From 97554c400f966f2e168f908f8ef277d990ad6228 Mon Sep 17 00:00:00 2001
From: Phil Varner <pvarner@element84.com>
Date: Fri, 24 May 2024 08:59:18 -0400
Subject: [PATCH 1/3] Enable auto-assignment of public IP addresses in public
 subnets

---
 CHANGELOG.md                                | 20 +++++++++++---------
 modules/base_infra/vpc_infra/vpc_subnets.tf |  5 +++--
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 874e36e4..fcb539ae 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,17 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 - For both `stac_server_inputs` and `titiler_inputs`, renamed
   `stac_server_and_titiler_s3_arns` to `authorized_s3_arns`.
+- private_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
+- public_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
+- Enable auto-assignment of public IP addresses in public subnets
+
+### Removed
+
+- VPC and subnets are no longer created by the FD VPC module, since IDs must now be provided
+  for preexisting resources.  If `deploy_vpc` was set to `true` on a previous terrform apply,
+  then this update will to attempt to delete the VPC and subnets, which will fail due to
+  resource dependencies.  The TF state will need to be manually updated to remove these
+  references without deleting the underlying AWS resources.
 
 ## [2.25.0] - 2024-05-21
 
@@ -59,15 +70,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
   - Access-Control-Allow-Methods: `CORS_METHODS`
   - Access-Control-Allow-Headers: `CORS_HEADERS`
 
-### Changed
-
-- private_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
-- public_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
-
-### Removed
-
-- VPC and subnets are no longer created by the FD VPC module, since IDs must now be provided for preexisting resources.  If `deploy_vpc` was set to `true` on a previous terrform apply, then this update will to attempt to delete the VPC and subnets, which will fail due to resource dependencies.  The TF state will need to be manually updated to remove these references without deleting the underlying AWS resources.
-
 ## [2.21.0] - 2024-05-10
 
 ### Changed
diff --git a/modules/base_infra/vpc_infra/vpc_subnets.tf b/modules/base_infra/vpc_infra/vpc_subnets.tf
index b5c0bdb3..6d39e1ed 100644
--- a/modules/base_infra/vpc_infra/vpc_subnets.tf
+++ b/modules/base_infra/vpc_infra/vpc_subnets.tf
@@ -3,8 +3,9 @@ data "aws_vpc" "filmdrop_vpc" {
 }
 
 data "aws_subnet" "public_subnets" {
-  for_each = var.public_subnets_az_to_id_map
-  id       = each.value
+  for_each                = var.public_subnets_az_to_id_map
+  id                      = each.value
+  map_public_ip_on_launch = true
 }
 
 data "aws_subnet" "private_subnets" {

From 2a2cfa0595be054eeaf48f60afa9dfc7bf15e943 Mon Sep 17 00:00:00 2001
From: Phil Varner <pvarner@element84.com>
Date: Fri, 24 May 2024 09:05:27 -0400
Subject: [PATCH 2/3] move entries to correct place in changelog

---
 CHANGELOG.md                                | 1 -
 modules/base_infra/vpc_infra/vpc_subnets.tf | 5 ++---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fcb539ae..f2769f02 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,7 +13,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
   `stac_server_and_titiler_s3_arns` to `authorized_s3_arns`.
 - private_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
 - public_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
-- Enable auto-assignment of public IP addresses in public subnets
 
 ### Removed
 
diff --git a/modules/base_infra/vpc_infra/vpc_subnets.tf b/modules/base_infra/vpc_infra/vpc_subnets.tf
index 6d39e1ed..b5c0bdb3 100644
--- a/modules/base_infra/vpc_infra/vpc_subnets.tf
+++ b/modules/base_infra/vpc_infra/vpc_subnets.tf
@@ -3,9 +3,8 @@ data "aws_vpc" "filmdrop_vpc" {
 }
 
 data "aws_subnet" "public_subnets" {
-  for_each                = var.public_subnets_az_to_id_map
-  id                      = each.value
-  map_public_ip_on_launch = true
+  for_each = var.public_subnets_az_to_id_map
+  id       = each.value
 }
 
 data "aws_subnet" "private_subnets" {

From a159834a6c64ef643fc3730a61717044c4ccf161 Mon Sep 17 00:00:00 2001
From: Phil Varner <pvarner@element84.com>
Date: Fri, 24 May 2024 09:44:32 -0400
Subject: [PATCH 3/3] update changelog and readme migration

---
 CHANGELOG.md |  4 ++--
 README.md    | 46 +++++++++++++++++++++++++++++++---------------
 2 files changed, 33 insertions(+), 17 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f2769f02..365946e5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,8 +11,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 - For both `stac_server_inputs` and `titiler_inputs`, renamed
   `stac_server_and_titiler_s3_arns` to `authorized_s3_arns`.
-- private_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
-- public_subnets_az_to_id_map now correctly using ID as the map value instead of previous cidr_block
+- `private_subnets_az_to_id_map` now correctly using ID as the map value instead of previous cidr_block
+- `public_subnets_az_to_id_map` now correctly using ID as the map value instead of previous cidr_block
 
 ### Removed
 
diff --git a/README.md b/README.md
index 739057d6..96f9f636 100644
--- a/README.md
+++ b/README.md
@@ -36,10 +36,10 @@ and has been re-created for this repository.
 
