chore(deps): update terraform
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
aws (source) | required_provider | minor |
5.24.0 -> 5.39.1
|
azurerm (source) | required_provider | minor |
3.78.0 -> 3.94.0
|
google (source) | required_provider | minor |
5.5.0 -> 5.19.0
|
terraform-google-modules/kubernetes-engine/google (source) | module | minor |
30.0.0 -> 30.1.0
|
Release Notes
hashicorp/terraform-provider-aws (aws)
v5.39.1
BUG FIXES:
- data-source/aws_instance: Fix
panic: Invalid address to set
related toroot_block_device.0.tags_all
(#36054)
v5.39.0
FEATURES:
-
New Data Source:
aws_redshift_data_shares
(#35937) -
New Resource:
aws_apprunner_deployment
(#35758) -
New Resource:
aws_config_retention_configuration
(#15136) -
New Resource:
aws_securityhub_automation_rule
(#34781) -
New Resource:
aws_shield_proactive_engagement
(#34667)
ENHANCEMENTS:
- aws_kinesis_firehose_delivery_stream: Add
custom_time_zone
andfile_extension
arguments to theextended_S3_configuration
configuration block (#35969) - resource/aws_appflow_flow: Allow
task.source_fields
to be anull
value (#35993) - resource/aws_codepipeline: Add
trigger
configuration block (#35475) - resource/aws_config_configuration_recorder: Add plan-time validation of
aws_config_organization_custom_rule.lambda_function_arn
(#15136) - resource/aws_instance: Add configurable
read
timeout (#35955) - resource/aws_instance: Apply default tags to volumes/block devices managed through an
aws_instance
, addebs_block_device.*.tags_all
androot_block_device.*.tags_all
attributes which include default tags (#33769) - resource/aws_mq_broker: Add
data_replication_mode
anddata_replication_primary_broker_arn
arguments, enabling support for cross-region data replication (#35990) - resource/aws_mwaa_environment: Add
endpoint_management
attribute (#35961) - resource/aws_redshiftserverless_namespace:
Add attributes
admin_password_secret_kms_key_id
andmanage_admin_password
(#35965) - resource/aws_shield_drt_access_log_bucket_association: Support resource import (#34667)
- resource/aws_shield_drt_access_role_arn_association: Support resource import (#34667)
- resource/aws_spot_instance_request: Add configurable
read
timeout (#35955) - resource/aws_wafv2_web_acl: Add
application_integration_url
attribute (#35974)
BUG FIXES:
- data/aws_redshiftserverless_namespace: Properly set
iam_roles
attribute on read (#35965) - resource/aws_appflow_flow: Fix perpetual diff when
task.task_type
is set toMap_all
(#35993) - resource/aws_config_configuration_recorder: Fix
panic: interface conversion: interface {} is nil, not map[string]interface {}
whenrecording_group.exclusion_by_resource_types
is empty (#15136) - resource/aws_config_rule: Change
name
to ForceNew (#15136) - resource/aws_config_rule: Fix
InvalidParameterValueException: PolicyText is required when Owner is CUSTOM_POLICY
errors on resource Update (#15136) - resource/aws_ecs_task_definition: Fix perpetual
container_definitions
diffs whenName
s are ordered differently (#36029) - resource/aws_msk_replicator: Fix incorrect
detect_and_copy_new_topics
attribute value from state read/refresh (#35966) - resource/aws_redshiftserverless_workgroup: Fix
max_capacity
removal (#36032) - resource/aws_redshiftserverless_workgroup: Fix updating both
base_capacity
andmax_capacity
(#36032) - resource/aws_shield_drt_access_log_bucket_association: Change
log_bucket
androle_arn_association_id
to ForceNew (#34667)
v5.38.0
FEATURES:
-
New Data Source:
aws_batch_job_definition
(#34663) -
New Data Source:
aws_cognito_user_group
(#34046) -
New Data Source:
aws_cognito_user_groups
(#34046)
ENHANCEMENTS:
- data-source/aws_alb_target_group: Add
load_balancer_arns
attribute (#34364) - data-source/aws_ec2_instance_type: Add
maximum_network_cards
attribute (#35840) - data-source/aws_elasticache_subnet_group: Add
vpc_id
attribute (#35887) - data-source/aws_lb_target_group: Add
load_balancer_arns
attribute (#34364) - provider: Add
token_bucket_rate_limiter_capacity
parameter (#35926) - resource/aws_alb_target_group: Add
load_balancer_arns
attribute (#34364) - resource/aws_codedeploy_deployment_config: Add
arn
attribute (#35888) - resource/aws_codepipeline: Add
execution_mode
argument (#35875) - resource/aws_config_configuration_recorder: Add
recording_mode
configuration block (#35527) - resource/aws_db_instance: Add plan-time validation of
performance_insights_retention_period
(#35870) - resource/aws_elasticache_subnet_group: Add
vpc_id
attribute (#35887) - resource/aws_lb_target_group: Add
load_balancer_arns
attribute (#34364) - resource/aws_redshiftserverless_workgroup: Add
max_capacity
argument (#35720) - resource/aws_transfer_server: Add
TransferSecurityPolicy-2024-01
andTransferSecurityPolicy-FIPS-2024-01
as valid values forsecurity_policy_name
(#35879)
BUG FIXES:
- data-source/aws_caller_identity: Fix authentication signature error when alternate
sts_region
is specified (#35860) - data-source/aws_eks_access_entry: Fix
cluster_name
plan-time validation, allowing single-character names (#35874) - data-source/aws_eks_addon: Fix
cluster_name
plan-time validation, allowing single-character names (#35874) - data-source/aws_eks_cluster: Fix
name
plan-time validation, allowing single-character names (#35874) - resource/aws_cloudsearch_domain: Prevent panic when reading nil
index_field
options response values (#35900) - resource/aws_eks_access_entry: Fix
cluster_name
plan-time validation, allowing single-character names (#35874) - resource/aws_eks_access_policy_association: Fix
cluster_name
plan-time validation, allowing single-character names (#35874) - resource/aws_eks_addon: Fix
cluster_name
plan-time validation, allowing single-character names (#35874) - resource/aws_eks_cluster: Fix
name
plan-time validation, allowing single-character names (#35874) - resource/aws_eks_fargate_profile: Fix
cluster_name
plan-time validation, allowing single-character names (#35874) - resource/aws_eks_node_group: Fix
cluster_name
plan-time validation, allowing single-character names (#35874) - resource/aws_prometheus_scraper: Fixes invalid result after apply error. (#35844)
- resource/aws_sqs_queue_policy: Retry IAM eventual consistency errors (#35861)
v5.37.0
NOTES:
- provider: Updates to Go 1.21 (used by Terraform starting with v1.6.0), which, for Windows, requires at least Windows 10 or Windows Server 2016--support for previous versions has been discontinued--and, for macOS, requires macOS 10.15 Catalina or later--support for previous versions has been discontinued. (#35832)
- resource/aws_bedrock_provisioned_model_throughput: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#35689)
FEATURES:
-
New Data Source:
aws_db_parameter_group
(#35698) -
New Resource:
aws_bedrock_provisioned_model_throughput
(#35689) -
New Resource:
aws_cloudfront_key_value_store
(#35663) -
New Resource:
aws_redshift_data_share_consumer_association
(#35771)
ENHANCEMENTS:
- data-source/aws_ecr_pull_through_cache_rule: Add
credential_arn
attribute (#34475) - data-source/aws_ecs_task_execution: Add
client_token
argument (#34402) - data-source/aws_neptune_cluster_instance: Add
skip_final_snapshot
argument (#35698) - data-source/aws_rds_engine_version: Improve search functionality and options by adding
latest
,preferred_major_targets
, andpreferred_upgrade_targets
. Addversion_actual
attribute (#35698) - data-source/aws_rds_orderable_db_instance: Improve search functionality and options by adding
engine_latest_version
andsupports_clusters
arguments and convertingread_replica_capable
,supported_engine_modes
,supported_network_types
, andsupports_multi_az
to arguments for use as search criteria (#35698) - resource/aws_appsync_graphql_api: Add
introspection_config
,query_depth_limit
, andresolver_count_limit
arguments (#35631) - resource/aws_codeartifact_domain: Add
s3_bucket_arn
attribute (#35760) - resource/aws_ecr_pull_through_cache_rule: Add
credential_arn
argument (#34475) - resource/aws_ecs_service: Add
service_connect_configuration.service.timeout
andservice_connect_configuration.service.tls
configuration blocks (#35684) - resource/aws_ecs_task_definition: Add
track_latest
argument (#30154) - resource/aws_glue_catalog_database: Add
federated_database
argument (#35799) - resource/aws_glue_trigger: Add configurable
timeouts
(#35542) - resource/aws_rds_cluster: Add
domain
anddomain_iam_role_name
arguments to support Kerberos authentication (#35753) - resource/aws_route53_record: Add
geoproximity_routing_policy
configuration block to support geoproximity routing (#35565) - resource/aws_route53_resolver_rule: Add
target_ip.protocol
argument (#35744) - resource/aws_sagemaker_endpoint_configuration: Add
routing_config
argument. Enables the specification of arouting_strategy
. (#34777) - resource/aws_sagemaker_space: Add
ownership_settings
,space_sharing_settings
,space_settings.app_type
,space_settings.code_editor_app_settings
,space_settings.custom_file_system
,space_settings.jupyter_lab_app_settings
, andspace_settings.space_storage_settings
arguments (#35116)
BUG FIXES:
- provider: Fix
failed to get rate limit token, retry quota exceeded
errors (#35817) - resource/aws_apigateway_domain_name: Properly send changes to
ownership_verification_certificate_arn
on update (#35777) - resource/aws_apigatewayv2_route: Fix
BadRequestException: Unable to update route. Authorizer type is invalid or null
errors when updatingauthorizer_id
(#35821) - resource/aws_autoscaling_group: Fix version to computed for inconsistent final plan issue (#35774)
- resource/aws_datasync_task: Fix crash when reading empty
report_override
values (#35778) - resource/aws_datasync_task: Prevent ValidationErrors when empty values are sent with
report_override
arguments (#35778) - resource/aws_db_proxy: Change
auth
fromTypeList
toTypeSet
as order is not significant (#35819) - resource/aws_ecs_account_setting_default: Remove plan-time validation of
value
(#33393) - resource/aws_ecs_task_definition: Fix perpetual
container_definitions
diffs whenSecrets
are ordered differently (#35792) - resource/aws_eks_access_policy_association: Retry IAM eventual consistency errors on create (#35736)
- resource/aws_instance: Fix
ReservationCapacityExceeded
errors when updatinginstance_type
andcapacity_reservation_specification.capacity_reservation_target.capacity_reservation_id
(#33412) - resource/aws_lakeformation_resource: Properly handle configured
false
values foruse_service_linked_role
(#35799) - resource/aws_medialive_channel: Added
client_cache
tohls_group_settings
. (#35738) - resource/aws_ram_resource_share_accepter: Fix handling of out-of-band resource share deletion (#35800)
- resource/aws_redshift_data_share_authorization: Fix read operation to properly handle shares in
ACTIVE
status (#35771) - resource/aws_s3_bucket_acl: Correctly updates
access_control_policy
when switching configuration toacl
. (#35775) - resource/resource_share_acceptor: Wait until RAM resource share available after accepting the invitation (#34753)
v5.36.0
NOTES:
- data-source/aws_media_convert_queue: The AWS Elemental MediaConvert service has been converted to use standard Regional endpoints instead of deprecated per-account endpoints (#35615)
- resource/aws_controltower_landing_zone: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#34595)
- resource/aws_media_convert_queue: The AWS Elemental MediaConvert service has been converted to use standard Regional endpoints instead of deprecated per-account endpoints (#35615)
FEATURES:
-
New Resource:
aws_controltower_landing_zone
(#34595) -
New Resource:
aws_osis_pipeline
(#35582) -
New Resource:
aws_redshift_data_share_authorization
(#35703) -
New Resource:
aws_securitylake_custom_log_source
(#35354)
ENHANCEMENTS:
- resource/aws_cloudwatch_metric_stream: Add plan-time validation of
output_format
(#35569) - resource/aws_db_instance: Add
diag.log
andnotify.log
as valid values forenabled_cloudwatch_logs_exports
(#35626) - resource/aws_db_instance: Add
domain_auth_secret_arn
,domain_dns_ips
,domain_fqdn
, anddomain_ou
arguments to support self-managed Active Directory (#35500) - resource/aws_s3_bucket_metric: Add
filter.access_point
argument (#35590) - resource/aws_verifiedaccess_group: Add
sse_configuration
argument (#34055)
BUG FIXES:
- resource/aws_db_instance: Creating resource from point-in-time recovery now handles
password
attribute correctly (#35589) - resource/aws_dynamodb_table: Ensure that
replica
s are always set on Read (#35630) - resource/aws_emr_cluster: Properly normalize
launch_specifications.on_demand_specification.allocation_strategy
andlaunch_specifications.spot_specification.allocation_strategy
values to fix perpetual state differences (#34367) - resource/aws_kinesis_firehose_delivery_stream: Change
extended_s3_configuration.processing_configuration.processors.parameters
fromTypeList
toTypeSet
as order is not significant (#35672) - resource/aws_lambda_function: Resolve consecutive diff issue in
logging_config
when values forapplication_log_level
orsystem_log_level
are not specified (#35694) - resource/aws_lb_listener: Fixes unexpected diff when using
default_action
parameters which don't match thetype
. (#35678) - resource/aws_lb_listener: Was incorrectly reporting conflicting
default_action[].target_group_arn
whenignore_changes
was set. (#35671) - resource/aws_lb_listener: Was not storing
default_action[].forward
in state if only a singletarget_group
was set. (#35671) - resource/aws_lb_listener_rule: Fixes unexpected diff when using
action
parameters which don't match thetype
. (#35678) - resource/aws_lb_listener_rule: Was incorrectly reporting conflicting
action[].target_group_arn
whenignore_changes
was set. (#35671) - resource/aws_lb_listener_rule: Was not storing
action[].forward
in state if only a singletarget_group
was set. (#35671) - resource/aws_ssm_patch_baseline: Mark
json
as Computed if there are content changes (#35606)
v5.35.0
FEATURES:
-
New Data Source:
aws_bedrock_custom_model
(#34310) -
New Data Source:
aws_bedrock_custom_models
(#34310) -
New Data Source:
aws_ssmcontacts_rotation
(#32710) -
New Resource:
aws_bedrock_custom_model
(#34310) -
New Resource:
aws_lexv2models_slot
(#34617) -
New Resource:
aws_lexv2models_slot_type
(#35555) -
New Resource:
aws_rekognition_collection
(#35407) -
New Resource:
aws_sesv2_email_identity_policy
(#35486) -
New Resource:
aws_ssmcontacts_rotation
(#32710)
ENHANCEMENTS:
- data-source/aws_redshift_cluster: Add
multi_az
attribute (#35508) - resource/aws_lakeformation_resource: Add
hybrid_access_enabled
argument (#35571) - resource/aws_lakeformation_resource: Add
with_federation
argument (#35154) - resource/aws_redshift_cluster: Add
multi_az
argument (#35508) - resource/aws_redshiftserverless_endpoint_access: Add
owner_account
argument (#35509) - resource/aws_wafv2_rule_group: Add
header_order
tofield_to_match
configuration blocks (#35521) - resource/aws_wafv2_web_acl: Add
header_order
tofield_to_match
configuration blocks (#35521)
BUG FIXES:
- data-source/aws_networkmanager_core_network_policy_document: Remove
core_network_configuration.edge_locations
maximum item limit (#35585) - resource/aws_backup_plan: Fix
InvalidParameterValueException: Invalid lifecycle. EBS Cold Tier is not yet supported
errors on resource Create in AWS GovCloud (US) (#35560) - resource/aws_cognito_user_group: Allow import of user groups with names containing
/
(#35501) - resource/aws_dms_event_subscription: Mark
source_ids
as Optional. This fixes a regression introduced in v5.31.0 (#35541) - resource/aws_efs_file_system: Increase
lifecycle_policy
maximum item limit to 3 (#35522) - resource/aws_eks_access_entry: Retry IAM eventual consistency errors on create (#35535)
- resource/aws_finspace_kx_cluster: Increase
command_line_arguments
max length restriction from 50 to 1024. (#35581)
v5.34.0
FEATURES:
-
New Resource:
aws_rekognition_project
(#35429) -
New Resource:
aws_route53domains_delegation_signer_record
(#33596)
ENHANCEMENTS:
- data-source/aws_codecommit_repository: Add
kms_key_id
attribute (#35095) - data-source/aws_imagebuilder_components: Add support for
ThirdParty
owner
value (#35286) - data-source/aws_imagebuilder_container_recipes: Add support for
