Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add certificate transparency log option to ACM #18

Merged
merged 2 commits into from
Jun 10, 2020
Merged

feat: Add certificate transparency log option to ACM #18

merged 2 commits into from
Jun 10, 2020

Conversation

DrFaust92
Copy link
Contributor

@DrFaust92 DrFaust92 changed the title Add certificate transparency log option to ACM feat: Add certificate transparency log option to ACM Mar 30, 2020
@antonbabenko antonbabenko merged commit dfe5447 into terraform-aws-modules:master Jun 10, 2020
@antonbabenko
Copy link
Member

Thanks for adding this feature and reviewing this, too!

v2.6.0 has been released.

@DrFaust92 DrFaust92 mentioned this pull request Jun 10, 2020
Closed
@DrFaust92 DrFaust92 deleted the acm-options branch June 10, 2020 16:35
@woneill
Copy link

woneill commented Jun 10, 2020

Should this default to false when AWS itself defaults to true?

We were surprised to see a bunch of certificates about to be recreated after upgrading to this version of the module until we noticed that certificate_transparency_logging_preference was changing from ENABLED to DISABLED.

@antonbabenko
Copy link
Member

My bad, I was sure that @DrFaust92 and @bryantbiggs verified this, so I don't have to do it before merging. I will be able to merge a fix (if necessary) in 10-12 hours or so.

@DrFaust92
Copy link
Contributor Author

tested it by creating a new one, was not aware the default is true. creating a new PR now.

@DrFaust92 DrFaust92 mentioned this pull request Jun 10, 2020
Merged
@DrFaust92
Copy link
Contributor Author

opened #51

@bryantbiggs
Copy link
Member

ah yes, my apologies I did as @DrFaust92 and tested by creating anew

@antonbabenko
Copy link
Member

@woneill Please use v2.8.0 which has been just released.

@woneill
Copy link

woneill commented Jun 11, 2020

Thank you all for this update!

It's interesting that creating a new cert via testing might have shown different results since the AWS docs mention:

Certificate transparency logging is automatic when you request or renew a certificate unless you choose to opt out

Our certs had been created before there was even a certificate transparency log option in ACM so I assume they inherited the default settings. Perhaps there was a delay between creating a new certificate and it showing up in the transparency log?

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bryantbiggs bryantbiggs bryantbiggs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@DrFaust92 @antonbabenko @woneill @bryantbiggs