v1.540.3

feat: support RDS-managed admin password via Secrets Manager @RoseSecurity (#64)

## what

This pull request introduces support for allowing AWS RDS to manage the admin user password for Aurora PostgreSQL clusters via Secrets Manager, while maintaining backward compatibility with the existing manual password management. The changes clarify and enforce the logic for how admin passwords are set, ensuring only one method is used at a time, and update the relevant variables and local values accordingly.

Password management enhancements:

• Added a new variable manage_admin_user_password to enable AWS-managed admin passwords via Secrets Manager, with validation to prevent conflicts if admin_password is also provided. (src/variables.tf src/variables.tfR125-R131)
• Updated local logic to ensure only one password management method is active: AWS-managed, user-provided, or auto-generated, and set admin_password accordingly. (src/main.tf src/main.tfR17-L18)
• Modified the Aurora cluster module configuration to pass the correct values for admin_password and the new manage_admin_user_password parameter, ensuring compatibility with the new logic. (src/cluster-regional.tf src/cluster-regional.tfL19-R20)

why

• Add manage_admin_user_password variable to allow AWS RDS to manage the master user password in Secrets Manager. Adjust logic to ensure admin_password and manage_admin_user_password are mutually exclusive, and update module and locals to support this new option. This enhances security and flexibility for password management.

references

• TF Docs

Summary by CodeRabbit

• New Features

  • Added an option to let the database service manage the admin password in Secrets Manager; when enabled the admin password may be left unset.
  • Admin username, password, and database name can be auto-generated when not provided.

• Documentation

  • Clarified password-management rules and evaluation order: service-managed, user-provided, or auto-generated.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#66)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.540.2

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#65)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/rds-cluster/aws to v2.2.0 @[renovate[bot]](https://github.com/apps/renovate) (#59)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/rds-cluster/aws (source)	module	minor	2.1.1 -> 2.2.0

---

Release Notes

cloudposse/terraform-aws-rds-cluster (cloudposse/rds-cluster/aws)

v2.2.0

Compare Source

feat: adds seconds_until_auto_pause argument @​wavemoran (#​272)

what

• Adds the seconds_until_auto_pause argument for serverlessv2_scaling_configuration

why

• Allow users to set this value to autopause clusters as needed

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#serverlessv2_scaling_configuration-argument-reference
• https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.81.0
• closes #​238

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

v1.540.1

Allow passing allowed security groups by id @jochem725 (#61)

## what * Allows passing security groups by id

why

• The security group name is not available from the output of other components; this change provides flexibility to provide either the name or id depending on availability.

Summary by CodeRabbit

• New Features
  • Introduced an optional configuration to specify additional security group IDs, expanding the set of allowed security groups alongside the existing name-based option.
  • Enhances flexibility for access control by allowing both name- and ID-based configuration.
  • Backward compatible: if not set, behavior remains unchanged.

Update engine version in serverless.yaml @goruha (#62)

## what * Update engine version in serverless.yaml

why

• 13.15 is EOL on AWS

references

• https://linear.app/cloudposse/issue/DEV-3640/decommission-aurora-postgresql-cluster-in-sandbox-aws-799847381734-us

Summary by CodeRabbit

• Chores

  • Updated default Aurora PostgreSQL engine versions in configuration templates: provisioned to 15.13 and serverless to 13.21.
  • Aligns templates with supported releases for improved compatibility and security; no behavioral or logic changes.

• Tests

  • Updated test fixtures to reflect the new engine versions.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#63)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#60)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.43.0 @[renovate[bot]](https://github.com/apps/renovate) (#58)

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842).