ThirdParty
owner
value (#35286) - data-source/aws_imagebuilder_image_recipes: Add support for
ThirdParty
owner
value (#35286) - data-source/aws_ssm_patch_baseline: Add
json
attribute to facilitate use with S3 buckets (#33402) - resource/aws_accessanalyzer_analyzer: Add
configuration
configuration block (#35310) - resource/aws_appflow_flow: Add
flow_status
attribute (#34948) - resource/aws_codecommit_repository: Add
kms_key_id
argument (#35095) - resource/aws_codecommit_trigger: Add plan-time validation of
trigger.destination_arn
andtrigger.events
(#35095) - resource/aws_ecs_capacity_provider: Add
auto_scaling_group_provider.managed_draining
argument (#35421) - resource/aws_fis_experiment_template: Add support for
AutoScalingGroups
,Buckets
,ReplicationGroups
,Tables
andTransitGateways
toaction.*.target
(#35300) - resource/aws_fsx_openzfs_file_system: Add
skip_final_backup
argument (#35320) - resource/aws_network_interface_sg_attachment: Increase default timeouts to 3 minutes and allow them to be configured (#35435)
- resource/aws_prometheus_scraper: Add
role_arn
attribute (#35453) - resource/aws_route53domains_registered_domain: Support resource import (#33596)
- resource/aws_ssm_patch_baseline: Add
json
attribute to facilitate use with S3 buckets (#33402) - resource/aws_wafv2_web_acl: Add
challenge_config
argument (#35367)
BUG FIXES:
- resource/aws_codebuild_project: Allow
build_batch_config
to be removed on Update (#34121) - resource/aws_eks_access_entry: Mark
kubernetes_groups
as Computed (#35391) - resource/aws_eks_access_entry: Mark
type
anduser_name
as Optional, allowing values to be configured (#35391) - resource/aws_grafana_license_association: Fix missing
workspace_id
attribute after import (#35290) - resource/aws_security_group_rule: Fix
UnsupportedOperation: The functionality you requested is not available in this region
errors on Read in certain partitions (#33484)
v5.33.0
FEATURES:
-
New Data Source:
aws_eks_access_entry
(#35037) -
New Resource:
aws_eks_access_entry
(#35037) -
New Resource:
aws_eks_access_policy_association
(#35037) -
New Resource:
aws_lexv2models_intent
(#34891)
ENHANCEMENTS:
- data-source/aws_eks_cluster: Add
access_config
attribute (#35037) - data-source/aws_secretsmanager_secret: Add
created_date
andlast_changed_date
attributes (#35117) - data-source/aws_secretsmanager_secret_version: Add
created_date
attribute (#35117) - resource/aws_backup_plan: Add
rule.lifecycle.opt_in_to_archive_for_supported_resources
andrule.copy_action.lifecycle.opt_in_to_archive_for_supported_resources
and arguments (#34994) - resource/aws_eks_cluster: Add
access_config
configuration block (#35037) - resource/aws_lakeformation_resource: Add
use_service_linked_role
argument (#35284) - resource/aws_secretsmanager_secret_rotation: Add
rotate_immediately
argument (#35105)
BUG FIXES:
- resource/aws_datasync_task: Allow
schedule
to be removed successfully (#35282) - resource/aws_fis_experiment_template: Fix validation error when not using
target.resource_arns
ortarget.resource_tag
attributes. (#35254) - resource/aws_lb_listener: Fix
ValidationError: Mutual Authentication mode passthrough does not support ignoring certificate expiry
errors whenmutual_authentication.mode
is set topassthrough
(#35289) - resource/aws_secretsmanager_secret_version: Fix
InvalidParameterException: The parameter RemoveFromVersionId can't be empty. Staging label AWSCURRENT is currently attached to version ..., so you must explicitly reference that version in RemoveFromVersionId
errors when a secret is updated outside Terraform (#19943)
v5.32.1
BUG FIXES:
- data-source/aws_ecr_image: Fix error when
most_recent
is not alsolatest
(#35269) - resource/aws_iot_ca_certificate: Change
registration_config.role_arn
fromTypeBool
toTypeString
, fixingInappropriate value for attribute "role_arn": a bool is required
errors (#35234) - resource/aws_mq_broker: Fix
interface conversion: interface {} is *schema.Set, not []string
panic (#35265)
v5.32.0
FEATURES:
-
New Data Source:
aws_mq_broker_engine_types
(#34232) -
New Data Source:
aws_msk_bootstrap_brokers
(#32484) -
New Data Source:
aws_verifiedpermissions_policy_store
(#32204) -
New Resource:
aws_ebs_fast_snapshot_restore
(#35211) -
New Resource:
aws_elasticache_serverless_cache
(#34951) -
New Resource:
aws_imagebuilder_workflow
(#35097) -
New Resource:
aws_kinesis_resource_policy
(#35167) -
New Resource:
aws_prometheus_scraper
(#34749) -
New Resource:
aws_securitylake_aws_log_source
(#34974) -
New Resource:
aws_ssoadmin_application_access_scope
(#34811) -
New Resource:
aws_verifiedpermissions_policy_store
(#32204) -
New Resource:
aws_verifiedpermissions_policy_template
(#32205) -
New Resource:
aws_verifiedpermissions_schema
(#32204)
ENHANCEMENTS:
- data-source/aws_batch_compute_environment: Add
update_policy
attribute (#34353) - data-source/aws_ecr_image: Add
image_uri
attribute (#24526) - data-source/aws_efs_file_system: Add
lifecycle_policy.transition_to_archive
attribute (#35096) - data-source/aws_efs_file_system: Add
protection
attribute (#35029) - data-source/aws_elastic_beanstalk_hosted_zone: Add hosted zone ID for
il-central-1
AWS Region (#35131) - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for
ca-west-1
AWS Region (#35131) - data-source/aws_fsx_ontap_file_system: Add
ha_pairs
andthroughput_capacity_per_ha_pair
attributes (#34993) - data-source/aws_glue_catalog_table: Add
region
attribute totarget_table
block. (#34817) - data-source/aws_lambda_function: Add
logging_config
attribute (#35050) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for
ca-west-1
AWS Region (#35131) - data-source/aws_lb_target_group: Add
load_balancing_anomaly_mitigation
attribute (#35083) - data-source/aws_msk_configuration: Remove
name
length validation (#34399) - data-source/aws_networkfirewall_firewall_policy: Add
firewall_policy.tls_inspection_configuration_arn
attribute (#35094) - data-source/aws_prometheus_workspace: Add
kms_key_arn
attribute (#35062) - data-source/aws_route53_resolver_endpoint: Add
protocols
attribute (#35098) - data-source/aws_route53_resolver_endpoint: Add
resolver_endpoint_type
attribute (#34798) - data-source/aws_s3_bucket: Add hosted zone ID for
ca-west-1
AWS Region (#35131) - provider: Support
ca-west-1
as a valid AWS Region (#35131) - resource/aws_appflow_flow: Add
destination_connector_properties.s3.s3_output_format_config.target_file_size
argument (#35215) - resource/aws_appstream_fleet: Increase
idle_disconnect_timeout_in_seconds
max value for validation to 360000 (#35173) - resource/aws_autoscaling_group: Add
instance_refresh.preferences.max_healthy_percentage
attribute (#34929) - resource/aws_autoscaling_group: Fix
ValidationError: The instance ... is not part of Auto Scaling group ...
errors on resource Delete when disabling scale-in protection for instances that are already fully terminated (#35071) - resource/aws_batch_compute_environment: Add
update_policy
parameter (#34353) - resource/aws_batch_job_definition: Add
scheduling_priority
argument andarn_prefix
attribute (#34997) - resource/aws_cloud9_environment_ec2: Add
amazonlinux-2023-x86_64
andresolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64
as valid values forimage_id
(#35020) - resource/aws_codepipeline: Add
pipeline_type
argument andvariable
configuration block (#34841) - resource/aws_dms_replication_task: Allow
cdc_start_time
to use RFC3339 formatted dates in addition to UNIX timestamps (#31917) - resource/aws_dms_replication_task: Remove ForceNew from
replication_instance_arn
, allowing in-place migration between DMS instances (#30721) - resource/aws_efs_file_system: Add
lifecycle_policy.transition_to_archive
argument (#35096) - resource/aws_efs_file_system: Add
protection
configuration block (#35029) - resource/aws_efs_replication_configuration: Increase Create timeout to 20 minutes (#34955)
- resource/aws_efs_replication_configuration: Mark
destination.file_system_id
as Optional, enabling EFS replication fallback (#34955) - resource/aws_finspace_kx_dataview: Increase default create, update, and delete timeouts to 4 hours (#35207)
- resource/aws_finspace_kx_scaling_group: Increase default create, delete timeouts to 4 hours (#35206)
- resource/aws_fsx_lustre_file_system: Allow
per_unit_storage_throughput
to be updated in-place (#34932) - resource/aws_fsx_ontap_file_system: Add
ha_pairs
andthroughput_capacity_per_ha_pair
arguments (#34993) - resource/aws_fsx_ontap_file_system: Increase maximum value of
disk_iops_configuration.iops
to2400000
(#34993) - resource/aws_fsx_ontap_file_system:
throughput_capacity
is Optional (#34993) - resource/aws_glue_catalog_table: Add
region
attribute totarget_table
block. (#34817) - resource/aws_glue_classifier: Add
csv_classifier.serde
argument (#34251) - resource/aws_kinesis_firehose_delivery_stream: Add
opensearch_configuration.document_id_options
configuration block (#35137) - resource/aws_kinesis_firehose_delivery_stream: Add
splunk_configuration.buffering_interval
andsplunk_configuration.buffering_size
arguments (#35137) - resource/aws_kinesis_firehose_delivery_stream: Adjust
elasticsearch_configuration.buffering_interval
,http_endpoint_configuration.buffering_interval
,opensearch_configuration.buffering_interval
,opensearchserverless_configuration.buffering_interval
,redshift_configuration.s3_backup_configuration.buffering_interval
,extended_s3_configuration.s3_backup_configuration.buffering_interval
,elasticsearch_configuration.s3_configuration.buffering_interval
,http_endpoint_configuration.s3_configuration.buffering_interval
,opensearch_configuration.s3_configuration.buffering_interval
,opensearchserverless_configuration.s3_configuration.buffering_interval
,redshift_configuration.s3_configuration.buffering_interval
andsplunk_configuration.s3_configuration.buffering_interval
minimum values to0
to support zero buffering (#35137) - resource/aws_kms_key: Add
xks_key_id
attribute (#31216) - resource/aws_lambda_function: Add
logging_config
configuration block in support of advanced logging controls (#35050) - resource/aws_lambda_function: Add support for
python3.12
runtime
value (#35049) - resource/aws_lambda_layer_version: Add support for
python3.12
compatible_runtimes
value (#35049) - resource/aws_lb_target_group: Add
load_balancing_anomaly_mitigation
argument (#35083) - resource/aws_lb_target_group: Add
weighted_random
as a valid value forload_balancing_algorithm_type
(#35083) - resource/aws_neptune_cluster: Add
storage_type
argument (#34985) - resource/aws_neptune_cluster_instance: Add
storage_type
attribute (#34985) - resource/aws_networkfirewall_firewall: Add configurable timeouts (#34918)
- resource/aws_networkfirewall_firewall_policy: Add
firewall_policy.tls_inspection_configuration_arn
argument (#35094) - resource/aws_prometheus_workspace: Add
kms_key_arn
argument, enabling encryption at-rest using AWS KMS Customer Managed Keys (CMK) (#35062) - resource/aws_redshiftserverless_workgroup: Add
port
argument (#34925) - resource/aws_route53_resolver_endpoint: Add
protocols
argument (#35098) - resource/aws_route53_resolver_endpoint: Add
resolver_endpoint_type
argument (#34798) - resource/aws_s3_bucket: Modify resource Read to support third-party S3 API implementations. Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#35035)
- resource/aws_s3_bucket: Modify server-side encryption configuration error handling, enabling support for NetApp StorageGRID (#34890)
- resource/aws_transfer_server: Add
TransferSecurityPolicy-PQ-SSH-Experimental-2023-04
andTransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04
as valid values forsecurity_policy_name
(#35129) - resource/aws_verifiedaccess_endpoint: Add
policy_document
argument (#34264)
BUG FIXES:
- data-source/aws_lb_target_group: Change
deregistration_delay
fromTypeInt
toTypeString
(#31436) - data-source/aws_s3_bucket_object: Remove any leading
./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223) - data-source/aws_s3_object: Remove any leading
./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223) - resource/aws_cloud9_environment_ec2:
image_id
is Required (#35020) - resource/aws_codebuild_project: Prevent erroneous diffs on
build_timeout
andqueued_timeout
for Lambda compute types (#35043) - resource/aws_datasync_agent: Fix import of agents created with
activation_key
by removing requirement for one ofip_address
oractivation_key
to be set (#35150) - resource/aws_dms_replication_config: Prevent erroneous diffs on
replication_settings
(#34356) - resource/aws_dms_replication_task: Prevent erroneous diffs on
replication_task_settings
(#34356) - resource/aws_dynamodb_table: Fix error when waiting for snapshot to be created (#34848)
- resource/aws_finspace_kx_dataview: Properly set
arn
attribute on read, resolving persistent differences whentags
are configured (#34998) - resource/aws_glue_catalog_database: Properly handle out-of-band resource deletion (#35195)
- resource/aws_iot_indexing_configuration: Correct plan-time validation of
thing_indexing_configuration.filter.named_shadow_names
(#35225) - resource/aws_kinesis_firehose_delivery_stream: Fix
InvalidArgumentException: Both BufferSizeInMBs and BufferIntervalInSeconds are required to configure buffering for lambda processor
errors on resource Update (#26964) - resource/aws_kinesis_firehose_delivery_stream: Fix perpetual
extended_s3_configuration.processing_configuration.processors.parameters
diffs when processor type isLambda
(#35137) - resource/aws_lambda_function: Ensure lambda does not get deployed if
source_code_hash
does not change. (#29921) - resource/aws_lb: Fix
ValidationError: Attributes cannot be empty
errors (#35228) - resource/aws_lb_target_group: Fix diff on
stickiness.cookie_name
whenstickiness.type
islb_cookie
(#31436) - resource/aws_memorydb_cluster: Treat
snapshotting
status as pending when creating cluster (#31077) - resource/aws_ram_principal_association: Fix
reading RAM Resource Share (...) Principal Association (...): couldn't find resource (21 retries)
errors when a high number of principals are associated with a resource share (#34738) - resource/aws_s3_bucket_object: Remove any leading
./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223) - resource/aws_s3_object: Remove any leading
./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223) - resource/aws_s3_object_copy: Remove any leading
./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223) - resource/aws_secretsmanager_secret_rotation: No longer ignores changes to
rotation_rules.automatically_after_days
whenrotation_rules.schedule_expression
is set. (#35024) - resource/aws_ses_configuration_set: Fix
tracking_options
being omitted from state and resulting in persistent diff (#35056) - resource/aws_ssoadmin_application: Fix
portal_options.sign_in_options.application_url
triggeringValidationError
when unset (#34967)
v5.31.0
FEATURES:
-
New Data Source:
aws_polly_voices
(#34916) -
New Data Source:
aws_ssoadmin_application_assignments
(#34796) -
New Data Source:
aws_ssoadmin_principal_application_assignments
(#34815) -
New Resource:
aws_finspace_kx_dataview
(#34828) -
New Resource:
aws_finspace_kx_scaling_group
(#34832) -
New Resource:
aws_finspace_kx_volume
(#34833) -
New Resource:
aws_ssoadmin_trusted_token_issuer
(#34839)
ENHANCEMENTS:
- data-source/aws_cloudwatch_log_group: Add
log_group_class
attribute (#34812) - data-source/aws_dms_endpoint: Add
postgres_settings
attribute (#34724) - data-source/aws_lb: Add
connection_logs
attribute (#34864) - data-source/aws_lb: Add
dns_record_client_routing_policy
attribute (#34135) - data-source/aws_opensearchserverless_collection: Add
standby_replicas
attribute (#34677) - resource/aws_db_instance: Add support for IBM Db2 databases (#34834)
- resource/aws_dms_endpoint: Add
elasticsearch_settings.use_new_mapping_type
argument (#29470) - resource/aws_dms_endpoint: Add
postgres_settings
configuration block (#34724) - resource/aws_finspace_kx_cluster: Add
database.dataview_name
,scaling_group_configuration
, andtickerplant_log_configuration
arguments. (#34831) - resource/aws_finspace_kx_cluster: The
capacity_configuration
