v3.1.0

What's Changed

• Numerous dependabot bumps
• Amend cloudwatch VPC flow logs to include all available fields by @dms1981 in #565

Full Changelog: v3.0.1...v3.1.0

v3.0.1

What's Changed

• Bump github/codeql-action from 3.26.8 to 3.26.9 by @dependabot in #494

• Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #495

• Bump bridgecrewio/checkov-action from 12.2873.0 to 12.2874.0 by @dependabot in #497

• Bump github/codeql-action from 3.26.9 to 3.26.10 by @dependabot in #496

• issue/7689 by @mikereiddigital in #498

• Bump github/codeql-action from 3.26.10 to 3.26.11 by @dependabot in #499

• Update dependabot by @ASTRobinson in #500

• Bump github.com/gruntwork-io/terratest from 0.46.15 to 0.47.2 in /test by @dependabot in #501

• Bump Go version by @ASTRobinson in #504

• Bump actions/cache from 4.0.2 to 4.1.0 by @dependabot in #502

• Bump bridgecrewio/checkov-action from 12.2874.0 to 12.2875.0 by @dependabot in #503

• Added default region var by @ep-93 in #505

• Bump actions/upload-artifact from 4.4.0 to 4.4.1 by @dependabot in #508

• Bump github/codeql-action from 3.26.11 to 3.26.12 by @dependabot in #506

• Bump actions/checkout from 4.2.0 to 4.2.1 by @dependabot in #507

• Bump aquasecurity/trivy-action from 0.24.0 to 0.25.0 by @dependabot in #509

• Bump actions/upload-artifact from 4.4.1 to 4.4.2 by @dependabot in #510

• Bump actions/cache from 4.1.0 to 4.1.1 by @dependabot in #511

• Bump aquasecurity/trivy-action from 0.25.0 to 0.26.0 by @dependabot in #512

• Bump actions/upload-artifact from 4.4.2 to 4.4.3 by @dependabot in #513

• Bump aquasecurity/trivy-action from 0.26.0 to 0.27.0 by @dependabot in #514

• Bump github/codeql-action from 3.26.12 to 3.26.13 by @dependabot in #517

• Bump bridgecrewio/checkov-action from 12.2875.0 to 12.2877.0 by @dependabot in #516

• Bump ministryofjustice/github-actions from 18.2.2 to 18.2.4 by @dependabot in #519

• Bump bridgecrewio/checkov-action from 12.2877.0 to 12.2879.0 by @dependabot in #518

• Bump bridgecrewio/checkov-action from 12.2879.0 to 12.2882.0 by @dependabot in #520

• Bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 by @dependabot in #521

• Bump ministryofjustice/github-actions from 18.2.4 to 18.3.1 by @dependabot in #522

• Bump bridgecrewio/checkov-action from 12.2882.0 to 12.2883.0 by @dependabot in #523

• Bump bridgecrewio/checkov-action from 12.2883.0 to 12.2884.0 by @dependabot in #524

• Bump actions/cache from 4.1.1 to 4.1.2 by @dependabot in #525

• Bump github/codeql-action from 3.26.13 to 3.27.0 by @dependabot in #526

• Bump ministryofjustice/github-actions from 18.3.1 to 18.4.0 by @dependabot in #528

• Bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #527

• Bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot in #529

• Bump bridgecrewio/checkov-action from 12.2884.0 to 12.2885.0 by @dependabot in #530

• Bump bridgecrewio/checkov-action from 12.2885.0 to 12.2886.0 by @dependabot in #531

• Bump ministryofjustice/github-actions from 18.4.0 to 18.5.0 by @dependabot in #532

• Bump bridgecrewio/checkov-action from 12.2886.0 to 12.2888.0 by @dependabot in #533

• Bump bridgecrewio/checkov-action from 12.2888.0 to 12.2889.0 by @dependabot in #534

• Bump bridgecrewio/checkov-action from 12.2889.0 to 12.2890.0 by @dependabot in #535

• Bump bridgecrewio/checkov-action from 12.2890.0 to 12.2891.0 by @dependabot in #536

• Bump bridgecrewio/checkov-action from 12.2891.0 to 12.2892.0 by @dependabot in #537

• Bump terraform-linters/setup-tflint from 4.0.0 to 4.1.0 by @dependabot in #538

• Bump bridgecrewio/checkov-action from 12.2892.0 to 12.2893.0 by @dependabot in #539

• Bump bridgecrewio/checkov-action from 12.2893.0 to 12.2896.0 by @dependabot in #541

• Bump github/codeql-action from 3.27.0 to 3.27.1 by @dependabot in #540

• Bump bridgecrewio/checkov-action from 12.2896.0 to 12.2897.0 by @dependabot in #542

• Bump github/codeql-action from 3.27.1 to 3.27.3 by @dependabot in #543

• Bump bridgecrewio/checkov-action from 12.2897.0 to 12.2902.0 by @dependabot in #545

• Bump bridgecrewio/checkov-action from 12.2902.0 to 12.2903.0 by @dependabot in #546

• Name change with data lookup by @ep-93 in #547

Name change mainly.

