chore(deps): update terraform cloudposse/ec2-instance/aws to v2

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/ec2-instance/aws (source)	module	major	0.41.0 -> 2.0.0

---

Release Notes

cloudposse/terraform-aws-ec2-instance (cloudposse/ec2-instance/aws)

v2.0.0

Compare Source

Update Ubuntu AMI query @​goruha (#​215)

what

• Update Ubuntu AMI to 22.04
• Fix enabled flag

why

• AMI 18.04 is deprecated
• Not all resources used to support the enabled flag

🤖 Automatic Updates

Replace Makefile with atmos.yaml @​osterman (#​214)

what

• Remove Makefile
• Add atmos.yaml

why

• Replace build-harness with atmos for readme genration

References

• DEV-3229 Migrate from build-harness to atmos

v1.6.1

Compare Source

fix: allow stopping instance before detachment and/or forced ebs detachments @​Hamza-Olol (#​212)

Added support to the EBS volume attachment resource for the `force_detach` and `stop_instance_before_detaching` arguments.

These changes allow users to:
- Force the detachment of EBS volumes.
- Stop instances before detaching volumes, ensuring smooth resource teardown during Terraform destroy operations.

why

I cannot delete my Terraform resources using a standard Terraform destroy because I have attached additional ebs volumes to my instance and then ran disk configuration changes in my instance, for example, combined multiple ebs volumes into a striped disk config.

Business use cases may require additional EBS volumes, along with specific disk configurations for the volumes attached to EC2 instances.

When attempting to delete resources via Terraform, the destroy process fails due to issues with EBS volume attachments. These issues include timeouts or the inability to delete volumes because they are in a "busy" state.

The problem arises because Terraform attempts to detach EBS volumes before deleting/stopping the EC2 instance, leading to failures if the volume cannot be detached.

To address this, Terraform introduced the force_detach and stop_instance_before_detaching arguments, which allows forced detachment and/or stopping of the instance prior to detaching volumes. These enhancements mitigate the destroy-time failures and ensure smoother resource cleanup.

references

The force_detach and stop_instance_before_detaching arguments were introduced in Terraform AWS provider version v3.62.0.

Additional details and discussion about this issue can be found in this GitHub thread.

🤖 Automatic Updates

Migrate new test account @​osterman (#​210)

what

• Update .github/settings.yml
• Update .github/chatops.yml files

why

• Re-apply .github/settings.yml from org level to get terratest environment
• Migrate to new test account

References

• DEV-388 Automate clean up of test account in new organization
• DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
• DEV-386 Update terratest to use new testing account with GitHub OIDC

Update .github/settings.yml @​osterman (#​207)

what

• Update .github/settings.yml
• Drop .github/auto-release.yml files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update .github/settings.yml @​osterman (#​206)

what

• Update .github/settings.yml
• Drop .github/auto-release.yml files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

v1.6.0

Compare Source

fix: remove lifecycle ignore changes for ami argument @​nitrocode (#​205)

what

• remove lifecycle ignore changes for ami argument

why

• This change looks unintentional based on the PR description
• We'd like to allow AMIs to recreate the EC2 for singletons that aren't production facing

references

• Revert PR #​145 cc @​kris-Nabis @​dotCipher
• Slack thread https://sweetops.slack.com/archives/CDYGZCLDQ/p1723918600862819?thread_ts=1723918600.862819&cid=CDYGZCLDQ

v1.5.0

Compare Source

feat: Add missed tags @​MaxymVlasov (#​204)

what

Add tags to resources where they missed

🤖 Automatic Updates

Update .github/settings.yml @​osterman (#​201)

what

• Update .github/settings.yml
• Drop .github/auto-release.yml files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update release workflow to allow pull-requests: write @​osterman (#​199)

what

• Update workflow (.github/workflows/release.yaml) to have permission to comment on PR

why

• So we can support commenting on PRs with a link to the release

Update GitHub Workflows to use shared workflows from '.github' repo @​osterman (#​198)

what

• Update workflows (.github/workflows) to use shared workflows from .github repo

why

• Reduce nested levels of reusable workflows

v1.4.1

Compare Source

feat: disable_api_stop option @​flightlesstux (#​197)

what

Control your EC2 Disable API with your Terraform

why

Because, AWS SDK and cli are supporting.