argument is now optional. (#34831) - resource/aws_lb: Add
connection_logs
configuration block (#34864) - resource/aws_lb: Add plan-time validation that exactly one of either
subnets
orsubnet_mapping
is configured (#33205) - resource/aws_lb: Allow the number of
subnet_mapping
s for Application Load Balancers to be changed without recreating the resource (#33205) - resource/aws_lb: Allow the number of
subnet_mapping
s for Network Load Balancers to be increased without recreating the resource (#33205) - resource/aws_lb: Allow the number of
subnets
for Network Load Balancers to be increased without recreating the resource (#33205) - resource/aws_opensearchserverless_collection: Add
standby_replicas
attribute (#34677)
BUG FIXES:
- data-source/aws_ecr_pull_through_cache_rule: Fix plan time validation for
ecr_repository_prefix
(#34716) - provider: Always use the S3 regional endpoint in
us-east-1
for S3 directory bucket operations. This fixesno such host
errors (#34893) - resource/aws_appmesh_virtual_node: Remove limit of 50
backend
s per virtual node (#34774) - resource/aws_cloudwatch_log_group: Fix
invalid new value for .skip_destroy: was cty.False, but now null
errors (#30354) - resource/aws_cloudwatch_log_group: Remove default value (
STANDARD
) forlog_group_class
argument and mark as Computed. This fixesInvalidParameterException: Only Standard log class is supported
errors in AWS Regions other than AWS Commercial (#34812) - resource/aws_db_instance: Fix error where Terraform loses track of resource if Blue/Green Deployment is applied outside of Terraform (#34728)
- resource/aws_dms_event_subscription:
source_ids
andsource_type
are Required (#33731) - resource/aws_ecr_pull_through_cache_rule: Fix plan time validation for
ecr_repository_prefix
(#34716) - resource/aws_lb: Correct in-place update of
security_groups
for Network Load Balancers when the new value is Computed (#33205) - resource/aws_lb: Fix
InvalidConfigurationRequest: Load balancer attribute key 'dns_record.client_routing_policy' is not supported on load balancers with type 'network'
errors on resource Create in AWS GovCloud (US) (#34135) - resource/aws_medialive_channel: Fixed errors related to setting the
failover_condition
argument (#33410) - resource/aws_securitylake_data_lake: Fix
reflect.Set: value of type basetypes.StringValue is not assignable to type types.ARN
panic when importing resources withnil
ARN fields (#34820) - resource/aws_vpc: Increase IPAM pool allocation deletion timeout from 20 minutes to 35 minutes (#34859)
v5.30.0
FEATURES:
-
New Data Source:
aws_codeguruprofiler_profiling_group
(#34672) -
New Data Source:
aws_ecr_repositories
(#34446) -
New Data Source:
aws_lb_trust_store
(#34584) -
New Data Source:
aws_ssoadmin_application
(#34773) -
New Data Source:
aws_ssoadmin_application_providers
(#34670) -
New Resource:
aws_codeguruprofiler_profiling_group
(#34672) -
New Resource:
aws_customerprofiles_domain
(#34622) -
New Resource:
aws_customerprofiles_profile
(#34622) -
New Resource:
aws_lb_trust_store
(#34584) -
New Resource:
aws_lb_trust_store_revocation
(#34584) -
New Resource:
aws_securitylake_data_lake
(#34521) -
New Resource:
aws_ssoadmin_application
(#34723) -
New Resource:
aws_ssoadmin_application_assignment
(#34741) -
New Resource:
aws_ssoadmin_application_assignment_configuration
(#34752)
ENHANCEMENTS:
- data-source/aws_appconfig_configuration_profile: Add
kms_key_identifier
attribute (#34725) - data-source/aws_lb: Add
enforce_security_group_inbound_rules_on_private_link_traffic
attribute (#33767) - data-source/aws_lb_listener: Add
mutual_authentication
attribute (#34584) - resource/aws_appconfig_configuration_profile: Add
kms_key_identifier
attribute (#34725) - resource/aws_appconfig_deployment: Add
kms_key_identifier
attribute (#34739) - resource/aws_cloudwatch_log_group: Add
log_group_class
argument (#34679) - resource/aws_lb: Add
enforce_security_group_inbound_rules_on_private_link_traffic
argument (#33767) - resource/aws_lb_listener: Add
mutual_authentication
configuration block (#34584) - resource/aws_s3_bucket: Fix
stack overflow
fatal errors on resource Delete whenforce_destroy
istrue
and the bucket contains delete markers (#34712) - resource/aws_sagemaker_app: Add
resource_spec.sagemaker_image_version_alias
argument (#34729) - resource/aws_sagemaker_app_image_config: Add
jupyter_lab_image_config
configuration block (#34696) - resource/aws_sagemaker_domain: Add
default_user_settings.code_editor_app_settings
,default_user_settings.custom_file_system_config
,default_user_settings.custom_posix_user_config
,default_user_settings.default_landing_uri
,default_user_settings.jupyter_lab_app_settings
,default_user_settings.space_storage_settings
,default_user_settings.studio_web_portal
arguments (#34729) - resource/aws_sagemaker_domain: Add
sagemaker_image_version_alias
argument under alldefault_resource_spec
blocks (#34729) - resource/aws_sagemaker_domain: Add
single_sign_on_application_arn
attribute (#34729) - resource/aws_sagemaker_space: Add
sagemaker_image_version_alias
argument under alldefault_resource_spec
blocks (#34729) - resource/aws_sagemaker_space: Add
space_display_name
argument (#34729) - resource/aws_sagemaker_space: Add
url
attribute (#34729) - resource/aws_sagemaker_user_profile: Add
sagemaker_image_version_alias
argument under alldefault_resource_spec
blocks (#34729) - resource/aws_sagemaker_user_profile: Add
user_settings.code_editor_app_settings
,user_settings.custom_file_system_config
,user_settings.custom_posix_user_config
,user_settings.default_landing_uri
,user_settings.jupyter_lab_app_settings
,user_settings.space_storage_settings
,user_settings.studio_web_portal
arguments (#34729) - resource/aws_transfer_server: Add support for
TransferSecurityPolicy-FIPS-2023-05
security_policy_name
value (#34709)
BUG FIXES:
- resource/aws_ami: Correctly sets
deprecation_time
on creation and update due to eventual consistency (#34691) - resource/aws_ami: Correctly sets
description
on update due to eventual consistency (#34691) - resource/aws_ami: Now allows removing
deprecation_time
(#34691) - resource/aws_appflow_flow: Fix perpetual diff on
destination_flow_config
(#34770) - resource/aws_backup_vault_policy: Fix eventual consistency error when waiting for IAM (#34671)
- resource/aws_eks_pod_identity_association: Retry IAM eventual consistency errors on create and update (#34717)
- resource/aws_glue_connection: Fix crash while creating resource with empty
physical_connection_requirements
configuration block (#34737)
v5.29.0
FEATURES:
-
New Resource:
aws_docdbelastic_cluster
(#31033) -
New Resource:
aws_eks_pod_identity_association
(#34566)
ENHANCEMENTS:
- resource/aws_docdb_cluster: Add
storage_type
argument (#34637) - resource/aws_neptune_parameter_group: Add
name_prefix
argument (#34500)
BUG FIXES:
- resource/aws_networkmanager_attachment_accepter: Now revokes attachment on deletion for VPC Attachments (#34547)
- resource/aws_networkmanager_vpc_attachment: Fixes error when modifying
options
fields while waiting for acceptance (#34547) - resource/aws_networkmanager_vpc_attachment: Fixes error where VPC Attachments waiting for acceptance could not be deleted (#34547)
- resource/aws_s3_directory_bucket: Fix
NotImplemented: This bucket does not support Object Versioning
errors on resource Delete whenforce_destroy
istrue
(#34647)
v5.28.0
FEATURES:
ENHANCEMENTS:
- resource/aws_s3control_access_grants_instance: Add
identity_center_arn
argument andidentity_center_application_arn
attribute (#34582)
BUG FIXES:
- resource/aws_elaticache_replication_group: Fix regression caused by the introduction of the
auth_token_update_strategy
argument with a default value (#34600)
v5.27.0
NOTES:
- provider: This release includes an update to the AWS SDK for Go v2 with breaking type changes to several services:
internetmonitor
,ivschat
,pipes
, ands3
. These changes primarily affect how arguments with default values are serialized for outbound requests, changing scalar types to pointers. See this AWS SDK for Go V2 issue for additional context. The corresponding provider changes should make this breakfix transparent to users, but as with any breaking change there is the potential for missed edge cases. If errors are observed in the impacted resources, please link to this dependency update pull request in the bug report (#34476)
FEATURES:
-
New Data Source:
aws_emr_supported_instance_types
(#34481) -
New Resource:
aws_apprunner_default_auto_scaling_configuration_version
(#34292) -
New Resource:
aws_lexv2models_bot_version
(#33858) -
New Resource:
aws_s3control_access_grant
(#34564) -
New Resource:
aws_s3control_access_grants_instance
(#34564) -
New Resource:
aws_s3control_access_grants_instance_resource_policy
(#34564) -
New Resource:
aws_s3control_access_grants_location
(#34564)
ENHANCEMENTS:
- resource/aws_apprunner_auto_scaling_configuration_version: Add
has_associated_service
andis_default
attributes (#34292) - resource/aws_apprunner_service: Add
network_configuration.ip_address_type
argument (#34292) - resource/aws_apprunner_service: Add
source_configuration.code_repository.source_directory
argument to support monorepos (#34292) - resource/aws_apprunner_service: Allow
health_check_configuration
to be updated in-place (#34292) - resource/aws_cloudwatch_event_rule: Add
state
parameter and deprecateis_enabled
parameter (#34510) - resource/aws_elaticache_replication_group: Add
auth_token_update_strategy
argument (#34460) - resource/aws_lambda_function: Add support for
java21
runtime
value (#34476) - resource/aws_lambda_function: Add support for
python3.12
runtime
value (#34533) - resource/aws_lambda_layer_version: Add support for
java21
compatible_runtimes
value (#34476) - resource/aws_lambda_layer_version: Add support for
python3.12
compatible_runtimes
value (#34533) - resource/aws_s3_bucket_logging: Add
target_object_key_format
configuration block to support automatic date-based partitioning (#34504)
BUG FIXES:
- resource/aws_appflow_flow: Fix
InvalidParameter: 2 validation error(s) found
error whendestination_flow_config
ortask
is updated (#34456) - resource/aws_appflow_flow: Fix
interface conversion: interface {} is nil, not map[string]interface {}
panic (#34456) - resource/aws_apprunner_service: Correctly set
service_url
for private services (#34292) - resource/aws_glue_trigger: Fix
ConcurrentModificationException: Workflow <workflowName> was modified while adding trigger <triggerName>
errors (#34530) - resource/aws_lb_target_group: Adds plan- and apply-time validation for invalid parameter combinations (#34488)
- resource/aws_lexv2_bot_locale: Fix
voice_settings.engine
validation, value conversion errors (#34532) - resource/aws_lexv2models_bot: Properly send
type
argument on create and update when configured (#34524) - resource/aws_pipes_pipe: Fix error when zero value is sent to
source_parameters
on update (#34487)
v5.26.0
FEATURES:
-
New Data Source:
aws_iot_registration_code
(#15098) -
New Resource:
aws_bedrock_model_invocation_logging_configuration
(#34303) -
New Resource:
aws_iot_billing_group
(#31237) -
New Resource:
aws_iot_ca_certificate
(#15098) -
New Resource:
aws_iot_event_configurations
(#31237)
ENHANCEMENTS:
- data-source/aws_autoscaling_group: Add
instance_maintenance_policy
attribute (#34430) - provider: Adds
https_proxy
andno_proxy
parameters. (#34243) - resource/aws_autoscaling_group: Add
instance_maintenance_policy
configuration block (#34430) - resource/aws_finspace_kx_cluster: Increase default create and update timeouts to 4 hours to allow for increased startup times with large volumes of cached data (#34398)
- resource/aws_finspace_kx_environment: Increase default delete timeout to 75 minutes (#34398)
- resource/aws_iam_group_policy_attachment: Add plan-time validation of
policy_arn
(#34378) - resource/aws_iam_policy_attachment: Add plan-time validation of
policy_arn
(#34378) - resource/aws_iam_role_policy_attachment: Add plan-time validation of
policy_arn
(#34378) - resource/aws_iam_user_policy_attachment: Add plan-time validation of
policy_arn
(#34378) - resource/aws_iot_ca_certificate: Add
ca_certificate_id
attribute (#15098) - resource/aws_iot_policy: Add configurable timeouts (#34329)
- resource/aws_iot_policy: When updating the resource, delete the oldest non-default version of the policy if creating a new version would exceed the maximum number of versions (5) (#34329)
- resource/aws_lambda_function: Add support for
nodejs20.x
andprovided.al2023
runtime
values (#34401) - resource/aws_lambda_layer_version: Add support for
nodejs20.x
andprovided.al2023
compatible_runtimes
values (#34401) - resource/aws_quicksight_analysis: Add
definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline
attribute (#33931) - resource/aws_quicksight_analysis: Add
definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options
attribute (#33931) - resource/aws_quicksight_analysis: Add
number_display_format_configuration
andpercentage_display_format_configuration
to nestednumeric_format_configuration
argument (#33931) - resource/aws_quicksight_dashboard: Add
definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline
attribute (#33931) - resource/aws_quicksight_dashboard: Add
definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options
attribute (#33931) - resource/aws_quicksight_dashboard: Add
number_display_format_configuration
andpercentage_display_format_configuration
to nestednumeric_format_configuration
argument (#33931) - resource/aws_quicksight_template: Add
definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline
attribute (#33931) - resource/aws_quicksight_template: Add
definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options
attribute (#33931) - resource/aws_quicksight_template: Add
number_display_format_configuration
andpercentage_display_format_configuration
to nestednumeric_format_configuration
argument (#33931) - resource/aws_rds_cluster: Add
delete_automated_backups
argument (#34309)
BUG FIXES:
- resource/aws_chime_voice_connector: Fix
read
error when resource is not created inus-east-1
(#34334) - resource/aws_chime_voice_connector_group: Fix
read
error when resource is not created inus-east-1
(#34334) - resource/aws_chime_voice_connector_logging: Fix
read
error when resource is not created inus-east-1
(#34334) - resource/aws_chime_voice_connector_origination: Fix
read
error when resource is not created inus-east-1
(#34334) - resource/aws_chime_voice_connector_termination: Fix
read
error when resource is not created inus-east-1
(#34334) - resource/aws_chime_voice_connector_termination_credentials: Fix
read
error when resource is not created inus-east-1
(#34334) - resource/aws_chimesdkmediapipelines_media_insights_pipeline_configuration: Fix eventual consistency error when resource is not created in
us-east-1
(#34334) - resource/aws_chimesdkvoice_sip_media_application: Fix eventual consistency errors when not using
us-east-1
(#34426) - resource/aws_chimesdkvoice_sip_rule: Fix eventual consistency errors when not using
us-east-1
(#34426) - resource/aws_elasticache_user: Fix
UserNotFound: ... is not available for tagging
errors on resource Read when there is a concurrent update to the user (#34396) - resource/aws_grafana_workspace_api_key: Change
key
toSensitive
(#34105) - resource/aws_iam_group_policy_attachment: Retry
ConcurrentModificationException
errors on create and delete (#34378) - resource/aws_iam_policy_attachment: Retry
ConcurrentModificationException
errors on create and delete (#34378) - resource/aws_iam_role_policy_attachment: Retry
ConcurrentModificationException
errors on create and delete (#34378) - resource/aws_iam_user_policy_attachment: Retry
ConcurrentModificationException
errors on create and delete (#34378) - resource/aws_inspector2_delegated_admin_account: Fix
errors: *target must be interface or implement error
panic (#34424) - resource/aws_inspector2_enabler: Fix
interface conversion: interface {} is nil, not map[string]inspector2.AccountResourceStatus
panic (#34424) - resource/aws_iot_ca_certificate: Change
ca_pem
andcertificate_pem
to ForceNew (#15098) - resource/aws_iot_policy: Retry
DeleteConflictException
