Skip to content

v2.0.0 (2020-03-04)
Compare
Choose a tag to compare
@dpoirier dpoirier released this 04 Mar 14:28
v2.0.0
ebab460

Backwards-incompatible changes:

  • Update RDS resource name of database to be DatabaseInstance rather than PostgreSQL. While other engines were previously supported, the title within the stack still referenced PostgreSQL. This change will force a recreation of your RDS instance.
  • Simplify the VPC layout to have 2 public and 2 private subnets. Due to this change, updating an existing stack is not supported. You'll need to create a new stack and re-deploy all services within it.
  • Add support to provision Memcached and Redis clusters in tandem. The resource names have been adjusted to make this change and will force creation of new instances, possibly requiring a new stack.

What's new in 2.0.0:

  • Add support for Elastic Kubernetes Service (EKS).
  • Re-purpose use_aes256_encryption flag to support encryption across S3, RDS, Elasticache (Redis only), and RDS (thanks @dsummersl)
  • Add support for Customer Managed CMKs with CustomerManagedCmkArn parameter (not applied to public buckets)
  • Add configurable ContainerVolumeSize to change root volume size of EC2 instances (thanks @dsummersl)
  • Change generated template output from JSON to YAML (thanks @cchurch)
  • The stack no longer prompts for a SECRET_KEY if it won't be used for the stack type in question.
  • Add required DBParameterGroup by default, which allows configuring database specific parameters. This avoids having to reboot a production database instance to add a DBParameterGroup in the future. (thanks @cchurch)
  • Add tags to all resources, including a common aws-web-stacks:stack-name tag with the stack's name
  • Add a aws-web-stacks:role tag to EC2 instances to identify as bastion vs. worker.
  • You now have the option of creating a bastion host or VPN server as part of the stack, when a
    stack with a NAT Gateway is used, to facilitate secure remote access to hosts within the VPC.
  • Add a parameter to specify the default canned ACL for the public assets bucket.
  • Block all public access for the private assets bucket.
  • Add parameters to customize VPC and subnet IPv4 CIDR blocks (It is generally not possible to change the CIDR blocks for an existing stack.).
  • Add RDS and ElastiCache endpoint outputs.
  • Add CustomAppCertificateArn parameter to allow association with an existing ACM certificate.
  • Add VPC Endpoint for S3.
  • Add DatabaseReplication parameter to add a database replica (** this will fail if DatabaseBackupRetentionDays is 0.**).
  • Add optional SFTP server, including S3 bucket, transfer server, and user role and scopedown policy to use when creating
    users in the transfer server.
Assets 2
Loading