references

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#disable_api_stop

🤖 Automatic Updates

Update GitHub Workflows to Fix ReviewDog TFLint Action @​osterman (#​196)

what

• Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action

why

• The ReviewDog action will comment with line-level suggestions based on linting failures

Update GitHub workflows @​osterman (#​195)

what

• Update workflows (.github/workflows/settings.yaml)

why

• Support new readme generation workflow.
• Generate banners

Use GitHub Action Workflows from `cloudposse/.github` Repo @​osterman (#​192)

what

• Install latest GitHub Action Workflows

why

• Use shared workflows from cldouposse/.github repository
• Simplify management of workflows from centralized hub of configuration

v1.4.0

Compare Source

🚀 Enhancements

Add tags to additional eip @​bwmetcalf (#​190)

what

• Add tags to additional eip's

why

• Ensure consistent tagging

references

• Closes #​189

v1.3.0

Compare Source

Add user_data_replace_on_change @​bwmetcalf (#​188)

what

Support user_data_replace_on_change:

[user_data_replace_on_change](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#user_data_replace_on_change) - (Optional) When used in combination with user_data or user_data_base64 will trigger a destroy and recreate when set to true. Defaults to false if not set.

Bumps minimum aws provider version to support this parameter.

why

Force a rebuild if user data has changed.

v1.2.2

Compare Source

🚀 Enhancements

Remove optional `domain` attribute from `aws_eip` resource @​mariot8 (#​173)

what

• remove aws_eip optional domain attribute

why

• optional domain attribute causes terraform to fail plan EC2 instance

references

• closes #​172

🤖 Automatic Updates

Add GitHub Settings @​osterman (#​187)

what

• Install a repository config (.github/settings.yaml)

why

• Programmatically manage GitHub repo settings

Update README.md and docs @​cloudpossebot (#​185)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update Scaffolding @​osterman (#​186)

what

• Reran make readme to rebuild README.md from README.yaml
• Migrate to square badges
• Add scaffolding for repo settings and Mergify

why

• Upstream template changed in the .github repo
• Work better with repository rulesets
• Modernize look & feel

v1.2.1

Compare Source

🚀 Enhancements

feat(aws_instance): treat missing data on cloudwatchmetric @​haidargit (#​184)

what

The PR enables the treat_missing_data argument for the cloudwatch metric alarm resource on this ec2 module.
https://github.com/cloudposse/terraform-aws-ec2-instance/blob/bf54345e18c6c2d1d85997d3af3b73a0e03c489f/cloudwatch-alarm.tf#L11

why

Users may have specific run schedules, triggering alerts in CloudWatch, e.g., for missing data during offline periods (instance stopped state, hibernate, restart, etc.).
This treat_missing_data variable will enable the CloudWatch alarms to set custom responses, which are "missing", "ignore", "breaching" and "notBreaching", for the data gaps that occur and keep the EC2 alarms condition in a desired state.

references

• closes feature request #​130

Kindly review this PR for any possible improvements. Thank you

v1.2.0

Compare Source

feat(aws_instance): conditional IAM instance profile @​haidargit (#​182)

what

This PR enables a conditional iam_instance_profile variable for the ec2 module.

why

This feature request offers users the flexibility to decide whether to associate an IAM instance profile with their instances.

references

• closes feature request #​180

Kindly review this PR for module improvements. Thank you

v1.1.1

Compare Source

feature/disable-alarm-action @​kris-Nabis (#​145)

what

• Disables the use of Alarm Actions

why

• Unable to create the resource if execution user doesn't have iam:CreateServiceLinkedRole
• Somewhat random reboot triggers. Alarm Action reboot is triggered pretty consistently, even while EC2 Resource is not in an alarm state.

references

• closes #​131

🤖 Automatic Updates

Update README.md and docs @​cloudpossebot (#​175)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.1.0

Compare Source

Correct how the volume_id is selected - Fix #​165 @​it-praktyk (#​171)

what

Fix #​165 - allows create an EC2 instance with additional volumes.

why

The issue was introduced here.