This PR contains the following updates:

Package	Type	Update	Change
terraform-linters/tflint-ruleset-aws	plugin	minor	0.42.0 -> 0.43.0

---

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.43.0

Compare Source

What's Changed

Breaking Changes

• Remove aws_ecs_account_setting_default_invalid_name rule by @​wata727 in #​949

Enhancements

• Update AWS provider/module and generated content by @​github-actions[bot] in #​921
• Update AWS provider/module and generated content by @​github-actions[bot] in #​948

Chores

• Bump golang.org/x/net from 0.42.0 to 0.43.0 by @​dependabot[bot] in #​927
• Bump the aws-sdk group with 7 updates by @​dependabot[bot] in #​928
• Bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 by @​dependabot[bot] in #​931
• Bump github.com/hashicorp/terraform-json from 0.25.0 to 0.26.0 by @​dependabot[bot] in #​930
• Bump the aws-sdk group with 7 updates by @​dependabot[bot] in #​929
• Bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in #​932
• Bump the aws-sdk group with 7 updates by @​dependabot[bot] in #​933
• Bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @​dependabot[bot] in #​934
• Bump github.com/zclconf/go-cty from 1.16.3 to 1.16.4 by @​dependabot[bot] in #​935
• dependabot: allow actions writes by @​wata727 in #​936
• Fix E2E tests to take into account the newly added JSON fields by @​wata727 in #​944
• Bump actions/attest-build-provenance from 2.4.0 to 3.0.0 by @​dependabot[bot] in #​937
• Bump github.com/aws/smithy-go from 1.22.5 to 1.23.0 by @​dependabot[bot] in #​938
• Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 by @​dependabot[bot] in #​940
• Bump github.com/zclconf/go-cty from 1.16.4 to 1.17.0 by @​dependabot[bot] in #​942
• Bump github.com/hashicorp/aws-sdk-go-base/v2 from 2.0.0-beta.65 to 2.0.0-beta.66 by @​dependabot[bot] in #​943
• Bump the aws-sdk group with 7 updates by @​dependabot[bot] in #​939
• Bump actions/setup-go from 5.5.0 to 6.0.0 by @​dependabot[bot] in #​941
• Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by @​dependabot[bot] in #​945
• Bump golang.org/x/net from 0.43.0 to 0.44.0 by @​dependabot[bot] in #​946
• deps: Bump Go version to 1.25 by @​wata727 in #​950

Full Changelog: terraform-linters/tflint-ruleset-aws@v0.42.0...v0.43.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

v1.540.0

feat: expose restore_to_point_in_time var @wavemoran (#56)

## what * Exposes the underlying module variable `restore_to_point_in_time`

why

• We would like to use this variable/feature from the underlying aws-rds-cluster module

references

• https://github.com/cloudposse/terraform-aws-rds-cluster/blob/f880f69fc9102a82a19bb6e8e8be5056c8d1ca7b/variables.tf#L233-L253
• https://github.com/cloudposse/terraform-aws-rds-cluster

🚀 Enhancements

chore(deps): bump github.com/ulikunitz/xz from 0.5.11 to 0.5.14 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#52)

Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.14.

Commits

• 7184815 Preparation of release v0.5.14
• 88ddf1d Address Security Issue GHSA-jc7w-c686-c4v9
• c8314b8 Add new package xio with WriteCloserStack
• 4f11dce Update README.md and SECURITY.md to address security questions
• f56ebbf TODO.md: fix a typo
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#57)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#55)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): bump github.com/ulikunitz/xz from 0.5.11 to 0.5.14 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#52)

Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.14.

Commits

• 7184815 Preparation of release v0.5.14
• 88ddf1d Address Security Issue GHSA-jc7w-c686-c4v9
• c8314b8 Add new package xio with WriteCloserStack
• 4f11dce Update README.md and SECURITY.md to address security questions
• f56ebbf TODO.md: fix a typo
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

v1.539.0

feat: expose security group ID for Aurora Postgres cluster @milldr (#53)

## what - Add security_group_id output to expose the security group ID from the underlying RDS cluster module

why

• This enables proper configuration of inbound and outbound traffic rules for ECS services

references

.