errors on delete (#34329) - resource/aws_quicksight_analysis: Fix handling of the nested
number_scale
,prefix
, andsuffix
integer arguments (#33931) - resource/aws_quicksight_analysis: Fix handling of the nested
rolling_date
argument (#33931) - resource/aws_quicksight_analysis: Fix handling of the nested
select_all_options
argument (#33931) - resource/aws_quicksight_analysis: Fix handling of the nested
visual_ids
argument (#33931) - resource/aws_quicksight_analysis: Fixes to various optional blocks utilizing the shared column schema definition (#33931)
- resource/aws_quicksight_analysis: Nested
column_index
androw_index
arguments now properly handle zero values (#33931) - resource/aws_quicksight_dashboard: Fix handling of the nested
number_scale
,prefix
, andsuffix
integer arguments (#33931) - resource/aws_quicksight_dashboard: Fix handling of the nested
rolling_date
argument (#33931) - resource/aws_quicksight_dashboard: Fix handling of the nested
select_all_options
argument (#33931) - resource/aws_quicksight_dashboard: Fix handling of the nested
visual_ids
argument (#33931) - resource/aws_quicksight_dashboard: Fixes to various optional blocks utilizing the shared column schema definition (#33931)
- resource/aws_quicksight_dashboard: Nested
column_index
androw_index
arguments now properly handle zero values (#33931) - resource/aws_quicksight_data_set: Increase
permissions.actions
maximum item limit to 20, aligning with the AWS API limits (#33931) - resource/aws_quicksight_data_source: Set all parameters to update aws_quicksight_data_source (#33061)
- resource/aws_quicksight_template: Fix handling of the nested
number_scale
,prefix
, andsuffix
integer arguments (#33931) - resource/aws_quicksight_template: Fix handling of the nested
rolling_date
argument (#33931) - resource/aws_quicksight_template: Fix handling of the nested
select_all_options
argument (#33931) - resource/aws_quicksight_template: Fix handling of the nested
visual_ids
argument (#33931) - resource/aws_quicksight_template: Fixes to various optional blocks utilizing the shared column schema definition (#33931)
- resource/aws_quicksight_template: Nested
column_index
androw_index
arguments now properly handle zero values (#33931) - resource/aws_sagemaker_user_profile: Change
default_user_settings.canvas_app_settings.identity_provider_oauth_settings
from TypeSet to TypeList, preventinginterface conversion: interface {} is *schema.Set, not []interface {}
panics (#34418) - resource/aws_synthetics_canary: Fix to properly suppress differences when
expression
israte(0 minutes)
(#34084) - resource/aws_vpn_connection: Fix
UnsupportedOperation: The tunnel inside ip version parameter is not currently supported in this region
error when creating connections in certain partitions and Regions (#34420)
v5.25.0
NOTES:
FEATURES:
-
New Data Source:
aws_apigatewayv2_vpc_link
(#33974) -
New Data Source:
aws_athena_named_query
(#24815) -
New Data Source:
aws_bedrock_foundation_model
(#34148) -
New Data Source:
aws_bedrock_foundation_models
(#34148) -
New Resource:
aws_athena_prepared_statement
(#33417) -
New Resource:
aws_lexv2models_bot_locale
(#33949)
ENHANCEMENTS:
- provider: Adds SSO API endpoint override parameter
endpoints.sso
(#34302) - resource/aws_appflow_connector_profile: Add
jwt_token
andoauth2_grant_type
arguments to theconnector_profile_config.connector_profile_credentials.salesforce
block. (#34248) - resource/aws_autoscaling_group: Add plan-time validation of
initial_lifecycle_hook.default_result
,initial_lifecycle_hook.heartbeat_timeout
,initial_lifecycle_hook.lifecycle_transition
,initial_lifecycle_hook.name
,initial_lifecycle_hook.notification_target_arn
andinitial_lifecycle_hook.role_arn
(#12145) - resource/aws_autoscaling_lifecycle_hook: Add plan-time validation of
default_result
,heartbeat_timeout
,lifecycle_transition
,name
,notification_target_arn
androle_arn
(#12145) - resource/aws_datasync_task: Add
task_report_config
argument (#33861) - resource/aws_db_instance: Add
postgres
as a validengine
value for blue/green deployments (#34216) - resource/aws_dms_endpoint: Add
pause_replication_tasks
, which when set totrue
, pauses associated running replication tasks, regardless if they are managed by Terraform, prior to modifying the endpoint (only tasks paused by the resource will be restarted after the modification completes) (#34316) - resource/aws_eks_cluster: Allow
vpc_config.security_group_ids
andvpc_config.subnet_ids
to be updated in-place (#32409) - resource/aws_inspector2_organization_configuration: Add
lambda_code
argument to theauto_enable
configuration block (#34261) - resource/aws_route53_record: Allow import of records with an empty record name. (#34212)
- resource/aws_sagemaker_domain: Add
default_user_settings.canvas_app_settings.direct_deploy_settings
,default_user_settings.canvas_app_settings.identity_provider_oauth_settings
anddefault_user_settings.canvas_app_settings.kendra_settings
arguments (#34265) - resource/aws_sagemaker_domain: Change
default_space_settings.kernel_gateway_app_settings.custom_image
,default_user_settings.kernel_gateway_app_settings.custom_image
anddefault_user_settings.r_session_app_settings.custom_image
MaxItems
from30
to200
(#34265) - resource/aws_sagemaker_feature_group: Add
offline_store_config.s3_storage_config.resolved_output_s3_uri
,online_store_config.storage_type
andonline_store_config.ttl_duration
arguments (#34283) - resource/aws_sagemaker_feature_group: Allow
online_store_config.ttl_duration
to be updated in-place (#34283) - resource/aws_sagemaker_model: Add
container.model_data_source
andprimary_container.model_data_source
configuration blocks (#34158) - resource/aws_sagemaker_space: Change
space_settings.kernel_gateway_app_settings.custom_image
MaxItems
from30
to200
(#34265) - resource/aws_sagemaker_user_profile: Add
default_user_settings.canvas_app_settings.direct_deploy_settings
,default_user_settings.canvas_app_settings.identity_provider_oauth_settings
anddefault_user_settings.canvas_app_settings.kendra_settings
arguments (#34265) - resource/aws_sns_topic: Add
archive_policy
argument andbeginning_archive_time
attribute to support message archiving (#34252) - resource/aws_sns_topic: Add
replay_policy
argument (#34252)
BUG FIXES:
- provider: Fix
Value Conversion Error
panic for certain resources whennull
tag values are specified (#34319) - provider: Fixes parsing error in AWS shared config files with extra whitespace (#34300)
- provider: Fixes poor performance when parsing AWS shared config files (#34300)
- resource/aws_autoscaling_group: Change all
initial_lifecycle_hook
configuration block attributes to ForceNew (#34260) - resource/aws_cloudtrail: Change the
id
attribute from the trail's name to its ARN to support organization trails (#30758) - resource/aws_cloudwatch_event_rule: Increase
event_pattern
max length for validation to 4096 (#34270) - resource/aws_sagemaker_domain: Fix updating
default_space_settings.r_studio_server_pro_app_settings.access_status
fromENABLED
toDISABLED
(#34265)
hashicorp/terraform-provider-azurerm (azurerm)
v3.94.0
FEATURES:
-
New Resource:
azurerm_kubernetes_fleet_update_run
(#24813)
ENHANCEMENTS:
- dependencies: updating to
v0.20240228.1142829
ofgithub.com/hashicorp/go-azure-sdk
(#25081) -
servicefabric
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#25002) -
springcloud
: updating to API Version2024-01-01-preview
(#24937) -
securitycenter
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#25081) - Data Source:
azurerm_storage_table_entities
- support forselect
(#24987) - Data Source:
azurerm_netapp_volume
- support for thesmb_access_based_enumeration
andsmb_non_browsable
properties (#24514) -
azurerm_cosmosdb_account
- add support for theminimal_tls_version
property (#24966) -
azurerm_federated_identity_credential
- the federated credentials can now be changed without creating a new resource (#25003) -
azurerm_kubernetes_cluster
- support for thecurrent_kubernetes_version
property (#25079) -
azurerm_kubernetes_cluster
- private DNS is now allowed for theweb_app_routing
property (#25038) -
azurerm_kubernetes_cluster
- migration between differentoutbound_type
s is now allowed (#25021) -
azurerm_mssql_database
- support for therecovery_point_id
andrestore_long_term_retention_backup_id
properties (#24904) -
azurerm_linux_virtual_machine
- support for theautomatic_upgrade_enabled
,disk_controller_type
,os_image_notification
,treat_failure_as_deployment_failure_enabled
, andvm_agent_platform_updates_enabled
properties (#23394) -
azurerm_nginx_deployment
- support for theautomatic_upgrade_channel
property (#24867) -
azurerm_netapp_volume
- support for thesmb_access_based_enumeration
andsmb_non_browsable
properties (#24514) -
azurerm_netapp_pool
- support for theencryption_type
property (#24993) -
azurerm_role_definition
- upgrade to the API version2022-05-01-preview
(#25008) -
azurerm_redis_cache
- allow AAD auth for all SKUs (#25006) -
azurerm_sql_managed_instance
- support for thezone_redundant_enabled
property (#25089) -
azurerm_spring_cloud_gateway
- support for theapplication_performance_monitoring_ids
property (#24919) -
azurerm_spring_cloud_configuration_service
- support for therefresh_interval_in_seconds
property (#25009) -
azurerm_synapse_workspace
- support for using theuser_assigned_identity_id
property within thecustomer_managed_key
block (#25027) -
azurerm_windows_virtual_machine
- support for theautomatic_upgrade_enabled
,disk_controller_type
,os_image_notification
,treat_failure_as_deployment_failure_enabled
, andvm_agent_platform_updates_enabled
properties (#23394)
BUG FIXES:
-
azurerm_api_management_notification_recipient_email
- fixing an issue where response pages weren't iterated over correctly (#25055) -
azurerm_api_management_notification_recipient_user
- fixing an issue where response pages weren't iterated over correctly (#25055) -
azurerm_batch_pool
- fix setting theextension.settings_json
property (#24976) -
azurerm_key_vault_key
-expiration_date
can be updated if newer date is ahead (#25000) -
azurerm_pim_active_role_assignment
- fix an isue where the resource would disappear or fail to import after 45 days (#24524) -
azurerm_pim_eligible_role_assignment
- fix an isue where the resource would disappear or fail to import after 45 days (#24524) -
azurerm_recovery_services_vault
- validate thatuse_system_assigned_identity
anduser_assigned_identity_id
cannot be set at the same time (#24091) -
azurerm_recovery_vaults
will now create properly withSystemAssigned,UserAssigned
identity (#24978) -
azurerm_subscription
- fixing an issue where response pages weren't iterated over correctly (#25055)
v3.93.0
FEATURES:
-
New Data Source:
azurerm_express_route_circuit_peering
(#24971) -
New Data Source:
azurerm_storage_table_entities
(#24973) -
New Resource:
azurerm_dev_center_catalog
(#24833) -
New Resource:
azurerm_system_center_virtual_machine_manager_server
(#24278)
BUG FIXES:
-
azurerm_key_vault
- conditionally polling the Data Plane endpoint whenpublic_network_access_enabled
is set to false (#23823) -
azurerm_storage_account
- allow theidentity.type
property to beSystemAssigned, UserAssigned
when using a Customer Managed Key (#24923) -
azurerm_automation_account
- prevent theidentity.identity_ids
User Assigned identity being set when not specified in config (#24977)
ENHANCEMENTS:
- dependencies: updating to
v0.20240221.1170458
ofhashicorp/go-azure-sdk
(#24967) - dependencies: refactor
azurerm_spring_cloud_configuration_service
to usego-azure-sdk
(#24918) - provider: support or the feature flag
virtual_machine_scale_set.reimage_on_manual_upgrade
(#22975) -
sentinel
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24962) -
sqlvirtualmachines
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24912) -
nginx
: updating to use2024-01-01-preview
(#24868) -
azurerm_cosmosdb_account
- support for thebackup.tier
property (#24595) -
azurerm_linux_virtual_machine
- thevirtual_machine_scale_set_id
proeprty can now be changed without creating a new resource (#24768) -
azurerm_machine_learning_workspace
- support for themanaged_network.isolation_mode
property (#24951) -
azurerm_private_dns_resolver_inbound_endpoint
- support thestatic
value for theprivate_ip_allocation_method
property (#24952) -
azurerm_postgresql_flexible_server
- expose thestorage_tier
field (#24892) -
azurerm_redis_cache
- support for thepreferred_data_persistence_auth_method
property (#24370) -
azurerm_servicebus_namespace
- support for thepremium_messaging_partitions
property (#24676) -
azurerm_windows_virtual_machine
- thevirtual_machine_scale_set_id
proeprty can now be changed without creating a new resource (#24768)
BUG FIXES:
-
azurerm_cognitive_deployment
- theversion_upgrade_option
property can not be updated without creating a new resource (#24922) -
azurerm_data_protection_backup_vault
- support or thesoft_delete
andretention_duration_in_days
properties (#24775) -
azurerm_data_factory_pipeline
- correctly handle incorrect header values (#24921) -
azurerm_kusto_cluster
-optimized_auto_scale
is now updated aftersku
has been updated (#24906) -
azurerm_key_vault_certificate
- will now only update thelifetime_action
of the certificate block unless otherwise required (#24755) -
azurerm_linux_virtual_machine_scale_set
- correctly includepublic_ip_prefix_id
during updates (#24939) -
azurerm_postgresql_flexible_server
- thecustomer_managed_key.key_vault_key_id
property is now required (#24981) -
azurerm_nginx_deployment
- changing thesku
property now creates a new resource (#24905) -
azurerm_orchestrated_virtual_machine_scale_set
- thedisk_size_gb
andlun
parameters ofdata_disks
are optional now (#24944) -
azurerm_storage_account
- change order of API calls to be GET-then-PUT ratehr then PATCHES (#23935) -
azurerm_storage_account
- improve the validation around theimmutability_policy
being used withblob_properties
(#24938) -
azurerm_security_center_setting
- prevent a bug when name isSENTINEL
(#24497) -
azurerm_windows_virtual_machine_scale_set
- correctly includepublic_ip_prefix_id
during updates (#24939)
v3.92.0
FEATURES:
-
New Data Source:
azurerm_virtual_desktop_application_group
(#24771)
ENHANCEMENTS:
- provider: support for the feature flag
postgresql_flexible_server.restart_server_on_configuration_value_change property
(#23811) - dependencies: updating to v0.20240214.1142753 of
github.com/hashicorp/go-azure-sdk
(#24889) -
automation
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24858) -
maintenance
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24819) -
containerapps
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24862) -
containerservices
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24872) -
timeseriesinsights
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24889) -
azurerm_container_app_environment
: support for theinfrastructure_resource_group_name
property (#24361) -
azurerm_cost_anomaly_alert
- support for thesubscription_id
property (#24258) -
azurerm_cosmosdb_account
- add default values for theconsistency_policy
code block (#24830) -
azurerm_dashboard_grafana
- support for thesmtp
block (#24717) -
azurerm_key_vault_certificates
- support for thetags
property (#24857) -
azurerm_key_vault_secrets
- support for thetags
property (#24857) -
azurerm_orchestrated_virtual_machine_scale_set
- support for theadditional_unattend_content
block (#24292) -
azurerm_virtual_desktop_host_pool
- support for thevm_template
property (#24369)
BUG FIXES:
-
azurerm_container_app_environment
: avoid unwanted changes when updating and usinglog_analytics_workspace_id
(#24303) -
azurerm_cosmosdb_account
- fixed regression in thebackup
code block (#24830) -
azurerm_data_factory
- allow thegit_url
property to be blank/empty (#24879) -
azurerm_linux_web_app_slot
- theworker_count
property now works correctly in thesite_config
block (#24515) -
azurerm_linux_web_app
- supportoff
for thefile_system_level
property (#24877) -
azurerm_linux_web_app_slot
- supportoff
for thefile_system_level
property (#24877) -
azurerm_private_endpoint
- fixing an issue where updating the Private Endpoint would remove any Application Security Group Association (#24846) -