The one Terraform function returns an error, that blocks creating EC2 instances with additional (non-root) volumes.

references

• The one Terraform function docs

closes #​165

🤖 Automatic Updates

Update README.md and docs @​cloudpossebot (#​167)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.0.0

Compare Source

• Support AWS provider V5
• Adding external ENIs

v0.50.0

Compare Source

• AWS provider V4 Compatibility

v0.49.0

Compare Source

Adding external ENIs @​jamengual (#​159)

what

Add the ability to add external ENIs to the instance

why

For ec2 instances deployments clusters where the IPs are required to be unique and not change it is necessary to create ENIs outside of this module so that the instance termination does not change the ENI and IP attached.

references

Sync github @​max-lobur (#​156)

Rebuild github dir from the template

v0.48.0

Compare Source

• No changes

v0.47.1

Compare Source

🚀 Enhancements

Only get data.aws_ami.info if it's actually required @​y3ti (#​151)

what

• Use data.aws_ami.info only if it's actually required

why

• Fix Your query returned no results" error once the AMI ID is not listed within AWS marketplace

references

• closes #​150
• closes #​143

v0.47.0

Compare Source

Do not set iops and throughput for non-supporting volume types @​cinacio (#​142)

what

• Only set iops and throughput arguments for volume types supporting those options.

why

• According to the documentation for the aws_ebs_volume resource, the iops argument is only valid for volumes types io1, io2 & gp3.
• According to the same documentation, the throughput argument is only valid for volume type gp3.
• Setting the throughput of a gp2 volume to "0" triggers the following error

Error: expected throughput to be in the range (125 - 1000), got 0

with module.instance.aws_ebs_volume.default[0],
on .terraform/modules/instance/main.tf line 178, in resource "aws_ebs_volume" "default":
178: throughput = local.ebs_throughput

references

• closes #​137

v0.46.0

Compare Source

Adding support for secondary private ips @​vale21 (#​153)

what

• Adding support for secondary private ips to EC2 instances created with this module

why

• I cannot set secondary private IPs to my EC2 instance using your module

references

• Fixes #​152

v0.45.2

Compare Source

🚀 Enhancements

Support AWS partition for SSM resources @​dlundgren (#​148)

what

• SSM patch is currently hardcoded to aws so this doesn't work when trying to use the role with AWS GovCloud.

why

• This allows the role to work in with AWS GovCloud

references

• The cloudwatch-alarm supports the AWS GovCloud partition

v0.45.1

Compare Source

🚀 Enhancements

Turn tenancy validation message into English prose @​irl (#​144)

Adds a period at the end of the error message.

what

A single character change to make this into English prose.

why

╷
│ Error: Invalid validation error message
│ 
│   on .terraform/modules/instance/variables.tf line 378, in variable "tenancy":
│  378:     error_message = "Tenancy field can only be one of default, dedicated, host"
│ 
│ The validation error message must be at least one full sentence starting with an uppercase letter and ending with a period or question mark.
│ 
│ Your given message will be included as part of a larger Terraform error message, written as English prose. For broadly-shared modules we suggest using a similar writing style so that the overall result will be consistent.
╵

v0.45.0

Compare Source

Add ability to configure instance tenancy @​RothAndrew (#​141)

what

• Add new variable tenancy that allows user to configure instance tenancy (default (default), dedicated, or host)

why

• An organization that I work with has a security policy that requires use of dedicated tenancy. This PR adds the capability to do that when using this module.

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#tenancy
• Closes #​139

v0.44.0

Compare Source

Added support for gp3 and io2 both root and ebs volumes (fixed copy of #​117) @​tbpoetke (#​136)

what

• Added support for io2 and gp3 volumes

why

• original PR had conflicts, this will work hopefully
• io2 and gp3 are new more performant volumes therefore they should be supported

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#ebs-ephemeral-and-root-block-devices
• Closes https://github.com/cloudposse/terraform-aws-ec2-instance/issues/114

git.io->cloudposse.tools update @​dylanbannon (#​126)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

v0.43.0

Compare Source

support-kms-key-id-for-root-volume @​woz5999 (#​128)

what

• Support customer managed kms key for block device

why

• This is supported for other EBS volumes in the module
• CMK should be supported for root device as well

v0.42.0

Compare Source

Adding in support for ec2 metadata_tags @​wschultz (#​122)

what

• This adds in an option to turn on the metadata_tags (or off, the default) inside the aws_instance metadata_options.

why

• There are options for http_endpoint, http_put_response_hop_limit and http_tokens already but not for metadata_tags. This adds that functionality.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[mergify]

/terratest