Summary by CodeRabbit

• New Features
  • Added a new Terraform output that exposes the security group ID of the Aurora Postgres cluster. This makes it easier to reference the cluster’s security group in downstream configurations (e.g., networking rules or integrations). No changes to existing outputs or behavior.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#54)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.538.4

feat: expose additional DNS outputs @Benbentwo (#50)

## Summary - expose instance and reader/cluster endpoint outputs - document new DNS outputs in README

Testing

• atmos docs generate readme
• atmos docs generate readme-simple
• pre-commit run --files README.md src/README.md src/outputs.tf (fails: "iam_roles" module is not found)

---

https://chatgpt.com/codex/tasks/task_b_68b049e0d0fc832b9f6a2872e4f16a56

Summary by CodeRabbit

• New Features

  • Added a new input: promotion_tier (number, default 0) to control per-instance failover priority.
  • Added three outputs: cluster_endpoint, reader_endpoint, and instance_endpoints for direct access to Aurora Postgres endpoints.

• Documentation

  • Updated README Inputs and Outputs sections with descriptions for the new input and outputs.
  • Removed a trailing branding line for a cleaner README.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#51)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update README.yaml with AI @goruha (#49)

## what - Update README.yaml

why

• Use atmos to generate readme

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#48)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.42.0 @[renovate[bot]](https://github.com/apps/renovate) (#47)

This PR contains the following updates:

Package	Type	Update	Change
terraform-linters/tflint-ruleset-aws	plugin	minor	0.41.0 -> 0.42.0

---

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.42.0

Compare Source

What's Changed

Breaking Changes

• Remove aws_guardduty_member_invalid_email rule by @​wata727 in https://github.com/terraform-linters/tflint-ruleset-aws/pull/925
  • This auto-generated rule had invalid regexp.

Chores

• Bump the aws-sdk group with 7 updates by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9244

Full Changelog: terraform-linters/tflint-ruleset-aws@v0.41.0...v0.42.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.41.0 @[renovate[bot]](https://github.com/apps/renovate) (#46)

This PR contains the following updates:

Package	Type	Update	Change
terraform-linters/tflint-ruleset-aws	plugin	minor	0.40.0 -> 0.41.0

---

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.41.0

Compare Source

What's Changed

Breaking Changes

• fix: update mappings for AWS Provider v6 compatibility by @​bendrucker in https://github.com/terraform-linters/tflint-ruleset-aws/pull/902

Enhancements

• Update AWS provider/module and generated content by @​github-actions[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8888
• Update AWS provider/module and generated content by @​github-actions[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9199

Chores

• Bump the aws-sdk group with 2 updates by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8877
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.222.0 to 1.224.0 in the aws-sdk group by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8899
• Bump golang.org/x/net from 0.40.0 to 0.41.0 by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8911
• Bump the aws-sdk group with 6 updates by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8922
• Bump github.com/hashicorp/aws-sdk-go-base/v2 from 2.0.0-beta.64 to 2.0.0-beta.65 by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8900
• Bump actions/attest-build-provenance from 2.3.0 to 2.4.0 by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8944
• Bump the aws-sdk group with 7 updates by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8955
• Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8966
• Bump the aws-sdk group with 7 updates by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/8977
• Bump the aws-sdk group with 4 updates by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9055
• Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9066
• Clarify README by @​excavator-matt in https://github.com/terraform-linters/tflint-ruleset-aws/pull/907
• Bump the aws-sdk group with 3 updates by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9088
• Bump golang.org/x/net from 0.41.0 to 0.42.0 by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9099
• Bump github.com/hashicorp/hcl/v2 from 2.23.0 to 2.24.0 by @​dependabot[bot] inhttps://github.com/terraform-linters/tflint-ruleset-aws/pull/9100
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.230.0 to 1.231.0 in the aws-sdk group by @​dependabot[bot] in[https://github.com/te...

v1.538.3

chore(deps): restrict aws provider version to < 6.0.0 @Benbentwo (#43)

This pull request includes a version constraint update for the AWS provider in the Terraform configuration file `src/versions.tf`. The change ensures compatibility with versions up to but not including 6.0.0.