azurerm_search_service
- fixed the update function to adjust for changed API behaviour (#24837) -
azurerm_search_service
- fixed the update function to adjust for changed API behaviour (#24903) -
azurerm_windows_web_app
- supportoff
for thefile_system_level
property (#24877) -
azurerm_windows_web_app_slot
- supportoff
for thefile_system_level
property (#24877)
v3.91.0
FEATURES:
-
New Data Source:
azurerm_databricks_access_connector
(#24769) -
New Resource:
azurerm_data_protection_backup_policy_kubernetes_cluster
(#24718) -
New Resource:
azurerm_chaos_studio_experiment
(#24779) -
New Resource:
azurerm_chaos_studio_capability
(#24779) -
New Resource:
azurerm_dev_center_gallery
(#23760) -
New Resource:
azurerm_kubernetes_fleet_member
(#24792) -
New Resource:
azurerm_iotcentral_organization
(#23132) -
New Resource:
azurerm_spring_cloud_app_dynamics_application_performance_monitoring
(#24750)
ENHANCEMENTS:
- dependencies: updating to
v0.20240208.1095436
ofgithub.com/hashicorp/go-azure-sdk/resource-manager
(#24819) - dependencies: updating to
v0.20240208.1095436
ofgithub.com/hashicorp/go-azure-sdk/sdk
(#24819) - dependencies: refactor
azurerm_app_service_environment_v3
to usego-azure-sdk
(#24760) - dependencies: refactor
azurerm_role_definition
to usego-azure-sdk
(#24266) -
managedhsm
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24761) -
hdinsight
: updating to API Version2023-07-01
(#24761) -
streamanalytics
: updating to use the transport layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24819) -
azurerm_app_service_environment_v3
- support for theremote_debugging_enabled
property (#24760) -
azurerm_storage_account
- support for thelocal_user_enabled
property (#24800) -
azurerm_log_analytics_workspace_table
- support for thetotal_retention_in_days
property (#24513) -
azurerm_maching_learning_workspace
- support for thefeature_store
andkind
properties (#24716) -
azurerm_traffic_manager_azure_endpoint
- support for thealways_serve_enabled
property (#24573) -
azurerm_traffic_manager_external_endpoint
- support for thealways_serve_enabled
property (#24573)
BUG FIXES:
-
azurerm_api_management
- thevirtual_network_configuration
property now updates correctly outside ofvirtual_network_type
(#24569)
v3.90.0
UPGRADE NOTES:
- provider - The provider will now automatically register the
AppConfiguration
,DataFactory
, andSignalRService
Resource Providers. When running Terraform with limited permissions, note that you must disable automatic Resource Provider Registration and ensure that any Resource Providers Terraform requires are registered. (#24645)
FEATURES:
-
New Data Source:
azurerm_nginx_configuration
(#24642) -
New Data Source:
azurerm_virtual_desktop_workspace
(#24732) -
New Resource:
azurerm_kubernetes_fleet_update_strategy
(#24328) -
New Resource:
azurerm_site_recovery_vmware_replicated_vm
(#22477) -
New Resource:
azurerm_spring_cloud_new_relic_application_performance_monitoring
(#24699)
ENHANCEMENTS:
- provider: registering the Resource Provider
Microsoft.AppConfiguration
(#24645) - provider: registering the Resource Provider
Microsoft.DataFactory
(#24645) - provider: registering the Resource Provider
Microsoft.SignalRService
(#24645) - provider: the Provider is now built using Go 1.21.6 (#24653)
- dependencies: the dependency
github.com/hashicorp/go-azure-sdk
has been split into multiple Go Modules - and as such will be referred to by those paths going forwards (#24636) - dependencies: updating to ``v0.20240201.1064937
of
github.com/hashicorp/go-azure-sdk/resource-manager` (#24738) - dependencies: updating to
v0.20240201.1064937
ofgithub.com/hashicorp/go-azure-sdk/sdk
(#24738) -
appservice
: update togo-azure-sdk
and API version2023-01-01
(#24688) -
datafactory
: updating to usetombuildsstuff/kermit
(#24675) -
hdinsight
: refactoring to usegithub.com/hashicorp/go-azure-sdk/resource-manager
(#24011) -
hdinsight
: updating to API Version2021-06-01
(#24011) -
loadbalancer
: updating to usehashicorp/go-azure-sdk
(#24291) -
nginx
: updating to API Version2023-09-01
(#24640) -
servicefabricmanagedcluster
: updating to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24654) -
springcloud
: updating to use API Version2023-11-01-preview
(#24690) -
subscriptions
: refactoring to usehashicorp/go-azure-sdk
(#24663) - Data Source:
azurerm_stream_analytics_job
- support for User Assigned Identities (#24738) -
azurerm_cosmosdb_account
- support for thegremlin_database
andtables_to_restore
properties (#24627) -
azurerm_bot_channel_email
- support for themagic_code
property (#23129) -
azurerm_cosmosdb_account
- support for thepartition_merge_enabled
property (#24615) -
azurerm_mssql_managed_database
- support for theimmutable_backups_enabled
property (#24745) -
azurerm_mssql_database
- support for theimmutable_backups_enabled
property (#24745) -
azurerm_palo_alto_next_generation_firewall_virtual_hub_panorama
- support for thetrusted_address_ranges
property (#24459) -
azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack
- support for thetrusted_address_ranges
property (#24459) -
azurerm_palo_alto_next_generation_firewall_virtual_network_panorama
- support for thetrusted_address_ranges
property (#24459) -
azurerm_servicebus_namespace
- updating to use API Version2022-10-01-preview
(#24650) -
azurerm_spring_cloud_api_portal
- support for theapi_try_out_enabled
property (#24696) -
azurerm_spring_cloud_gateway
- support for thelocal_response_cache_per_route
andlocal_response_cache_per_instance
properties (#24697) -
azurerm_stream_analytics_job
- support for User Assigned Identities (#24738) -
azurerm_subscription
- refactoring to usehashicorp/go-azure-sdk
to set tags on the subscription (#24734) -
azurerm_virtual_desktop_workspace
- correctly validate thename
property (#24668)
BUG FIXES:
- provider: skip registration for resource providers that are unavailable (#24571)
-
azurerm_app_configuration
- no longer requirelifecycle_ignore_changes
for thevalue
property when using a key vault reference (#24702) -
azurerm_app_service_managed_certificate
- fix casing issue inapp_service_plan_id
by parsing insensitively (#24664) -
azurerm_cognitive_deployment
- updates now include theversion
property (#24700) -
azurerm_dns_cname_record
- prevent casing issue intarget_resource_id
by parsing the ID insensitively (#24181) -
azurerm_mssql_managed_instance_failover_group
- prevent an issue when trying to create a failover group with a managed instance from a different subscription (#24646) -
azurerm_storage_account
- conditionally update properties only when needed (#24669) -
azurerm_storage_account
- change update order foraccess_tier
to prevent errors when uploading blobs to the archive tier (#22250)
v3.89.0
FEATURES:
- New Data Source:
azurerm_data_factory_trigger_schedule
(#24572) - New Data Source:
azurerm_data_factory_trigger_schedules
(#24572) - New Data Source:
azurerm_ip_groups
(#24540) - New Data Source:
azurerm_nginx_certificate
(#24577) - New Resource:
azurerm_chaos_studio_target
(#24580) - New Resource:
azurerm_elastic_san_volume_group
(#24166) - New Resource:
azurerm_netapp_account_encryption
(#23733) - New Resource:
azurerm_redhat_openshift_cluster
(#24375)
ENHANCEMENTS:
- dependencies: updating to
v0.66.1
ofgithub.com/hashicorp/go-azure-helpers
(#24561) - dependencies: updating to
v0.20240124.1115501
ofgithub.com/hashicorp/go-azure-sdk
(#24619) -
bot
: updating to API Version2021-05-01-preview
(#24555) -
containerservice
: the SDK Clients now support logging (#24564) -
cosmosdb
: updating to API Version2023-04-15
(#24541) -
loadtestservice
: updating to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(and support logging) (#24578) -
managedidentity
: updating to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(and support logging) (#24578) -
azurerm_api_management_api
- change theid
format so specificrevision
s can be managed by Terraform (#23031) -
azurerm_data_protection_backup_vault
- theredundancy
propety can now be set toZoneRedundant
(#24556) -
azurerm_data_factory_integration_runtime_azure_ssis
- support for thecredential_name
property (#24458) -
azurerm_orchestrated_virtual_machine_scale_set
- support2022-datacenter-azure-edition-hotpatch
and2022-datacenter-azure-edition-hotpatch-smalldisk
hotpatching images (#23500) -
azurerm_stream_analytics_job
- support for thesku_name
property (#24554)
BUG FIXES:
-
Data Source:
azurerm_app_service
- parsing the API Response forapp_service_plan_id
case-insensitively (#24626) -
Data Source:
azurerm_function_app
- parsing the API Response forapp_service_plan_id
case-insensitively (#24626) -
azurerm_app_configuration_key
- the value for thevalue
property can now be removed/emptied (#24582) -
azurerm_app_service
- parsing the API Response forapp_service_plan_id
case-insensitively (#24626) -
azurerm_app_service_plan
- fix casing inserverFarms
due to ID update (#24562) -
azurerm_app_service_slot
- parsing the API Response forapp_service_plan_id
case-insensitively (#24626) -
azurerm_automation_schedule
- only onemonthly_occurence
block can now be specified (#24614) -
azurerm_cognitive_deployment
- themodel.version
property is no longer required (#24264) -
azurerm_container_app
- multiplecustom_scale_rule
can not be updated (#24509) -
azurerm_container_registry_task_schedule_run_now
- prevent issue where the incorrect scheduled run in tracked if there have been multiple (#24592) -
azurerm_function_app
- parsing the API Response forapp_service_plan_id
case-insensitively (#24626) -
azurerm_function_app_slot
- parsing the API Response forapp_service_plan_id
case-insensitively (#24626) -
azurerm_logic_app_standard
- now will parse the app service ID insensitively (#24562) -
azurerm_logic_app_workflow
- theworkflow_parameters
will now correctly handle information specified by$connections
(#24141) -
azurerm_mssql_managed_instance_security_alert_policy
- can not update empty storage attributes (#24553) -
azurerm_network_interface
- theip_configuration
properties are no longer added to a Load Balancer Backend if one of thoseip_configurations
is associated with a backend (#24470)
v3.88.0
FEATURES:
- New Data Source:
azurerm_nginx_deployment
(#24492) - New Resource:
azurerm_spring_cloud_dynatrace_application_performance_monitoring
(#23889) - New Resource:
azurerm_virtual_machine_run_command
(#23377)
ENHANCEMENTS:
- dependencies: updating to
v0.20240117.1163544
ofgithub.com/hashicorp/go-azure-sdk
(#24481) - dependencies: updating to
v0.65.1
ofgithub.com/hashicorp/go-azure-helpers
(#24479) -
datashare
: updating to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24481) -
kusto
: updating to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#24477) - Data Source:
azurerm_application_gateway
- support for thetrusted_client_certificate.data
property (#24474) -
azurerm_service_plan
: refactoring to usehashicorp/go-azure-sdk
(#24483) -
azurerm_container_group
- support for thepriority
property (#24374) -
azurerm_mssql_managed_database
- support for thepoint_in_time_restore
property (#24535) -
azurerm_mssql_managed_instance
- now exports thedns_zone
attribute (#24435) -
azurerm_linux_web_app_slot
- support for settingpython_version
to3.12
(#24363) -
azurerm_linux_web_app
- support for settingpython_version
to3.12
(#24363) -
azurerm_linux_function_app_slot
- support for settingpython_version
to3.12
(#24363) -
azurerm_linux_function_app
- support for settingpython_version
to3.12
(#24363)
BUG FIXES:
-
azurerm_application_gateway
- thecomponents
property within theurl
block is no longer computed (#24480) -
azurerm_cdn_frontdoor_route
- prevent an issue wherecdn_frontdoor_origin_path
gets removed on update if unchanged. (#24488) -
azurerm_cognitive_account
- fixing support for theDC0
SKU (#24526)
v3.87.0
FEATURES:
- New Data Source:
azurerm_network_manager
(#24398) - New Resource:
azurerm_security_center_server_vulnerability_assessments_setting
(#24299)
ENHANCEMENTS:
- dependencies: updating to
v0.20240111.1094251
ofgithub.com/hashicorp/go-azure-sdk
(#24463) - Data Source:
azurerm_mssql_database
- support foridentity
,transparent_data_encryption_enabled
,transparent_data_encryption_key_vault_key_id
andtransparent_data_encryption_key_automatic_rotation_enabled
(#24412) - Data Source:
azurerm_mssql_server
- support fortransparent_data_encryption_key_vault_key_id
(#24412) -
machinelearning
: updating to API Version2023-10-01
(#24416) -
paloaltonetworks
: updating to API Version2023-09-01
(#24290) -
azurerm_container_app
- update create time validations foringress.0.traffic_weight
(#24042) -
azurerm_container_app
- support for theip_security_restriction
block (#23870) -
azurerm_kubernetes_cluster
- properties indefault_node_pool.linux_os_config.sysctl_config
are now updateable via node pool cycling (#24397) -
azurerm_linux_web_app
- support theVS2022
value for theremote_debugging_version
property (#24407) -
azurerm_mssql_database
- support foridentity
,transparent_data_encryption_key_vault_key_id
andtransparent_data_encryption_key_automatic_rotation_enabled
(#24412) -
azurerm_postgres_flexible_server
- thesku_name
property now supports being set toMO_Standard_E96ds_v5
(#24367) -
azurerm_role_assignment
- support for theprincipal_type
property (#24271) -
azurerm_windows_web_app
- support theVS2022
value for theremote_debugging_version
property (#24407) -
azurerm_cdn_frontdoor_firewall_policy
- support forrequest_body_check_enabled
property (#24406)
BUG FIXES:
- Data Source:
azurerm_role_definition
- fixrole_definition_id
(#24418) -
azurerm_api_management
- thesku_name
property can now be updated (#24431) -
azurerm_arc_kubernetes_flux_configuration
- prevent a bug where certain sensitive properties forbucket
andgit_repository
were being overwritten after an update to the resource is made (#24066) -
azurerm_kubernetes_flux_configuration
- prevent a bug where certain sensitive properties forbucket
andgit_repository
were being overwritten after an update to the resource is made (#24066) -
azure_linux_web_app
- prevent a bug in App Service processing ofapplication_stack
in updates tosite_config
(#24424) -
azure_linux_web_app_slot
- Fix bug in App Service processing ofapplication_stack
in updates tosite_config
(#24424) -
azurerm_network_manager_deployment
- update creation wait logic to better tolerate the api returning not found (#24330) -
azurerm_virtual_machine_data_disk_attachment
- do not update applications profile with disks (#24145) -
azure_windows_web_app
- prevent a bug in App Service processing ofapplication_stack
in updates tosite_config
(#24424) -
azure_windows_web_app_slot
- prevent a bug in App Service processing ofapplication_stack
in updates tosite_config
(#24424) -
azurerm_maintenance_configuration
- set thereboot
property in flatten fromAlwaysReboot
toAlways
(#24376) -
azurerm_container_app_environment
- theworkload_profile
property can now be updated (#24409)
v3.86.0
FEATURES:
- New Data Source:
azurerm_dashboard_grafana
(#24243) - New Resource:
azurerm_log_analytics_workspace_table
(#24229) - New Resource:
azurerm_automation_powershell72_module
(#23980) - New Resource:
azurerm_data_factory_credential_user_managed_identity
(#24307)
ENHANCEMENTS:
- dependencies: updating to
v0.20231215.1114251
ofhashicorp/go-azure-sdk
(#24251) - dependencies:
azurerm_spring_cloud_api_portal
- update to usehashicorp/go-azure-sdk
(#24321) - Data Source:
azurerm_kusto_cluster
- now exports theidentity
block (#24314) -
azurerm_data_protection_backup_policy_postgresql
- support for thetime_zone
property (#24312) -
azurerm_data_protection_backup_policy_disk
- support for thetime_zone
property (#24312) -
azurerm_key_vault_managed_hardware_security_module
-thetags
property can now be updated (#24333) -
azurerm_logic_app_standard
- support for thesite_config.0.public_network_access_enabled
property (#24257) -
azurerm_log_analytics_workspace_table
- support for theplan
property (#24341) -
azurerm_linux_web_app
- support the value20-lts
for thenode_version
property (#24289) -
azurerm_recovery_services_vault
- support creation with immutability set to locked (#23806) -
azurerm_spring_cloud_service
- support for thesku_tier
