Skip to content

feat!: Upgrade MSV of AWS provider to 6.20, remove support for origin access identities#177

Merged
bryantbiggs merged 4 commits intomasterfrom
feat/upgrade
Nov 29, 2025
Merged

feat!: Upgrade MSV of AWS provider to 6.20, remove support for origin access identities#177
bryantbiggs merged 4 commits intomasterfrom
feat/upgrade

Conversation

@bryantbiggs
Copy link
Member

@bryantbiggs bryantbiggs commented Nov 28, 2025
edited
Loading

List of backwards incompatible changes

  • AWS provider v6.20 is now minimum supported version
  • Support for aws_cloudfront_origin_access_identity has been removed in favor of aws_cloudfront_origin_access_control

Additional changes

Added

  • None

Modified

  • Variable definitions now contain detailed object types in place of the previously used any type
  • is_ipv6_enabled now defaults to true if not specified
  • default_cache_behavior.compress and ordered_cache_behavior.compress now default to true
  • origin.origin_ssl_protocols now defaults to ["TLSv1.2"]
  • vpc_origin.origin_ssl_protocols.items now defaults to ["TLSv1.2"]
  • vpc_origin_timeouts is now embedded under vpc_origin
  • viewer_certificate.minimum_protocol_version now defaults to "TLSv1.2_2025"
  • See the the Before vs After examples below for more details on variable type definition changes

Variable and output changes

  1. Removed variables:

    • create_origin_access_identity
    • origin_access_identities
    • create_origin_access_control
    • create_vpc_origin
    • vpc_origin_timeouts - use timeouts block within vpc_origin variable instead
    • create_response_headers_policy
    • create_cloudfront_function

  2. Renamed variables:

    • create_distribution -> create

  3. Added variables:

    • anycast_ip_list_id

  4. Removed outputs:

    • cloudfront_vpc_origin_ids
    • cloudfront_origin_access_controls_ids
    • cloudfront_origin_access_identities
    • cloudfront_origin_access_identity_ids
    • cloudfront_origin_access_identity_iam_arns
    • cloudfront_distribution_tags

  5. Renamed outputs:

    • None

  6. Added outputs:

    • cloudfront_vpc_origins

Motivation and Context

Breaking Changes

  • Yes

How Has This Been Tested?

  • I have updated at least one of the examples/* to demonstrate and validate my change(s)
  • I have tested and validated these changes using one or more of the provided examples/* projects
  • I have executed pre-commit run -a on my pull request

bryantbiggs
bryantbiggs commented Nov 28, 2025
View reviewed changes
README.md

- [Complete](https://github.com/terraform-aws-modules/terraform-aws-cloudfront/tree/master/examples/complete) - Complete example which creates AWS CloudFront distribution and integrates it with other [terraform-aws-modules](https://github.com/terraform-aws-modules) to create additional resources: S3 buckets, Lambda Functions, CloudFront Functions, VPC Origins, ACM Certificate, Route53 Records.

## Notes
Copy link
Member Author

@bryantbiggs bryantbiggs Nov 28, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is now solved by these added guards (both default and ordered cache behaviors) so users don't need to worry about this https://github.com/terraform-aws-modules/terraform-aws-cloudfront/pull/177/files#diff-dc46acf24afd63ef8c556b77c126ccc6e578bc87e3aa09a931f33d9bf2532fbbR36-R37

antonbabenko
antonbabenko approved these changes Nov 29, 2025
View reviewed changes
Copy link
Member

@antonbabenko antonbabenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well done! +1 for simplifying OAC vs OAI. I am always confused which one I should use. :)

@bryantbiggs bryantbiggs merged commit 5896259 into master Nov 29, 2025
7 checks passed
@bryantbiggs bryantbiggs deleted the feat/upgrade branch November 29, 2025 17:59
antonbabenko pushed a commit that referenced this pull request Nov 29, 2025
@semantic-release-bot
chore(release): version 6.0.0 [skip ci]
501d39e 
## [6.0.0](v5.2.0...v6.0.0) (2025-11-29)

### ⚠ BREAKING CHANGES

* Upgrade MSV of AWS provider to `6.20`, remove support for origin access identities (#177)

### Features

* Upgrade MSV of AWS provider to `6.20`, remove support for origin access identities ([#177](#177)) ([5896259](5896259))
@antonbabenko
Copy link
Member

antonbabenko commented Nov 29, 2025

This PR is included in version 6.0.0 🎉

@github-actions
Copy link

github-actions bot commented Dec 30, 2025

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 30, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@antonbabenko antonbabenko antonbabenko approved these changes

+1 more reviewer

@magreenbaum magreenbaum magreenbaum approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

3 participants

@bryantbiggs @antonbabenko @magreenbaum