Full Changelog: v3.0.0...v3.0.1

v3.0.0

What's New

• Removed configuration options to build kinesis firehose for export of flow logs

As this change renders this release no-longer backwards compatible, this module has received a major version release.

What's Changed

• Bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in #492
• Bump terraform-docs/gh-actions from 1.2.2 to 1.3.0 by @dependabot in #493
• Remove firehose configuration by @dms1981 in #482

Full Changelog: v2.5.0...v3.0.0

v2.5.0

What's New

Users can optionally supply S3 bucket ARN(s) to create a VPC flow log with the bucket as the destination:

resource "aws_s3_bucket" "example" { ... }
module "vpc" {
  source = "github.com/ministryofjustice/modernisation-platform-terraform-member-vpc"
  ...
  flow_log_s3_destination_arn = aws_s3_bucket.example.arn
}

What's Changed

• Lots of @app/dependabot bumps
• Optionally send flow logs to S3 by @dms1981 in #491

Full Changelog: v2.4.0...v2.5.0

v2.4.0

What's Changed

• Lots of @app/dependabot bumps
• Feature/trivy by @ep-93 in #369
• feature/6675 github action status badges by @Kudzai-moj in #372
• 🧪 Add unit-test by @ASTRobinson in #391
• Adds redact output script to unit test workflow. by @mikereiddigital in #423
• Update go-terratest.yml by @ASTRobinson in #425
• Added output for VPC flow log group name by @dms1981 in #473

New Contributors

• @ep-93 made their first contribution in #369
• @Kudzai-moj made their first contribution in #372

Full Changelog: v2.3.0...v2.4.0

Adds the option to create AWS Firehose resources.

What's Changed

• Adds the creation of AWS Firehose & associated resources. by @mikereiddigital in #338

New Contributors

• @ASTRobinson made their first contribution in #209
• @mikereiddigital made their first contribution in #338

Full Changelog: v2.2.0...v2.3.0

v2.2.0

What's Changed

• Bump bridgecrewio/checkov-action to 12.2461.0 by @dependabot in #194
• Add protected subnets to output by @dms1981 in #195

Full Changelog: v2.1.1...v2.2.0

v2.1.1

What's Changed

• fixed reference to security group resource name by @dms1981 in #181

Full Changelog: v2.1.0...v2.1.1

v2.1.0

What's Changed

• Bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #161
• Bump ministryofjustice/github-actions from 13 to 14 by @dependabot in #160
• Bump bridgecrewio/checkov-action 12.2436.0 by @dependabot in #179
• Allow use of redshift endpoints by @dms1981 in #180

Full Changelog: v2.0.0...v2.1.0

v2.0.0

Breaking Changes

• AWS Provider constraint is now set to ~> 5.x.
• This will conflict with modules that enforce a constraint of ~> 4.x. You can use terraform providers to show any potential conflicts.