property (#24103)
BUG FIXES:
- Data Source:
azurerm_role_definition
- correctly export therole_definition_id
attribute (#24320) -
azurerm_bot_service
- fixing a bug wherepublic_network_access_enabled
was always set totrue
(#24255) -
azurerm_bot_service_azure_bot
-tags
can now be updated (#24332) -
azurerm_cosmosdb_account
- fix validation for theip_range_filter
property (#24306) -
azurerm_linux_virtual_machine
- theadditional_capabilities.0.ultra_ssd_enabled
can now be changed during the update (#24274) -
azurerm_logic_app_standard
- update the default value ofversion
from~3
which is no longer supported to~4
(#24134) -
azurerm_logic_app_standard
- fix a crash when setting the defaultversion
4.0 flag (#24322) -
azurerm_iothub_device_update_account
- changing thesku
property now creates a new resource (#24324) -
azurerm_iothub
- prevent an inconsistant value after an apply (#24326) -
azurerm_orchestrated_virtual_machine_scale_set
- correctly update the resource when hotpatch is enabled (#24335) -
azurerm_windows_virtual_machine
- theadditional_capabilities.0.ultra_ssd_enabled
can now be changed during the update (#24274) -
azurerm_scheduled_query_rules_alert
- changing thedata_source_id
now creates a new resource (#24327) -
azurerm_scheduled_query_rules_log
- changing thedata_source_id
now creates a new resource (#24327)
v3.85.0
FEATURES:
- New Data Source:
azurerm_locations
(#23324)
ENHANCEMENTS:
- provider: support for authenticating using Azure Kubernetes Service Workload Identity (#23965)
- dependencies: updating to
v0.65.0
ofgithub.com/hashicorp/go-azure-helpers
(#24222) - dependencies: updating to
v0.20231214.1220802
ofgithub.com/hashicorp/go-azure-sdk
(#24246) - dependencies: updating to version
v0.20231214.1160726
ofgithub.com/hashicorp/go-azure-sdk
(#24241) - dependencies: update
security/automation
to usehashicorp/go-azure-sdk
(#24156) - dependencies
dataprotection
: updating to API Version2023-05-01
(#24143) -
kusto
: removing the remnants of the old Resource ID Parsers now this useshashicorp/go-azure-sdk
(#24238) - Data Source:
azurerm_cognitive_account
- export theidentity
block (#24214) - Data Source:
azurerm_monitor_workspace
- add support for thedefault_data_collection_endpoint_id
anddefault_data_collection_rule_id
properties (#24153) - Data Source:
azurerm_shared_image_gallery
- add support for theimage_names
property (#24176) -
azurerm_dns_txt_record
- allow up to4096
characters for the propertyrecord.value
(#24169) -
azurerm_container_app
- support for theworkload_profile_name
property (#24219) -
azurerm_container_app
- suppot for theinit_container
block (#23955) -
azurerm_hpc_cache_blob_nfs_target
- support for theverification_timer_in_seconds
andwrite_back_timer_in_seconds
properties (#24207) -
azurerm_hpc_cache_nfs_target
- support for theverification_timer_in_seconds
andwrite_back_timer_in_seconds
properties (#24208) -
azurerm_linux_web_app
- makeclient_secret_setting_name
optional and conflict withclient_secret_certificate_thumbprint
(#21834) -
azurerm_linux_web_app_slot
- makeclient_secret_setting_name
optional and conflict withclient_secret_certificate_thumbprint
(#21834) -
azurerm_linux_web_app
- fix a bug inapp_settings
where settings could be lost (#24221) -
azurerm_linux_web_app_slot
- fix a bug inapp_settings
where settings could be lost (#24221) -
azurerm_log_analytics_workspace
- add support for theimmediate_data_purge_on_30_days_enabled
property (#24015) -
azurerm_mssql_server
- support for other identity types for the key vault key (#24236) -
azurerm_machine_learning_datastore_blobstorage
- resource now skips validation when being created (#24078) -
azurerm_machine_learning_datastore_datalake_gen2
- resource now skips validation when being created (#24078) -
azurerm_machine_learning_datastore_fileshare
- resource now skips validation when being created (#24078) -
azurerm_monitor_workspace
- support for thedefault_data_collection_endpoint_id
anddefault_data_collection_rule_id
properties (#24153) -
azurerm_redis_cache
- support for thestorage_account_subscription_id
property (#24101) -
azurerm_storage_blob
- support for thesource_content
typePage
(#24177) -
azurerm_web_application_firewall_policy
- support new values to therule_group_name
property (#24194) -
azurerm_windows_web_app
- make theclient_secret_setting_name
property optional and conflicts with theclient_secret_certificate_thumbprint
property (#21834) -
azurerm_windows_web_app_slot
- make theclient_secret_setting_name
property optional and conflicts with theclient_secret_certificate_thumbprint
property (#21834) -
azurerm_windows_web_app
- fix a bug inapp_settings
where settings could be lost (#24221) -
azurerm_windows_web_app_slot
- fix a bug inapp_settings
where settings could be lost (#24221) -
azurerm_cognitive_account
- addContentSafety
to thekind
property validation (#24205)
BUG FIXES:
- provider: fix an authentication issue with Azure Storage when running in Azure China cloud (#24246)
- Data Source:
azurerm_role_definition
- fix bug whererole_definition_id
andscope
were being incorrectly set (#24211) -
azurerm_batch_account
- fix bug whereUserAssigned, SystemAssigned
could be passed to the resource even though it isn't supported (#24204) -
azurerm_batch_pool
- fix bug wheresettings_json
andprotected_settings
were not being unmarshaled (#24075) -
azurerm_bot_service_azure_bot
- fix bug wherepublic_network_access_enabled
was being set as the value forLuisKey
(#24164) -
azurerm_cognitive_account_customer_managed_key
-identity_client_id
is no longer passed to the api when it is empty (#24231) -
azurerm_linux_web_app_slot
- error whenservice_plan_id
is identical to the parentservice_plan_id
(#23403) -
azurerm_management_group_template_deployment
- fixing a bug wheretemplate_spec_version_id
couldn't be updated (#24072) -
azurerm_pim_active_role_assignment
- fix an importing issue by filtering available role assignments based on the providedscope
(#24077) -
azurerm_pim_eligible_role_assignment
- fix an importing issue by filtering available role assignments based on the providedscope
(#24077) -
azurerm_resource_group_template_deployment
- fixing a bug wheretemplate_spec_version_id
couldn't be updated (#24072) -
azurerm_security_center_setting
- fix the casing for thesetting_name
Sentinel
(#24210) -
azurerm_storage_account
- Fix crash when checking forroutingInputs.PublishInternetEndpoints
androutingInputs.PublishMicrosoftEndpoints
(#24228) -
azurerm_storage_share_file
- prevent panic when the file specified bysource
is empty (#24179) -
azurerm_subscription_template_deployment
- fixing a bug wheretemplate_spec_version_id
couldn't be updated (#24072) -
azurerm_tenant_template_deployment
- fixing a bug wheretemplate_spec_version_id
couldn't be updated (#24072) -
azurerm_virtual_machine
- prevent a panic by nil checking the first element ofadditional_capabilities
(#24159) -
azurerm_windows_web_app_slot
- error whenservice_plan_id
is identical to the parentservice_plan_id
(#23403)
v3.84.0
FEATURES:
-
New Data Source:
azurerm_storage_containers
(#24061) -
New Resource:
azurerm_elastic_san
(#23619) -
New Resource:
azurerm_key_vault_managed_hardware_security_module_role_assignment
(#22332) -
New Resource:
azurerm_key_vault_managed_hardware_security_module_role_definition
(#22332)
ENHANCEMENTS:
- dependencies: updating mssql elasticpools from
v5.0
to2023-05-01-preview
- dependencies: updating to
v0.20231207.1122031
ofgithub.com/hashicorp/go-azure-sdk
(#24149) - Data Source:
azurerm_storage_account
- export the primary and secondary internet and microsoft hostnames for blobs, dfs, files, queues, tables and web (#23517) - Data Source:
azurerm_cosmosdb_account
- export theconnection_strings
,primary_sql_connection_string
,secondary_sql_connection_string
,primary_readonly_sql_connection_string
,secondary_readonly_sql_connection_string
,primary_mongodb_connection_string
,secondary_mongodb_connection_string
,primary_readonly_mongodb_connection_string
, andsecondary_readonly_mongodb_connection_string
attributes (#24129) -
azurerm_bot_service_azure_bot
- support for thepublic_network_access_enabled
property (#24125) -
azurerm_container_app_environment
- support for theworkload_profile
property (#23478) -
azurerm_cosmosdb_cassandra_datacenter
- support for theseed_node_ip_addresses
property (#24076) -
azurerm_firewall
- support for thedns_proxy_enabled
property (#20519) -
azurerm_kubernetes_cluster
- support for thesupport_plan
property and thesku_tier
Premium
(#23970) -
azurerm_mssql_database
- support forenclave_type
field (#24054) -
azurerm_mssql_elasticpool
- support forenclave_type
field (#24054) -
azurerm_mssql_managed_instance
- support for morevcores
:6
,10
,12
,20
,48
,56
,96
,128
(#24085) -
azurerm_redis_linked_server
- support for the propertygeo_replicated_primary_host_name
(#23984) -
azurerm_storage_account
- expose the primary and secondary internet and microsoft hostnames for blobs, dfs, files, queues, tables and web (#23517) -
azurerm_synapse_role_assignment
- support for theprincipal_type
property (#24089) -
azurerm_spring_cloud_build_deployment
- support for theapplication_performance_monitoring_ids
property (#23969) -
azurerm_virtual_network_gateway
- support for thebgp_route_translation_for_nat_enabled
,dns_forwarding_enabled
,ip_sec_replay_protection_enabled
,remote_vnet_traffic_enabled
,virtual_wan_traffic_enabled
,radius_server
,virtual_network_gateway_client_connection
,policy_group
, andipsec_policy
property (#23220)
BUG FIXES:
-
azurerm_application_insights_api_key
- prevent a bug where multiple keys couldn't be created for an Application Insights instance (#23463) -
azurerm_container_registry
- thenetwork_rule_set.virtual_network
property has been deprecated (#24140) -
azurerm_hdinsight_hadoop_cluster
- setroles.edge_node.install_script_action.parameters
into state by retrieving the value provided in the user config since this property isn't returned by the API (#23971) -
azurerm_kubernetes_cluster
- prevent a bug where maintenance window start date was always recalculated and sent to the API (#23985) -
azurerm_mssql_database
- will no longer send all long retention values in payload unless set (#24124) -
azurerm_mssql_managed_database
- will no longer send all long retention values in payload unless set (#24124) -
azurerm_mssql_server_microsoft_support_auditing_policy
- only include storage endpoint in payload if set (#24122) -
azurerm_mobile_network_packet_core_control_plane
- prevent a panic if the HTTP Response is nil (#24083) -
azurerm_storage_account
- revert plan time name validation(#​23799)
(#24142) -
azurerm_web_application_firewall_policy
- split create and update function to fix lifecycle - ignore changes (#23412)
v3.83.0
UPGRADE NOTES:
- Key Vaults are now loaded using the
ListBySubscription
API within the Key Vault Resource Provider rather than the Resources API. This change means that the Provider now caches the list of Key Vaults available within a Subscription, rather than loading these piecemeal to workaround stale data returned from the Resources API (#24019)
FEATURES:
- New Data Source:
azurerm_stack_hci_cluster
(#24032)
ENHANCEMENTS:
- dependencies: updating to
v0.20231129.1103252
ofgithub.com/hashicorp/go-azure-sdk
(#24063) -
automation
: updating to API Version2023-11-01
(#24017) -
keyvault
: the cache is now populated using theListBySubscription
endpoint on the KeyVault Resource Provider rather than via theResources
API (#24019). -
keyvault
: updating the cache to populate all Key Vaults available within the Subscription to reduce the number of API calls (#24019) - Data Source
azurerm_private_dns_zone
: refactoring to use theListBySubscription
API rather than the Resources API whenresource_group_name
is omitted (#24024) -
azurerm_dashboard_grafana
- support forgrafana_major_version
(#24014) -
azurerm_linux_web_app
- add support for dotnet 8 (#23893) -
azurerm_linux_web_app_slot
- add support for dotnet 8 (#23893) -
azurerm_media_transform
- deprecateface_detector_preset
andvideo_analyzer_preset
(#24002) -
azurerm_postgresql_database
- update the validation ofcollation
to includeNorwegian_Norway.1252
(#24070) -
azurerm_postgresql_flexible_server
- updating to API Version2023-06-01-preview
(#24016) -
azurerm_redis_cache
- support for theactive_directory_authentication_enabled
property (#23976) -
azurerm_windows_web_app
- add support for dotnet 8 (#23893) -
azurerm_windows_web_app_slot
- add support for dotnet 8 (#23893) -
azurerm_storage_account
- addname
validation in custom diff (#23799)
BUG FIXES:
- authentication: fix a bug where auxiliary tenants were not correctly authorized (#24063)
-
azurerm_app_configuration
- normalize location inreplica
block (#24074) -
azurerm_cosmosdb_account
- cosmosdb version and capabilities can now be updated at the same time (#24029) -
azurerm_data_factory_flowlet_data_flow
-source
andsink
properties are now optional (#23987) -
azurerm_datadog_monitor_tag_rule
- correctly handle default rule (#22806) -
azurerm_ip_group
: fixing a crash whenfirewall_ids
andfirewall_policy_ids
weren't parsed correctly from the API Response (#24031) -
azurerm_nginx_deployment
- add default value of20
forcapacity
(#24033)
v3.82.0
FEATURES:
- New Data Source:
azurerm_monitor_workspace
(#23928) - New Resource:
azurerm_application_load_balancer_subnet_association
(#23628)
ENHANCEMENTS:
- dependencies: updating to
v0.20231117.1130141
ofgithub.com/hashicorp/go-azure-sdk
(#23945) -
azurestackhci
: updating to API Version2023-08-01
(#23939) -
dashboard
: updating to API Version2023-09-01
(#23929) -
hpccache
: updating to API version2023-05-01
(#24005) -
mssql
: updating resources usinghashicorp/go-azure-sdk
to API Version2023-02-01-preview
(#23721) -
templatespecversions
: updating to API Version2022-02-01
(#24007) - Data Source:
azurerm_template_spec_version
- refactoring to usehashicorp/go-azure-sdk
(#24007) -
azurerm_cosmosdb_postgresql_cluster
-coordinator_storage_quota_in_mb
andcoordinator_vcore_count
are no longer required for read replicas (#23928) -
azurerm_dashboard_grafana
-sku
can now be set toEssential
(#23934) -
azurerm_gallery_application_version
- add support for theconfig_file
,package_file
andtarget_region.exclude_from_latest
properties (#23816) -
azurerm_hdinsight_hadoop_cluster
-script_actions
is no longer Force New (#23888) -
azurerm_hdinsight_hbase_cluster
-script_actions
is no longer Force New (#23888) -
azurerm_hdinsight_interactive_query_cluster
-script_actions
is no longer Force New (#23888) -
azurerm_hdinsight_kafka_cluster
-script_actions
is no longer Force New (#23888) -
azurerm_hdinsight_spark_cluster
-script_actions
is no longer Force New (#23888) -
azurerm_kubernetes_cluster
- add support for thegpu_instance
property (#23887) -
azurerm_kubernetes_cluster_node_pool
- add support for thegpu_instance
property (#23887) -
azurerm_log_analytics_workspace
- add support for theidentity
property (#23864) -
azurerm_linux_function_app
- add support for dotnet 8 (#23638) -
azurerm_linux_function_app_slot
- add support for dotnet 8 (#23638) -
azurerm_managed_lustre_file_system
- export attributemgs_address
(#23942) -
azurerm_mssql_database
- support for Hyperscale SKUs (#23974) -
azurerm_mssql_database
- refactoring to usehashicorp/go-azure-sdk
(#23721) -
azurerm_mssql_server
- refactoring to usehashicorp/go-azure-sdk
(#23721) -
azurerm_shared_image
- add support fortrusted_launch_supported
(#23781) -
azurerm_spring_cloud_container_deployment
- add support for theapplication_performance_monitoring_ids
property (#23862) -
azurerm_spring_cloud_customized_accelerator
- add support for theaccelerator_type
andpath
properties (#23797) -
azurerm_point_to_site_vpn_gateway
- allow multipleconnection_configurations
blocks (#23936) -
azurerm_private_dns_cname_record
-ttl
can now be set to 0 (#23918) -
azurerm_windows_function_app
- add support for dotnet 8 (#23638) -
azurerm_windows_function_app_slot
- add support for dotnet 8 (#23638)
BUG FIXES:
-
azurerm_api_management
- correct a bug with additional location zones within theadditional_location
block (#23943) -
azurerm_dev_test_linux_virtual_machine
-storage_type
