Merge pull request #56 from lorengordon/bump

Releases v4.0.0

.bumpversion.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 3.0.0
+current_version = 4.0.0
 commit = True
 message = Bumps version to {new_version}
 tag = False

CHANGELOG.md

@@ -4,6 +4,17 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/).
 
+### 4.0.0
+
+** Released**: 2020.04.09
+
+**Commit Delta**: [Change from 3.0.0 release](https://github.com/plus3it/terraform-aws-tardigrade-vpc-endpoints/compare/3.0.0...4.0.0)
+
+**Summary**:
+
+*   Requires fully-spec'd objects for security-group rules (backwards incompatible)
+*   Changes default ingress rule from the VPC CIDR to 0.0.0.0/0 (recommended that users pass more restrive rule)
+
 ### 3.0.0
 
 ** Released**: 2020.04.03

main.tf

@@ -18,15 +18,8 @@ data "aws_vpc_endpoint_service" "this" {
   service_name = length(regexall(data.aws_region.selected.name, each.key)) == 1 ? each.key : "com.amazonaws.${data.aws_region.selected.name}.${each.key}"
 }
 
-data "aws_vpc" "selected" {
-  count = var.create_vpc_endpoints ? 1 : 0
-
-  id = local.vpc_id
-}
-
 locals {
-  vpc_id   = join("", data.aws_subnet.selected.*.vpc_id)
-  vpc_cidr = join("", data.aws_vpc.selected.*.cidr_block)
+  vpc_id = join("", data.aws_subnet.selected.*.vpc_id)
 
   # Split Endpoints by their type
   gateway_endpoints   = toset([for e in data.aws_vpc_endpoint_service.this : e.service_name if e.service_type == "Gateway"])
@@ -39,7 +32,7 @@ locals {
 resource "aws_security_group" "this" {
   for_each = local.security_groups
 
-  description = var.create_sg_per_endpoint ? "VPC Interface ${each.key} Endpoint" : "VPC Interface Endpoints - Allow inbound from ${local.vpc_id} and allow all outbound"
+  description = var.create_sg_per_endpoint ? "VPC Interface ${each.key} Endpoint" : "VPC Interface Endpoints"
   vpc_id      = local.vpc_id
 
   dynamic "egress" {