What's Changed

• Add OSSF scorecards and pin github actions to specific versions as recommended in the github actions security hardening guidance by @davidkelliott in #23
• Bump actions/upload-artifact from 3.1.0 to 3.1.1 by @dependabot in #24
• Github actions security improvements by @davidkelliott in #26
• Bump github/codeql-action from 2.1.32 to 2.1.35 by @dependabot in #27
• Bump github/codeql-action from 2.1.35 to 2.1.36 by @dependabot in #28
• Bump ministryofjustice/github-actions from 8 to 9 by @dependabot in #30
• Bump actions/checkout from 3.1.0 to 3.2.0 by @dependabot in #29
• Bump github/codeql-action from 2.1.36 to 2.1.37 by @dependabot in #32
• Bump ossf/scorecard-action from 2.0.6 to 2.1.0 by @dependabot in #31
• Bump ossf/scorecard-action from 2.1.0 to 2.1.2 by @dependabot in #34
• Bump actions/upload-artifact from 3.1.1 to 3.1.2 by @dependabot in #36
• Bump actions/checkout from 3.2.0 to 3.3.0 by @dependabot in #35
• Bump ministryofjustice/github-actions from 9 to 10 by @dependabot in #37
• Bump github/codeql-action from 2.1.37 to 2.1.38 by @dependabot in #38
• Bump github/codeql-action from 2.1.38 to 2.1.39 by @dependabot in #39
• Bump github/codeql-action from 2.1.39 to 2.2.1 by @dependabot in #41
• Bump github/codeql-action from 2.2.1 to 2.2.2 by @dependabot in #42
• Bump github/codeql-action from 2.2.2 to 2.2.3 by @dependabot in #43
• Bump github/codeql-action from 2.2.3 to 2.2.4 by @dependabot in #44
• Added code scanning workflow task by @dms1981 in #45
• Ensure sarif upload runs regardless of scanning exit code by @dms1981 in #48
• Bump actions/cache from 3.2.5 to 3.2.6 by @dependabot in #46
• Bump bridgecrewio/checkov-action from 12.2138.0 to 12.2149.0 by @dependabot in #47
• Bump bridgecrewio/checkov-action from 12.2149.0 to 12.2152.0 by @dependabot in #49
• Update code-scanning to support GITHUB_TOKEN, scoped permissions, added scan exclusions by @dms1981 in #50
• Bump bridgecrewio/checkov-action from 12.2151.0 to 12.2155.0 by @dependabot in #51
• Bump github/codeql-action from 2.2.4 to 2.2.5 by @dependabot in #52
• Bump bridgecrewio/checkov-action from 12.2155.0 to 12.2160.0 by @dependabot in #53
• Bump bridgecrewio/checkov-action from 12.2160.0 to 12.2164.0 by @dependabot in #54
• Bump bridgecrewio/checkov-action from 12.2164.0 to 12.2166.0 by @dependabot in #55
• Bump bridgecrewio/checkov-action from 12.2166.0 to 12.2172.0 by @dependabot in #57
• Bump bridgecrewio/checkov-action from 12.2172.0 to 12.2174.0 by @dependabot in #59
• Bump ministryofjustice/github-actions from 10 to 11 by @dependabot in #58
• Bump bridgecrewio/checkov-action from 12.2174.0 to 12.2180.0 by @dependabot in #60
• Bump bridgecrewio/checkov-action from 12.2180.0 to 12.2183.0 by @dependabot in #61
• Bump bridgecrewio/checkov-action from 12.2183.0 to 12.2184.0 by @dependabot in #62
• Bump bridgecrewio/checkov-action from 12.2184.0 to 12.2188.0 by @dependabot in #63
• Bump actions/cache from 3.2.6 to 3.3.0 by @dependabot in #64
• Bump bridgecrewio/checkov-action from 12.2188.0 to 12.2191.0 by @dependabot in #67
• Bump actions/cache from 3.3.0 to 3.3.1 by @dependabot in #66
• Bump github/codeql-action from 2.2.5 to 2.2.6 by @dependabot in #65
• Bump bridgecrewio/checkov-action from 12.2191.0 to 12.2197.0 by @dependabot in #68
• Bump bridgecrewio/checkov-action from 12.2197.0 to 12.2201.0 by @dependabot in #69
• Bump bridgecrewio/checkov-action from 12.2201.0 to 12.2203.0 by @dependabot in #71
• Bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #72
• Bump github/codeql-action from 2.2.6 to 2.2.7 by @dependabot in #70
• Bump bridgecrewio/checkov-action from 12.2203.0 to 12.2204.0 by @dependabot in #73
• Bump bridgecrewio/checkov-action from 12.2204.0 to 12.2216.0 by @dependabot in #76
• Bump github/codeql-action from 2.2.7 to 2.2.8 by @dependabot in #78
• Bump bridgecrewio/checkov-action from 12.2216.0 to 12.2218.0 by @dependabot in #77
• Bump bridgecrewio/checkov-action from 12.2218.0 to 12.2229.0 by @dependabot in #81
• Bump github/codeql-action from 2.2.8 to 2.2.9 by @dependabot in #82
• Bump bridgecrewio/checkov-action from 12.2229.0 to 12.2232.0 by @dependabot in #83
• Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #80
• Bump bridgecrewio/checkov-action from 12.2232.0 to 12.2236.0 by @dependabot in #84
• Bump bridgecrewio/checkov-action from 12.2236.0 to 12.2242.0 by @dependabot in #86
• Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #85
• Bump bridgecrewio/checkov-action from 12.2242.0 to 12.2256.0 by @dependabot in #89
• Bump bridgecrewio/checkov-action from 12.2256.0 to 12.2258.0 by @dependabot in #90
• Bump github/codeql-action from 2.2.9 to 2.2.10 by @dependabot in htt...