is now ForceNew to match the updated API behaviour (#23973) -
azurerm_dev_test_windows_virtual_machine
-storage_type
is now ForceNew to match the updated API behaviour (#23973) -
azurerm_disk_encryption_set
- resource will recreate ifidentity
changes fromSystemAssigned
toUserAssigned
(#23904) -
azurerm_eventhub_cluster
:sku_name
is no longer ForceNew (#24009) -
azurerm_firewall
- recasing the value forfirewall_policy_id
to workaround the API returning the incorrect casing (#23993) -
azurerm_security_center_subscription_pricing
- fix a bug preventing removal ofextensions
and downgradingtier
toFree
(#23821) -
azurerm_windows_web_app
- fix an issue of incorrect application stack settings during update (#23372)
v3.81.0
ENHANCEMENTS:
- dependencies: updating to
v0.20231116.1162710
ofgithub.com/hashicorp/go-azure-sdk
(#23922) -
managedservices
: updating to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#23890) -
network
: updating to API Version2023-06-01
(#23875) -
servicelinker
: updating to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#23890) -
storage
: refactoring usages ofgithub.com/hashicorp/go-azure-sdk
to use the base layer fromhashicorp/go-azure-sdk
rather thanAzure/go-autorest
(#23890) - Data Source:
azurerm_network_ddos_protection_plan
: refactoring to usehashicorp/go-azure-sdk
(#23849) -
azurerm_linux_function_app
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900) -
azurerm_linux_function_app_slot
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900) -
azurerm_linux_web_app
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900) -
azurerm_linux_web_app_slot
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900) -
azurerm_logic_app_integration_account_certificate
-name
now accepts underscores (#23866) -
azurerm_logic_app_integration_account_partner
-business_identity.value
now accepts underscores (#23866) -
azurerm_monitor_data_collection_rule
- added support forWorkspaceTransforms
askind
(#23873) -
azurerm_network_ddos_protection_plan
: refactoring to usehashicorp/go-azure-sdk
(#23849) -
azurerm_windows_function_app
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900) -
azurerm_windows_function_app_slot
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900) -
azurerm_windows_web_app
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900) -
azurerm_windows_web_app_slot
- add support for disabling Basic Auth for default Publishing Profile via new propertiesftp_publish_basic_authentication_enabled
andwebdeploy_publish_basic_authentication_enabled
(#23900)
v3.80.0
ENHANCEMENTS:
-
internal/sdk
- Added support for pointer Types in resource models (#23810) - dependencies: updating to
v0.63.0
ofgithub.com/hashicorp/go-azure-helpers
(#23785) - dependencies: updating to
v0.20231106.1151347
ofgithub.com/hashicorp/go-azure-sdk
(#23787) -
azurerm_cognitive_deployment
- support for theversion_upgrade_option
property (#22520) -
azurerm_firewall_policy_rule_collection_group
- add support for the propertyhttp_headers
(#23641) -
azurerm_kubernetes_cluster
-fips_enabled
can be updated in thedefault_node_pool
without recreating the cluster (#23612) -
azurerm_kusto_cluster
- the clustername
can now include dashes (#23790) -
azurerm_postgresql_database
- update the validation ofcollation
to include support forFrench_France.1252
(#23783)
BUG FIXES:
- Data Source:
azurerm_data_protection_backup_vault
- removingimport
support, since Data Sources don't support being imported (#23820) - Data Source:
azurerm_kusto_database
- removingimport
support, since Data Sources don't support being imported (#23820) - Data Source:
azurerm_virtual_hub_route_table
- removingimport
support, since Data Sources don't support being imported (#23820) -
azurerm_windows_web_app
- prevent a panic with theauto_heal.actions
property (#23836) -
azurerm_windows_web_app
- prevent a panic with theauto_heal.triggers
property (#23812)
v3.79.0
ENHANCEMENTS:
- provider: log instead of error when RPs are unavailable when validating RP registrations (#23380)
-
azurerm_arc_kuberenetes_cluster_extension_resource
- theversion
andrelease_train
properties can now be set simultaneously (#23692) -
azurerm_container_apps
- support for theingress.exposed_port
property (#23752) -
azurerm_cosmosdb_postgresql_cluster
- read replica clusters can be created without specifyingadministrator_login_password
property (#23750) -
azurerm_managed_application
- arrays can be supplied in theparameter_values
property (#23754) -
azurerm_storage_management_policy
- support for propertiesrule.*.actions.*.base_blob.0.tier_to_cold_after_days_since_{modification|last_access_time|creation}_greater_than and rule.*.actions.*.{snapshot|version}.0.tier_to_cold_after_days_since_creation_greater_than
(#23574)
BUG FIXES:
-
azurerm_api_management_diagnostic
- theoperation_name_format
attribute will only be sent ifidentifier
is set toapplicationinsights
(#23736) -
azurerm_backup_policy_vm
- fix payload by using current datetime (#23586) -
azurerm_kubernetes_cluster
- thecustom_ca_trust_certificates_base64
property can not be removed, only updated (#23737)
hashicorp/terraform-provider-google (google)
v5.19.0
v5.18.0
BREAKING CHANGES:
- securityposture: marked
policy_sets
andpolicy_sets.policies
required ingoogle_securityposture_posture
. API validation already enforced this, so no resources could be provisioned without these (#17303)
FEATURES:
-
New Data Source:
google_compute_forwarding_rules
(#17342) -
New Resource:
google_firebase_app_check_app_attest_config
(#17279) -
New Resource:
google_firebase_app_check_play_integrity_config
(#17279) -
New Resource:
google_firebase_app_check_recaptcha_enterprise_config
(#17327) -
New Resource:
google_firebase_app_check_recaptcha_v3_config
(#17327) -
New Resource:
google_migration_center_preference_set
(#17291) -
New Resource:
google_netapp_volume_replication
(#17348)
IMPROVEMENTS:
- cloudfunctions: added output-only
version_id
field ongoogle_cloudfunctions_function
(#17273) - composer: supported patch versions of airflow on
google_composer_environment
(#17345) - compute: supported updating
network_interface.stack_type
field ongoogle_compute_instance
resource. (#17295) - container: added
node_config.resource_manager_tags
field togoogle_container_cluster
resource (#17346) - container: added
node_config.resource_manager_tags
field togoogle_container_node_pool
resource (#17346) - container: added output-only fields
membership_id
andmembership_location
underfleet
ingoogle_container_cluster
resource (#17305) - looker: added
custom_domain
field togoogle_looker_instance
resource (#17301) - netapp: added field
restore_parameters
and output-only fieldsstate
,state_details
andcreate_time
togoogle_netapp_volume
resource (#17293) - workbench: added
container_image
field togoogle_workbench_instance
resource (#17326) - workbench: added
shielded_instance_config
field togoogle_workbench_instance
resource (#17306)
BUG FIXES:
- bigquery: allowed users to set permissions for
principal
/principalSets
(iamMember
) ingoogle_bigquery_dataset_iam_member
. (#17292) - cloudfunctions2: fixed an issue where not specifying
event_config.trigger_region
ingoogle_cloudfunctions2_function
resulted in a permanent diff. The field now pulls a default value from the API when unset. (#17328) - compute: fixed issue where changes only in
stateful_(internal|external)_ip
would not trigger an update forgoogle_compute_(region_)instance_group_manager
(#17297) - compute: fixed perma-diff on
min_ports_per_vm
ingoogle_compute_router_nat
when the field is unset by making the field default to the API-set value (#17337) - dataflow: fixed crash in
google_dataflox_job
to return an error instead if a job's Environment field is nil when reading job information (#17344) - notebooks: changed
tag
field to default to the API's value if not specified ingoogle_notebooks_instance
(#17323)
v5.17.0
NOTES:
- cloudbuildv2: changed underlying actuation engine for
google_cloudbuildv2_connection
, there should be no user-facing impact (#17222)
DEPRECATIONS:
- container: deprecated support for
relay_mode
field ingoogle_container_cluster.monitoring_config.advanced_datapath_observability_config
in favor ofenable_relay
field,relay_mode
field will be removed in a future major release (#17262)
FEATURES:
-
New Resource:
google_firebase_app_check_debug_token
(#17242) -
New Resource:
google_clouddeploy_custom_target_type
(#17254)
IMPROVEMENTS:
- cloudasset: allowed overriding the billing project for the
google_cloud_asset_resources_search_all
datasource - clouddeploy: added support for
canary_revision_tags
,prior_revision_tags
,stable_revision_tags
, andstable_cutback_duration
togoogle_clouddeploy_delivery_pipeline
- cloudfunctions: expose
version_id
ongoogle_cloudfunctions_function
(#17273) - compute: promoted
user_ip_request_headers
field ongoogle_compute_security_policy
resource to GA (#17271) - container: added support for
enable_relay
field togoogle_container_cluster.monitoring_config.advanced_datapath_observability_config
(#17262) - eventarc: added support for
http_endpoint.uri
andnetwork_config.network_attachment
togoogle_eventarc_trigger
(#17237) - healthcare: added
reject_duplicate_message
field togoogle_healthcare_hl7_v2_store
resource (#17267) - identityplatform: added
client
,permissions
,monitoring
andmfa
fields togoogle_identity_platform_config
(#17225) - notebooks: added
desired_state
field togoogle_notebooks_instance
(#17268) - vertexai: added
feature_registry_source
field togoogle_vertex_ai_feature_online_store_featureview
resource (#17264) - workbench: added
desired_state
field togoogle_workbench_instance
resource (#17270)
BUG FIXES:
- compute: made
resource_manager_tags
updatable ongoogle_compute_instance_template
andgoogle_compute_region_instance_template
(#17256) - notebooks: prevented recreation of
google_notebooks_instance
whenkms_key
orservice_account_scopes
are changed server-side (#17232)
v5.16.0
FEATURES:
-
New Resource:
google_clouddeploy_delivery_pipeline_iam_*
(#17180) -
New Resource:
google_compute_instance_group_membership
(#17188) -
New Resource:
google_discovery_engine_search_engine
(#17146) -
New Resource:
google_firebase_app_check_service_config
(#17155)
IMPROVEMENTS:
- bigquery: promoted
table_replication_info
field onresource_bigquery_table
resource to GA (#17181) - networksecurity: removed unused custom code from
google_network_security_address_group
(#17183) - provider: added an optional provider level label
goog-terraform-provisioned
to identify resources that were created by Terraform when viewing/editing these resources in other tools. (#17170)
v5.15.0
FEATURES:
-
New Data Source:
google_compute_machine_types
(#17107) -
New Resource:
google_blockchain_node_engine_blockchain_nodes
(#17096) -
New Resource:
google_compute_region_network_endpoint
(#17137) -
New Resource:
google_discovery_engine_chat_engine
(#17145) -
New Resource:
google_discovery_engine_search_engine
(#17146) -
New Resource:
google_netapp_volume_snapshot
(#17138)
IMPROVEMENTS:
- compute: added
INTERNET_IP_PORT
andINTERNET_FQDN_PORT
options for thegoogle_compute_region_network_endpoint_group
resource. (#17137) - compute: added
creation_timestamp
togoogle_compute_instance_group_manager
andgoogle_compute_region_instance_group_manager
. (#17110) - compute: added
disk_id
attribute togoogle_compute_disk
resource (#17112) - compute: added
stack_type
attribute forgoogle_compute_interconnect_attachment
resource. (#17139) - compute: updated the
google_compute_security_policy
resource'sjson_parsing
field to accept the valueSTANDARD_WITH_GRAPHQL
(#17097) - memcache: added
reserved_ip_range_id
field togoogle_memcache_instance
resource (#17101) - netapp: added
deletion_policy
field togoogle_netapp_volume
resource (#17111)
BUG FIXES:
- alloydb: fixed an issue where
database_flags
in secondarygoogle_alloydb_instance
resources would cause a diff, as they are copied from the primary (#17128) - filestore: made
google_filestore_instance.source_backup
field configurable (#17099) - vmwareengine: fixed a bug to prevent recreation of existing
google_vmwareengine_private_cloud
resources when upgrading provider version from <5.10.0 (#17135
v5.14.0
FEATURES:
-
New Resource:
google_discovery_engine_data_store
(#17084) -
New Resource:
google_securityposture_posture_deployment
(#17085) -
New Resource:
google_securityposture_posture
(#17079)
IMPROVEMENTS:
- artifactregistry: promoted
cleanup_policies
andcleanup_policy_dry_run
fields to GA forgoogle_artifactregistry_repository
resource (#17074) - composer: added
data_retention_config
field togoogle_composer_environment
resource (#17050) - logging: updated the
google_logging_project_bucket_config
resource to be created using the asynchronous create method (#17067) - pubsub: added
use_table_schema
field togoogle_pubsub_subscription
resource (#17054) - workflows: added
call_log_level
field togoogle_workflows_workflow
resource (#17051)
BUG FIXES:
- cloudfunctions2: fixed permadiff when
build_config.docker_repository
field is not specified ongoogle_cloudfunctions2_function
resource (#17072) - compute: fixed error when
iap
field is unset forgoogle_compute_region_backend_service
resource (#17071) - eventarc: fixed error when setting
destination.cloud_function
field ongoogle_eventarc_trigger
resource by making it output-only (#17052)
v5.13.0
NOTES:
- cloudbuildv2: changed underlying actuation engine for
google_cloudbuildv2_repository
, there should be no user-facing impact (#16969) - provider: added support for in-place update for
labels
andterraform_labels
fields in immutable resources (#17016)
FEATURES:
-
New Resource:
google_netapp_backup_policy
(#16962) -
New Resource:
google_netapp_volume
(#16990) -
New Resource:
google_network_security_address_group_iam_*
(#17013) -
New Resource:
google_vertex_ai_feature_group_feature
(#17015)
IMPROVEMENTS:
- alloydb: allowed
database_version
as an input ongoogle_alloydb_cluster
resource (#16967) - bigquery: added
spark_options
field togoogle_bigquery_routine
resource (#17028) - cloudrunv2: added
nfs
andgcs
fields togoogle_cloud_run_v2_service.template.volumes
(#16972) - cloudrunv2: added
tcp_socket
field togoogle_cloud_run_v2.template.containers.liveness_probe
(#16972) - compute: added
enable_confidential_compute
field togoogle_compute_instance.boot_disk.initialize_params
(#16968) - compute: added
enable_confidential_compute
field togoogle_compute_disk
resource (#16968) - gkehub2: added
clusterupgrade
field togoogle_gke_hub_feature
resource (#16951) - notebooks: allowed
machine_type
andaccelerator_config
to be updatable ongoogle_notebooks_runtime
resource (#16993)
BUG FIXES:
- compute: fixed the bug that
max_ttl
is sent in API calls even it is removed from configuration when changing cache_mode to FORCE_CACHE_ALL ingoogle_compute_backend_bucket
resource (#16976) - networkservices: fixed a perma-diff on
addresses
field ingoogle_network_services_gateway
resource (#17035) - provider: fixed
universe_domain
behavior to correctly throw an error when explicitly configureduniverse_domain
values did not match credentials assumed to be in the default universe (#17014) - spanner: fixed error when adding
autoscaling_config
to an existinggoogle_spanner_instance
resource (#17033)
v5.12.0
FEATURES:
-
New Data Source:
google_dns_managed_zones
(#16949) -
New Data Source:
google_filestore_instance
(#16931) -
New Data Source:
google_vmwareengine_external_access_rule
(#16912) -
New Resource:
google_clouddomains_registration
(#16947) -
New Resource:
google_netapp_kmsconfig
(#16945) -
New Resource:
google_vertex_ai_feature_online_store_featureview
(#16930) -
New Resource:
google_vmwareengine_external_access_rule
(#16912)
IMPROVEMENTS:
- compute: added
md5_authentication_key
field togoogle_compute_router_peer
resource (#16923) - compute: added in-place update support to
params.resource_manager_tags
field ingoogle_compute_instance
resource (#16942) - compute: added in-place update support to
description
field ingoogle_compute_instance
resource (#16900) - gkehub: added
policycontroller
field togoogle_gke_hub_feature_membership
resource (#16916) - gkehub2: added
clusterupgrade
field togoogle_gke_hub_feature
