top of page
  • Akmod

Major Updates: idem-aws 4.0.0 & idem-vault 2.0.0

Hey, fellow devs! A big Friday calls for big releases, and we're here to fill you in on some important changes to idem-aws and idem-vault. Buckle up!

idem-aws 4.0.0: Changes That Shaped a New Version

The release of idem-aws 4.0.0 marks an exciting milestone in the project. This version brings behavioral changes that add new dimensions to its functionality:

  1. ELBV2 Real Tests Failure Fix: Stability improved with these fixes, ensuring Elastic Load Balancer v2 performs smoothly.

  2. Lambda Tags & Fixes: Tags are now updated properly, even if existing tags are not present. No more inconsistencies!

  3. RDS Resources & Secrets Support: We made essential corrections in the RDS resources, along with the support to specify secrets during the creation of clusters and instances.

  4. VPC Endpoint Services & Permissions: We've enriched the VPC endpoint services with fresh resources and fixed new ones, offering more power in your hands.

These behavioral changes necessitated the major version bump, signaling an evolution in how some idem-aws resources operate.

idem-vault 2.0.0: Streamlining Secret Handling

The idem-vault update brings some significant changes!

  1. Removal of "Search" State: We've completely removed the deprecated "search" state. So, if you've been hanging on to SLS files using the search state, refer to this MR's description for how to update it.

  2. Introduction of "Describe" Functions: idem-vault states now fully implement the resource contract, which means that they now have "describe" functions. However, for the resource we have implemented so far -- HVAC's library does not allow enumeration of secrets and those describe functions will not return any states.

  3. Alias "resource_id" to "path" Parameter: This one's big for uniformity! While "path" still works, ensuring backward compatibility, it's now aliased to "resource_id." This brings consistency with resource states across other projects. Neat, right?

It was out of the scope of this release, but it's possible to add more functionality to idem-vault, such as allowing alternate mount_points for secrets besides "secret/". As well as enumerating and managing mount_points -- as drafted in this MR.


This is a leap forward for idem-aws and idem-vault. With idem-aws 4.0.0, we're embracing changes that shape the future of their resources, from squashing bugs in ELBV2 to revamping Lambda tags and fortifying RDS and VPC functionalities.

Meanwhile, idem-vault 2.0.0 is making strides in streamlining secret handling. Say goodbye to the old "search" state and hello to fresh "get" exec functions and the consistent use of "resource_id".

So grab a coffee, dig into these releases, and share your thoughts. The future's bright, and we're building it together!

Recent Posts

See All


bottom of page