3 years ago

Category: Security, Kubernetes, Terraform, Hashicorp, encryption, github

Note that many of the links below go to private repos in the Gruntwork Infrastructure as Code Library and Reference Architecture that are only accessible to customers. Hello Grunts, In the last couple months, we been busy with a number of upgrades for the Gruntwork Infrastructure as Code Library: we’ve updated the entire library to be compatible with version 3.x of the AWS Provider for Terraform, updated all but a handful of repos to work with version 0.13.x of Terraform, and began a project to update our Gruntwork Compliance offering to be compatible with the CIS AWS Foundations Benchmark v1.3.

Here’s a snapshot of the compatibility table so you have a sense of what it takes to upgrade and test everything: What to do about it: We’ve released a dedicated guide with instructions, a version compatibility table, and commits that show an example upgrade of the Acme Reference Architecture: How to update to version 3 of the Terraform AWS Provider.

All repos have been upgraded except the following: Here’s a snapshot of the compatibility table so you have a sense of what it takes to upgrade and test everything: What to do about it: We recommend waiting to upgrade until we finish the last remaining AWS repo and publish a migration guide.

It is up to you to scan this list and decide which of these apply and what to do about them, but most of these are severe vulnerabilities, and we recommend patching them ASAP.