resource (#16951) - gkeonprem: added in-place update support to
vsphere_config
field and addedhost_groups
field ingoogle_gkeonprem_vmware_node_pool
resource (#16896) - iam: added
create_ignore_already_exists
field togoogle_service_account
resource. Ifignore_create_already_exists
is set to true, resource creation would succeed when response error is 409ALREADY_EXISTS
. (#16927) - servicenetworking: added field
deletion_policy
togoogle_service_networking_connection
(#16944) - sql: set
replica_configuration
,ca_cert
, andserver_ca_cert
fields to be sensitive ingoogle_sql_instance
andgoogle_sql_ssl_cert
resources (#16932)
BUG FIXES:
- bigquery: fixed perma-diff of
encryption_configuration
when API returns an empty object ongoogle_bigquery_table
resource (#16926) - compute: fixed an issue where the provider would
wait_for_instances
if set before deleting ongoogle_compute_instance_group_manager
andgoogle_compute_region_instance_group_manager
resources (#16943) - compute: fixed perma-diff that reordered
stateful_external_ip
andstateful_internal_ip
blocks ongoogle_compute_instance_group_manager
andgoogle_compute_region_instance_group_manager
resources (#16910) - datapipeline: fixed perma-diff of
scheduler_service_account_email
when it's not explicitly specified ingoogle_data_pipeline_pipeline
resource (#16917) - edgecontainer: fixed resource import on
google_edgecontainer_vpn_connection
resource (#16948) - servicemanagement: fixed an issue where an inconsistent plan would be created when certain fields such as
openapi_config
,grpc_config
, andprotoc_output_base64
, had computed values ingoogle_endpoints_service
resource (#16946) - storage: fixed an issue where retry timeout wasn't being utilized when creating
google_storage_bucket
resource (#16902)
v5.11.0
NOTES:
- compute: changed underlying actuation engine for
google_network_firewall_policy
andgoogle_region_network_firewall_policy
, there should be no user-facing impact (#16837)
DEPRECATIONS:
- gkehub2: deprecated field
configmanagement.config_sync.oci.version
ingoogle_gke_hub_feature
resource (#16818)
FEATURES:
-
New Data Source:
google_compute_reservation
(#16860) -
New Resource:
google_integration_connectors_endpoint_attachment
(#16822) -
New Resource:
google_logging_folder_settings
(#16800) -
New Resource:
google_logging_organization_settings
(#16800) -
New Resource:
google_netapp_active_directory
(#16844) -
New Resource:
google_vertex_ai_feature_online_store
(#16840) -
New Resource:
google_vertex_ai_feature_group
(#16842) -
New Resource:
google_netapp_backup_vault
(#16876)
IMPROVEMENTS:
- bigqueryanalyticshub: added
restricted_export_config
field togoogle_bigquery_analytics_hub_listing
resource (#16850) - composer: added support for
composer_internal_ipv4_cidr_block
field togoogle_composer_environment
(#16815) - compute: added
provisioned_iops
andprovisioned_throughput
fields underboot_disk.initialize_params
togoogle_compute_instance
resource (#16871) - compute: added
resource_manager_tags
anddisk.resource_manager_tags
forgoogle_compute_instance_template
(#16889) - compute: added
resource_manager_tags
anddisk.resource_manager_tags
forgoogle_compute_region_instance_template
(#16889) - dataproc: added
auxiliary_node_groups
field togoogle_dataproc_cluster
resource (#16798) - edgecontainer: increased default timeout on
google_edgecontainer_cluster
,google_edgecontainer_node_pool
to 480m from 60m (#16886) - gkehub2: added field
version
underconfigmanagement
ingoogle_gke_hub_feature
resource (#16818) - kms: added output-only field
primary
togoogle_kms_crypto_key
(#16845) - metastore: added
endpoint_protocol
,metadata_integration
, andauxiliary_versions
togoogle_dataproc_metastore_service
(#16823) - sql: added support for IAM GROUP authentication in the
type
field ofgoogle_sql_user
(#16853) - storagetransfer: made
name
field settable ongoogle_storage_transfer_job
(#16838)
BUG FIXES:
- container: added check that
node_version
andmin_master_version
are the same on create ofgoogle_container_cluster
, when running terraform plan (#16817) - container: fixed a bug where disabling PDCSI addon
gce_persistent_disk_csi_driver_config
during creation will result in permadiff ingoogle_container_cluster
resource (#16794) - container: fixed an issue in which migrating from the deprecated Binauthz enablement bool to the new evaluation mode enum inadvertently caused two cluster update events, instead of none. (#16851)
- containerattached: fixed crash when updating a cluster to remove
admin_users
oradmin_groups
ingoogle_container_attached_cluster
(#16852) - dialogflowcx: fixed a permadiff in the
git_integration_settings
field ofgoogle_diagflow_cx_agent
(#16803) - monitoring: fixed the index out of range crash in
dashboard_json
for the resourcegoogle_monitoring_dashboard
(#16792)
v5.10.0
FEATURES:
-
New Data Source:
google_compute_region_disk
(#16732) -
New Data Source:
google_vmwareengine_external_address
(#16698) -
New Data Source:
google_vmwareengine_subnet
(#16700) -
New Data Source:
google_vmwareengine_vcenter_credentials
(#16709) -
New Resource:
google_vmwareengine_cluster
(#16757) -
New Resource:
google_vmwareengine_external_address
(#16698) -
New Resource:
google_vmwareengine_subnet
(#16700) -
New Resource:
google_workbench_instance
(#16773) -
New Resource:
google_workbench_instance_iam_*
(#16773)
IMPROVEMENTS:
- compute: added
numeric_id
field togoogle_compute_network
resource (#16712) - compute: added
remove_instance_on_destroy
option togoogle_compute_per_instance_config
resource (#16729) - compute: added
remove_instance_on_destroy
option togoogle_compute_region_per_instance_config
resource (#16729) - container: added
network_performance_config
field togoogle_container_node_pool
resource to support GKE tier 1 networking (#16688) - container: added support for in-place update for
machine_type
/disk_type
/disk_size_gb
ingoogle_container_node_pool
resource (#16724) - containerazure: added
config.labels
togoogle_container_azure_node_pool
(#16754) - dataform: added
display_name
,labels
andnpmrc_environment_variables_secret_version
fields togoogle_dataform_repository
resource (#16733) - monitoring: added
severity
field togoogle_monitoring_alert_policy
resource (#16775) - notebooks: added support for
labels
togoogle_notebooks_runtime
(#16783) - recaptchaenterprise: added
waf_settings
togoogle_recaptcha_enterprise_key
(#16754) - securesourcemanager: added
host_config
,state_note
,kms_key
, andprivate_config
fields togoogle_secure_source_manager_instance
resource (#16731) - spanner: added
autoscaling_config.max_nodes
andautoscaling_config.min_nodes
togoogle_spanner_instance
(#16786) - storage: added
rpo
field togoogle_storage_bucket
resource (#16756) - vmwareengine: added
type
field togoogle_vmwareengine_private_cloud
resource (#16781) - workloadidentity: added
saml
block togoogle_iam_workload_identity_pool_provider
resource (#16710)
BUG FIXES:
- logging: fixed an issue where value change of
unique_writer_identity
ongoogle_logging_project_sink
does not trigger diff on dependent's usages ofwriter_identity
(#16776)
v5.9.0
FEATURES:
-
New Data Source:
google_logging_folder_settings
(#16658) -
New Data Source:
google_logging_organization_settings
(#16658) -
New Data Source:
google_logging_project_settings
(#16658) -
New Data Source:
google_vmwareengine_network_policy
(#16639) -
New Data Source:
google_vmwareengine_nsx_credentials
(#16669) -
New Resource:
google_scc_event_threat_detection_custom_module
(#16649) -
New Resource:
google_secure_source_manager_instance
(#16637) -
New Resource:
google_vmwareengine_network_policy
(#16639)
IMPROVEMENTS:
- bigqueryconnection: added
spark
support togoogle_bigquery_connection
resource (#16677) - cloudidentity: added
expiry_detail
field togoogle_cloud_identity_group_membership
resource (#16643) - container: added
autoscaling_profile
field in thecluster_autoscaling
block ingoogle_container_cluster
resource (#16653) - gkehub: added
default_cluster_config
field togoogle_gke_hub_fleet
resource (#16630) - gkehub: added
binary_authorization_config
field togoogle_gke_hub_fleet
resource (#16674) - sql: added support for in-place updates to the
edition
field ingoogle_sql_database_instance
resource (#16629)
BUG FIXES:
- artifactregistry: fixed permadiff due to unsorted
virtual_repository_config
array ingoogle_artifact_registry_repository
(#16646) - container: made
dns_config
field updatable ongoogle_container_cluster
resource (#16652) - dlp: added conflicting field validation in the
storage_config.timespan_config
block indata_loss_prevention_job_trigger
resource (#16628) - dlp: updated the
storage_config.timespan_config.timestamp_field
field indata_loss_prevention_job_trigger
to be optional (#16628) - firestore: added retries during creation of
google_firestore_index
resources to address retryable 409 code API errors ("Please retry, underlying data changed", and "Aborted due to cross-transaction contention") (#16618, #16670) - storage: fixed unexpected
lifecycle_rule
conditions being added forgoogle_storage_bucket
(#16683)
v5.8.0
FEATURES:
-
New Data Source:
google_vmwareengine_network_peering
(#16616) -
New Resource:
google_migration_center_group
(#16549) -
New Resource:
google_netapp_storage_pool
(#16573) -
New Resource:
google_vmwareengine_network
(ga) (#16583) -
New Resource:
google_vmwareengine_network_peering
(#16616)
IMPROVEMENTS:
- artifactregistry: added
remote_repository_config.upstream_credentials
field togoogle_artifact_registry_repository
resource (#16562) - cloudbuild: added fields
build.artifacts.maven_artifacts
,build.artifacts.npm_packages
, andbuild.artifacts.python_packages
to resourcegoogle_cloudbuild_trigger
(#16543) - cloudrunv2: promoted field
depends_on
ingoogle_cloud_run_v2_service
to GA (#16577) - composer: added
database_config.zone
field ingoogle_composer_environment
(#16551) - compute: added field
service_directory_registrations
to resourcegoogle_compute_global_forwarding_rule
(#16581) - firestore: added virtual field
deletion_policy
togoogle_firestore_database
(#16576) - firestore: enabled database deletion upon destroy for
google_firestore_database
(#16576) - gkehub2: added
policycontroller
field tofleet_default_member_config
ingoogle_gke_hub_feature
(#16542) - iam: added
allowed_services
,disable_programmatic_signin
fields togoogle_iam_workforce_pool
resource (#16580) - vmwareengine: added
STANDARD
type support togoogle_vmwareengine_network
resource (#16583) - vmwareengine: promoted
google_vmwareengine_private_cloud
resource to GA (#16613)
BUG FIXES:
- compute: fixed a permadiff caused by issues with ipv6 diff suppression in
google_compute_forwarding_rule
andgoogle_compute_global_forwarding_rule
(#16550) - firestore: fixed an issue where
google_firestore_database
could be deleted whendelete_protection_state
wasDELETE_PROTECTION_ENABLED
(#16576) - firestore: made resource creation retry for 409 errors with the text "Aborted due to cross-transaction contention" in
google_firestore_index
(#16618)
v5.7.0
DEPRECATIONS:
- gkehub: deprecated
config_management.binauthz
ingoogle_gke_hub_feature_membership
(#16536)
IMPROVEMENTS:
- bigtable: added
standard_isolation
andstandard_isolation.priority
fields togoogle_bigtable_app_profile
resource (#16485) - cloudrunv2: promoted
custom_audiences
field to GA ongoogle_cloud_run_v2_service
resource (#16510) - compute: promoted
labels
field to GA ongoogle_compute_vpn_tunnel
resource (#16508) - containerattached: added
proxy_config
field togoogle_container_attached_cluster
resource (#16524) - gkehub: added
membership_location
field togoogle_gke_hub_feature_membership
resource (#16536) - logging: made the change to aqcuire and update the
google_logging_project_sink
resource that already exists at the desired location. These logging buckets cannot be removed so deleting this resource will remove the bucket config from your terraform state but will leave the logging bucket unchanged. (#16513) - memcache: added
MEMCACHE_1_6_15
as a possible value formemcache_version
ingoogle_memcache_instance
resource (#16531) - monitoring: added error message to delete Alert Policies first on 400 response when deleting
google_monitoring_uptime_check_config
resource (#16535) - spanner: added
autoscaling_config
field togoogle_spanner_instance
resource (#16473) - workflows: promoted
user_env_vars
field to GA ongoogle_workflows_workflow
resource (#16477)
BUG FIXES:
- compute: changed
external_ipv6_prefix
field to not be output only ingoogle_compute_subnetwork
resource (#16480) - compute: fixed issue where
google_compute_attached_disk
would produce an error for certain zone configs (#16484) - edgecontainer: fixed update method of
google_edgecontainer_cluster
resource (#16490) - provider: fixed an issue where universe domains would not overwrite API endpoints (#16521)
- resourcemanager: made
data_source_google_project_service
no longer return an error when the service is not enabled (#16525) - sql:
ssl_mode
field is not stored in terraform state if it has never been used ingoogle_sql_database_instance
resource (#16486)
NOTES:
- dataproc: backfilled
terraform_labels
field for resourcegoogle_dataproc_workflow_template
, so resource recreation won't happen during provider upgrade from4.x
to5.7
(#16517) -
- provider: backfilled
terraform_labels
field for some immutable resources, so resource recreation won't happen during provider upgrade from4.X
to5.7
(#16518)
- provider: backfilled
v5.6.0
FEATURES:
-
New Resource:
google_integration_connectors_connection
(#16468)
IMPROVEMENTS:
- assuredworkloads: added
enable_sovereign_controls
,partner
,partner_permissions
,violation_notifications_enabled
, and several other output-only fields togoogle_assured_workloads_workloads
(#16433) - composer: added
storage_config
togoogle_composer_environment
(#16455) - container: added
fleet
field togoogle_container_cluster
resource (#16466) - containeraws: added
admin_groups
togoogle_container_aws_cluster
(#16433) - containerazure: added
admin_groups
togoogle_container_azure_cluster
(#16433) - dataproc: added support for
instance_flexibility_policy
ingoogle_dataproc_cluster
(#16417) - dialogflowcx: added
is_default_start_flow
field togoogle_dialogflow_cx_flow
resource to allow management of default flow resources via Terraform (#16441) - dialogflowcx: added
is_default_welcome_intent
andis_default_negative_intent
fields togoogle_dialogflow_cx_intent
resource to allow management of default intent resources via Terraform (#16441) -
- gkehub: added
fleet_default_member_config
field togoogle_gke_hub_feature
resource (#16457)
- gkehub: added
- gkehub: added
metrics_gcp_service_account_email
togoogle_gke_hub_feature_membership
(#16433) - logging: added
index_configs
field tologging_bucket_config
resource (#16437) - logging: added
index_configs
field tologging_project_bucket_config
resource (#16437) - monitoring: added
pings_count
,user_labels
, andcustom_content_type
fields togoogle_monitoring_uptime_check_config
resource (#16420) - spanner: added
autoscaling_config
field togoogle_spanner_instance
(#16473) - sql: added
ssl_mode
field togoogle_sql_database_instance
resource (#16394) - vertexai: added
private_service_connect_config
togoogle_vertex_ai_index_endpoint
(#16471) - workstations: added
domain_config
field to resourcegoogle_workstations_workstation_cluster
(beta) (#16464)
BUG FIXES:
- assuredworkloads: made the
violation_notifications_enabled
field on thegoogle_assured_workloads_workload
resource default to values returned from the API when unset in a users configuration (#16465) - provider: made
terraform_labels
immutable in immutable resources to not block the upgrade. This will create a Terraform plan that recreates the resource on4.X
->5.6.0
upgrade for affected resources. A mitigation to backfill the values during the upgrade is planned, and will release resource-by-resource. (#16469)
terraform-google-modules/terraform-google-kubernetes-engine (terraform-google-modules/kubernetes-engine/google)
v30.1.0
Features
- add direct fleet registration option (#1878) (6b267bd)
- add optional membership_location to fleet-membership (#1860) (163de39)
Bug Fixes
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.