Key Updates
Note, this release contains two potentially breaking changes.
- Encryption at host is now on by default to comply with WAF security best practices. Previous installs where this was disabled, should explicitly set it in the configuration to avoid impact.
- The backup configuration has been migrated to use the AzAPI provider to allow for backing up to Recovery Services Vaults in other subscriptions or resource groups. While a moved block was used, the backup item definition may be recreated on existing deployments.
What's Changed
New Features were added as part of this release:
- When configuring backups, it is possible to provide the recovery services vault resource ID to allow for vaults outside of the existing subscription or resource group. This deprecates some of the existing fields so please pay attention when using the backup interface.
- A new feature allowing for ordering a small number of extensions was introduced. An additional attribute called
deploy_sequencewas added to the extension interface to support this. If the value is set to 1 or 2, then the extensions will deploy serially in ascending order until sequence number 3 or higher is reached. Extensions numbered 3 or higher will be deployed in parallel. This tries to balance the need for a small number of extensions to be ordered while avoiding the creation of large numbers of additional resources. The new input defaults to 3 to keep existing extensions from re-deploying. See the WAF example where this was implemented. - Initial support for run commands was added with two new variable interfaces. (One for the standard values, and one for sensitive values). Ensure that the map keys match for these interfaces when using sensitive inputs. Use the run command example to see this in action.
- Encryption at host now defaults to true. You can set this to false as needed to override the default.
Full Changelog: v0.17.0...v0.18.0