v7.1.0

7.1.0 (2025-01-31)

Features

• DBTP-1687 Reduce length of artifact and KMS key names (#323) (0b5241b)

v7.0.0

7.0.0 (2025-01-28)

⚠ BREAKING CHANGES

• DBTP-1503 - Cross account deploy and manual release pipeline (#306)

Upgrade path

We have introduced new terraform codebase pipelines to replace the copilot pipelines. Full upgrade instructions can be found in our platform documentation https://platform.readme.trade.gov.uk/troubleshooting/codebase-pipeline-upgrade/

Features

• DBTP-1503 - Cross account deploy and manual release pipeline (#306) (7446c84)

v6.1.0

6.1.0 (2025-01-28)

Features

• Support multiple source buckets for data migration (#321) (49c2a4d)

Bug Fixes

• Missing environment pipeline permissions (#318) (155f371)

v6.0.1

6.0.1 (2025-01-21)

Bug Fixes

• DBTP-1694 - Fix policy issues (#316) (ec0733b)

v6.0.0

6.0.0 (2025-01-09)

⚠ BREAKING CHANGES

• DBTP-1395 Add CloudFront and application load balancer origin verification secret for IP Filter spoofing (#273)

Features

• DBTP-1395 Add CloudFront and application load balancer origin verification secret for IP Filter spoofing (#273) (7c182e0)

Upgrade Path

To upgrade to version 6 of terraform-platform-modules you can modify the
<application>-deploy/platform-config.yml for the environments that you want to upgrade.

  environments:
  "*":
    accounts:
      deploy:
        name: "platform-sandbox"
        id: "563763463626"
      dns:
        name: "dev"
        id: "011755346992"
    vpc: platform-sandbox-dev
  dev:
    versions:                        # add "versions" property
      terraform-platform-modules: "6"  # set "terraform-platform-modules" property to 6
  ...

Note when upgrading individual environments the environment pipeline may fail with missing permissions on the V6 environments. To upgrade all environments and the environment pipelines to the latest version add terraform-platform-modules: 6 to the default_versions section at the top of the platform-config.yml file. Then re-deploy the environment pipelines.

default_versions:
  platform-helper: 12.5.1
  terraform-platform-modules: "6"

Please let SRE and the Platform team know when you have upgraded to this release

Once a service team upgrades to terraform-platform-modules release version 6 and does a terraform apply, the new WAF resource for the application load balancer & the CDN origin header resources will get provisioned. This ensures all traffic for the services will have to travel through the CDN and be validated before it reaches the application load balancer.

Troubleshooting

This should enable the required traffic protection without disrupting traffic to the services through the CDN.
If there are any traffic issues to the services, the WAF can be disassociated from the ALB to allow traffic while the problem is investigated.

See Platform documentation for Troubleshooting web application firewall rule on the load balancer

v5.15.0

5.15.0 (2025-01-07)

Features

• DBTP-1568 - Add s3 support for cross environment service access (#293) (e4252ad)

Bug Fixes

• Update deprecated managed role policy (#305) (5e73422)

v5.14.0

5.14.0 (2024-12-12)

Features

• DBTP-1498 - Wrap database copy in pipeline (#301) (917457d)

v5.13.0

5.13.0 (2024-12-11)

Features

• Removing hardcoded value for S3 ENDPOINT (#302) (cffd06a)

v5.12.1

5.12.1 (2024-12-04)

Bug Fixes

• Environment pipeline permissions (#299) (7eb1a63)

v5.12.0

5.12.0 (2024-12-03)

Features

• DBTP-1299 - Cross account database copy (#294) (ac84ca8)