github Azure/terraform-azurerm-caf-enterprise-scale v3.0.0
[v3.0.0] Simplify inputs with `optional()` support and more
on GitHub

latest releases: v6.1.0, v6.0.0, v5.2.1...
22 months ago

The v3.0.0 release marks an important update to the module, aimed primarily at reducing code changes needed when upgrading to latest releases. Previously, any change to the schema of input variables with complex object types would result in a breaking change if not updated in the customer code. This has been made possible with the GA release of optional() types in Terraform v1.3.0.

As a result of this change and the required fix for issue #31844, we have increased the minimum supported Terraform version to v1.3.1.

To support other changes (as listed below), we have also bumped the minimum supported azurerm provider version to v3.19.0.

New features

  • Added documentation for how to set parameters for Policy Assignments
  • Updated GitHub Super-Linter to v4.9.7 for static code analysis
  • Updated the list of private DNS zones created by the module for private endpoints
  • Removed deprecated policies for Arc monitoring (now included within VM monitoring built-in initiative)
  • Added ability to set sql_redirect_allowed and tls_certificate properties on Azure Firewall policies
  • Update logic for Azure Firewall public IPs to ensure correct availability zone mapping when only 2 zones are specified
  • Added support for optional() types in input variables
  • Updated policies with the latest fixes from the upstream Azure/Enterprise-Scale repository
  • Updated tag evaluation for connectivity and management resources, so default_tags are now merged with scope-specific tags
  • Updated the module upgrade guidance
  • Updated Deny-Public-IP policy assignment to use the built-in policy for Not allowed resource types

Fixed issues

  • Fix #445 (azurerm v4 compatibility)
  • Fix #359 (Specifying parameters in policy assignment loses Log Analytics ID)
  • Fix #186 (Policies incompatible with Terraform)
  • Fix #444 (Error received when running custom network connectivity deployment)
  • Fix #508 (Bug Report: Advanced VPN revoke_certifcate fails to apply)
  • Fix #513 (Feature Request: Azure Firewall: Specify TLS Certificate Location in Azure Keyvault)
  • Fix #447 (Azure Firewall - Availability Zones)
  • Fix #524 (Missing private DNS zone for private endpoint - Azure Data Health Data Services)
  • Fix #521 (Feature Request - ExpressRoute Gateway VPN_Type is Hardcoded, parameterise.)

Breaking changes

  • ⚠️ Updated the minimum supported Terraform version to 0.15.1
  • ⚠️ Updated the minimum supported azurerm provider version to 3.0.2
  • ⚠️ Terraform will replace the Deny-Public-IP policy assignment, resulting in loss of compliance history

IMPORTANT: Please also carefully review the planned changes following an upgrade, as the introduction of optional() settings may result in unexpected changes from your current configuration where recommended new features are enabled by default.

For more information

Please refer to the Upgrade from v2.4.1 to v3.0.0 page on our Wiki.

Full Changelog: v2.4.1...v3.0.0

Check out latest releases or
releases around Azure/terraform-azurerm-caf-enterprise-scale v3.0.0

Don't miss a new terraform-azurerm-caf-enterprise-scale release

NewReleases is sending notifications on new releases.

Get notifications