 ## Dependencies and Setup
 
-* Bash &nbsp;<sub><sup>(versions tested: 5, 3.2)<sub><sup>
-* terraform
-* nvm
-* tfenv
+- Bash &nbsp;<sub><sup>(versions tested: 5, 3.2)<sub><sup>
+- terraform
+- nvm
+- tfenv
 
 On Mac, install the two version management dependencies with:
 
@@ -47,7 +47,7 @@ On Mac, install the two version management dependencies with:
 brew install tfenv nvm
 ```
 
-*Note: if you already have `terraform` installed, you may need to unlink it
+-Note: if you already have `terraform` installed, you may need to unlink it
 first (`brew unlink terraform`), as the homebrew packages for `tfenv` and
 `terraform` are mutually exclusive.*
 
@@ -303,18 +303,34 @@ re-try your destroy.
 Document any changes that need to be made by module instances using these modules to uptake
 a newer version. For example, if a new required variable is added, this should be documented here.
 
+### Unreleased
+
+- Removes support for VPC creation. To retain the existing VPC resources, manually
+  remove them from the Terraform state file. However, you should then create another
+  IaC deployment for that VPC.
+- `stac_server_inputs` and `titiler_inputs`, renamed
+  `stac_server_and_titiler_s3_arns` to `authorized_s3_arns`.
+- `titiler_inputs.mosaic_titiler_release_tag` is now `titiler_inputs.version`
+- `cirrus_dashboard_inputs.cirrus_dashboard_release` is now `cirrus_dashboard_inputs.version`
+- `console_ui_inputs.filmdrop_ui_release` is now `console_ui_inputs.version`
+- `deploy_sample_data_bucket` option has been removed
+
+### 2.x
+
+- There were certainly many, but they were not documented.
+
 ### 1.7.0
 
-* Remove cirrus_dashboard_release_tag uses in deployment to use new default version of v0.5.1
-* Please upgrade to AWS provider `~=5.20`
+- Remove cirrus_dashboard_release_tag uses in deployment to use new default version of v0.5.1
+- Please upgrade to AWS provider `~=5.20`
 
 ### 1.6.0
 
-* The jupyterhub-dask-eks module no longer takes a parameter `kubernetes_cluster_name`,
+- The jupyterhub-dask-eks module no longer takes a parameter `kubernetes_cluster_name`,
   but now requires a parameter `environment`. Resource names that previously used
   `kubernetes_cluster_name` now construct those using the `project_name` and `environment`
   variables
-* The default OpenSearch cluster name has changed to include both
+- The default OpenSearch cluster name has changed to include both
   environment/stage, to allow for multiple deployments to a single AWS account.
   Unfortunately, an OpenSearch cluster name can't be changed after creation, so
   running a TF apply would attempt to destroy the old cluster and create a new
@@ -326,30 +342,30 @@ a newer version. For example, if a new required variable is added, this should b
 
 ### 1.5.0
 
-* console-ui.filmdrop_ui_release must be gte 4.x, e.g., `v4.0.1`. Along with this,
+- console-ui.filmdrop_ui_release must be gte 4.x, e.g., `v4.0.1`. Along with this,
   the `filmdrop_ui_env` variable should be removed, the .env files deleted, and the
   `VITE_APP_NAME` variable moved to `APP_NAME` in the config json file.
 
 ### 1.4.x
 
-* Please upgrade to AWS provider `~=5.13`
-* The WAF rules for mosaic titiler have been defined in the mosaic-titler module.  The consumer
+- Please upgrade to AWS provider `~=5.13`
+- The WAF rules for mosaic titiler have been defined in the mosaic-titler module.  The consumer
   must now pass in an "aws.east" provider because cloudfront requires global resources created in
   us-east-1.  Consumers should set the new "waf_allowed_url" variable to set the WAF rules to enable
   blocking of requests.  Leaving the default of null will set the rules to count only and disable
   blocking.  If the consumer has previous defined a mosaic titiler WAF rule using the "titiler_waf_rules_map"
   variable, this should be removed as it has been replaced with the module's implementation.
-* Remove the OpenSearch service linked role from the terraform state with `terraform state rm 'aws_iam_service_linked_role.opensearch_linked_role'`
+- Remove the OpenSearch service linked role from the terraform state with `terraform state rm 'aws_iam_service_linked_role.opensearch_linked_role'`
 
 ### 1.3.0
 
-* If your deployment does not use cloudfront in front of stac-server, the stac_api_rootpath variable
+- If your deployment does not use cloudfront in front of stac-server, the stac_api_rootpath variable
   in stac-server/inputs.tf must be set to null.  The default (empty string) is correct for when
   cloudfront is in use.
 
 ### 1.2.0
 
-* FilmDrop UI version >= 3.0.0 is now required. Previously, the configuration file was a
+- FilmDrop UI version >= 3.0.0 is now required. Previously, the configuration file was a
   JavaScript file and was placed in `./src/assets/config.js`. It is now a JSON file and is
   placed in `./public/config/config.json`. This change can be seen in
   [this commit](https://github.com/Element84/filmdrop-ui/pull/202/files#diff-06572a96a58dc510037d5efa622f9bec8519bc1beab13c9f251e97e657a9d4ed).