostCount-TargetGroup2"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_role.firehose_waf_logs"]
WARN - plan.json - main - Missing Common Tags: ["aws_kinesis_firehose_delivery_stream.firehose_waf_logs"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb.form_viewer"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_listener.form_viewer_http"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_listener.form_viewer_https"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_target_group.form_viewer_1"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_target_group.form_viewer_2"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_target_group.forms_api"]
WARN - plan.json - main - Missing Common Tags: ["aws_route53_health_check.lb_web_app_global_target_group"]
WARN - plan.json - main - Missing Common Tags: ["aws_route53_health_check.lb_web_app_target_group_1"]
WARN - plan.json - main - Missing Common Tags: ["aws_route53_health_check.lb_web_app_target_group_2"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket.maintenance_mode"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_object.maintenance_static_page_css_files[\"style.css\"]"]
WARN - plan.json - main - Missing Common Tags:... |
Staging: idp✅ Terraform Init: Plan: 0 to add, 1 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# module.user_portal_code_pipeline[0].aws_s3_bucket_server_side_encryption_configuration.codepipeline_bucket will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "codepipeline_bucket" {
id = "idp-user-portal-pipeline"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
Plan: 0 to add, 1 to change, 0 to destroy.
Warning: Deprecated attribute
on .terraform/modules/idp_database/rds/locals.tf line 14, in locals:
14: region = data.aws_region.current.name
The attribute "name" is deprecated. Refer to the provider documentation for
details.
(and 2 more similar warnings elsewhere)
Warning: Argument is deprecated
with module.idp_ecs.aws_service_discovery_service.this,
on .terraform/modules/idp_ecs/ecs/service_discovery.tf line 15, in resource "aws_service_discovery_service" "this":
15: failure_threshold = 1
failure_threshold is deprecated. The argument is no longer supported by AWS
and the value is always set to 1. The attribute will be removed in a future
major version.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_alb_listener_rule.idp_protocol_version"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener_rule.security_txt"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener_rule.user_portal[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_appautoscaling_target.user_portal[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.user_portal"]
WARN - plan.json - main - Missing Common Tags: ["aws_ecs_cluster.idp"]
WARN - plan.json - main - Missing Common Tags: ["aws_ecs_service.user_portal[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_ecs_task_definition.user_portal"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.ecs_xray"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.idp_send_email"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.user_portal_secrets_manager"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.user_portal_ssm"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_role.idp_user_portal"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_user.idp_send_email"]
WARN - plan.json - main - Missing Common Tags: ["aws_shield_protection.idp"]
WARN - plan.json - main - Missing Common Tags: ["module.user_portal_code_pipeline[0].aws_codebuild_project.ecs_render"]
WARN - plan.json - main - Missing Common Tags: ["module.user_portal_code_pipeline[0].aws_codedeploy_app.this"]
WARN - plan.json - main - Missing Common Tags: ["module.user_portal_code_pipeline[0].aws_codedeploy_deployment_group.this"]
WARN - plan.json - main - Missing Common Tags: ["module.user_portal_code_pipeline[0].aws_codepipeline.this"]
WARN - plan.json - main - Missing Common Tags: ["module.user_portal_code_pipeline[0].aws_codestarconnections_connection.this"]
WARN - plan.json - main - Missing Common Tags: ["module.user_portal_code_pipeline[0].aws_iam_role.this"]
WARN - plan.json - main - Missing Common Tags:... |
Staging: app✅ Terraform Init: Plan: 0 to add, 1 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# module.gc_forms_code_pipeline[0].aws_s3_bucket_server_side_encryption_configuration.codepipeline_bucket will be updated in-place
~ resource "aws_s3_bucket_server_side_encryption_configuration" "codepipeline_bucket" {
id = "gc-forms-web-app-pipeline"
# (3 unchanged attributes hidden)
- rule {
- blocked_encryption_types = [
- "NONE",
] -> null
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
+ rule {
+ blocked_encryption_types = []
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
# (1 unchanged attribute hidden)
}
}
}
Plan: 0 to add, 1 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_appautoscaling_target.forms[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_ecs_cluster.forms"]
WARN - plan.json - main - Missing Common Tags: ["aws_ecs_service.form_viewer"]
WARN - plan.json - main - Missing Common Tags: ["aws_ecs_task_definition.form_viewer"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.cognito"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.ecs_xray"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.forms_audit_logs"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.forms_dynamodb"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.forms_kms"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.forms_s3"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.forms_secrets_manager"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.forms_sqs"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_role.codedeploy"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_role.forms"]
WARN - plan.json - main - Missing Common Tags: ["module.gc_forms_code_pipeline[0].aws_codebuild_project.ecs_render"]
WARN - plan.json - main - Missing Common Tags: ["module.gc_forms_code_pipeline[0].aws_codedeploy_app.this"]
WARN - plan.json - main - Missing Common Tags: ["module.gc_forms_code_pipeline[0].aws_codedeploy_deployment_group.this"]
WARN - plan.json - main - Missing Common Tags: ["module.gc_forms_code_pipeline[0].aws_codepipeline.this"]
WARN - plan.json - main - Missing Common Tags: ["module.gc_forms_code_pipeline[0].aws_codestarconnections_connection.this"]
WARN - plan.json - main - Missing Common Tags: ["module.gc_forms_code_pipeline[0].aws_iam_role.this"]
WARN - plan.json - main - Missing Common Tags: ["module.gc_forms_code_pipeline[0].aws_s3_bucket.codepipeline_bucket"]
41 tests, 19 passed, 22... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
3.12→3.14=3.6.0→3.8.14.10.3→4.13.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Review
Release Notes
python/cpython (python)
v3.14.4Compare Source
v3.14.3Compare Source
v3.14.2Compare Source
v3.14.1Compare Source
v3.14.0Compare Source
v3.13.13Compare Source
v3.13.12Compare Source
v3.13.11Compare Source
v3.13.10Compare Source
v3.13.9Compare Source
v3.13.8Compare Source
v3.13.7Compare Source
v3.13.6Compare Source
v3.13.5Compare Source
v3.13.4Compare Source
v3.13.3Compare Source
v3.13.2Compare Source
v3.13.1Compare Source
v3.13.0Compare Source
hashicorp/terraform-provider-random (random)
v3.8.1Compare Source
NOTES:
v3.8.0Compare Source
ENHANCEMENTS:
v3.7.2Compare Source
NOTES:
v3.7.1Compare Source
NOTES:
random_passwordnow supports ephemeral values. (#625)FEATURES:
v3.6.3Compare Source
NOTES:
v3.6.2Compare Source
NOTES:
v3.6.1Compare Source
BUG FIXES:
keepersfrom triggering an in-place update following import (#385)yarnpkg/berry (yarn)
v4.13.0Compare Source
v4.12.0Compare Source
v4.11.0Compare Source
Configuration
📅 Schedule: (in timezone America/Montreal)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.