• src/versions.tf: Updated the version constraint for the aws provider to >= 4.9.0, < 6.0.0 to ensure compatibility with future versions while avoiding potential breaking changes in version 6.0.0.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#44)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.538.2

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#42)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.538.1

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#41)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.538.0

Setting renew @goruha (#34)

## what * Setting renew

why

• Create merge queue

Summary by CodeRabbit

• Style
  • Removed unnecessary blank lines from repository settings configuration.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#40)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/rds-cluster/aws to v1.18.0 @[renovate[bot]](https://github.com/apps/renovate) (#4)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/rds-cluster/aws (source)	module	minor	1.3.2 -> 1.18.0

---

Release Notes

cloudposse/terraform-aws-rds-cluster (cloudposse/rds-cluster/aws)

v1.18.0

Compare Source

fix: Add perfomance inside to primary cluster @​djakielski (#​250)

what

• Add performace inside config also on primary cluster

why

• had issues with incompatible cluster and instance parameter
• you can enable performance inside on cluster

references

• https://registry.terraform.io/providers/hashicorp/aws/5.82.2/docs/resources/rds_cluster#performance_insights_enabled-1

v1.17.0

Compare Source

fix: reserved instances, aurora rds specifics @​oycyc (#​249)

what

RDS Reserved Instances multi AZ mode is never available for Aurora engines, see images on the console - this PR checks to ensure that it is set to false if the engine is Aurora:

why

That configuration isn't really applicable anyways since this statement from the AWS docs https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithReservedDBInstances.html:

references

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithReservedDBInstances.html

v1.16.0

Compare Source

fix: reserved instance multi_az setting @​oycyc (#​248)

what

Using local.is_regional_cluster to determine whether or not it is Multi-AZ is not accurate. local.is_regional_cluster only checks if var.cluster_type == "regional", which determines if this is a regional vs global cluster

I could have a regional cluster, but it is NOT multi-az. One determining factor is how many instances in the cluster, if ever more than 1 in a single cluster, then it has to be in multiple AZs. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html

why

If I have a regional cluster, this thinks that it's ALWAYS multi-az, which is not true.

references

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html

v1.15.1

Compare Source

🚀 Enhancements

fix: reserved instances restrictions @​oycyc (#​244)

what

This conditional check on whether or not to enable reserved instances is too restrictive. contains(["mysql", "postgresql"], local.reserved_instance_engine) is saying that only allow it if it is MySQL or PostgreSQL.

I think contains was originally meant to be like in the literal sense of "contains". Since in my case, I'm using aurora-postgresql, and it fails this check, yet it is one of the options for reserved instances.

why

endswith might be better, but it is TOO restrictive, seeing that there's so many options.

Additionally, Terraform will fail if user specifies the wrong engine type. There's no need for this check.

references

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/rds_reserved_instance_offering

🐛 Bug Fixes

fix: reserved instances restrictions @​oycyc (#​244)

what

This conditional check on whether or not to enable reserved instances is too restrictive. contains(["mysql", "postgresql"], local.reserved_instance_engine) is saying that only allow it if it is MySQL or PostgreSQL.

I think contains was originally meant to be like in the literal sense of "contains". Since in my case, I'm using aurora-postgresql, and it fails this check, yet it is one of the options for reserved instances.

why

endswith might be better, but it is TOO restrictive, seeing that there's so many options.

Additionally, Terraform will fail if user specifies the wrong engine type. There's no need for this check.

references

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/rds_reserved_instance_offering

v1.15.0

Compare Source

🚀 Enhancements

• Implement and close #​237 (add option for local write forwarding) Thank you @​Junaid-Tem
• Implement and close #​239 (allow the configuration of reservation_id for aws_rds_reserved_instance) Thank you @​oycyc

🐛 Bug Fixes

• Partly revert #​236 (see discussion below). Closes #​241

Multiple cleanu...