Updated CLI args, config attributes and blocks
remote_state_s3_test.go
skip_bucket_accesslogging
config optionaccesslogging_bucket_name
config optiongostructToCty
function
Description
- Add commercial support subpages
- Rename the
gostructToCty
(inconfig_as_cty.go
) ->goTypeToCty
(fixes issue: #1384) - Deprecate
skip_bucket_accesslogging
(fixes issue: #1333) - Replace it with
accesslogging_bucket_name
(fixes issue: #1333) - Updated docs for relevant configuration option updates & missing asset paths
Migration guide
You only need to follow this guide if you used Terragrunt v0.18.0 or newer to automatically create S3 buckets as a backend (Auto Init) with access logging. If you created the S3 buckets yourself using other mechanisms, you can skip this guide.
If you used Terragrunt v0.18.0 or newer with Auto Init enabled to create S3 buckets as a backend, then you might be seeing the following bug, described in more details here: #1333
Fixing the bug on existing S3 buckets
- In the AWS Web Console, locate the S3 remote state buckets that were created with
terragrunt
. - For all the relevant S3 buckets, find & navigate to their logging properties.
- Edit the properties and set the
Target Bucket
to point to a new S3 bucket dedicated for logs (you may need to create this new bucket yourself, if it doesn't exist already).
Skipping access logging if you had skip_bucket_accesslogging
set
- Find all terragrunt configuration files from your code base that have the
skip_bucket_acesslogging
config option set. - Remove the
skip_bucket_accesslogging
config option. - Run
terragrunt plan
- no planned changes should be output & the access logging should still be disabled for the relevant S3 buckets.
Enabling access logging with this release and going forward
Caveat: This only applies to new S3 buckets for storing terraform state created by Terragrunt Auto Init. If the bucket already exists, Terragrunt will NOT update the existing S3 bucket.
- Find all
terragrunt.hcl
files that set up a remote state using S3, and you want to enable server access logging for the S3 bucket the state will be stored in. - Add in the
remote_state.config
section of the configuration file the new config option and replace the value "A VALID S3 BUCKET NAME STRING" with astring
fir the name of your logsTarget Bucket
.
# terragrunt.hcl
remote_state {
...
config = {
...
accesslogging_bucket_name = "A VALID S3 BUCKET NAME STRING"
...
}
}
- Run one of the following commands
terragrunt plan | apply | validate
so that the S3 state bucket new configuration changes can take effect
Docs
Check out the docs to read in more detail how to use the new attribute.
Special thanks
- Thank you to @VishalCR7, @ArkuVonSymfon & @klijakub for the contribution!
- Thank you to @tony-harverson-moonpig for raising the issue for S3 bucket logging