chore(deps): update terraform (!716) · Merge requests · Common Ground / Haven / haven

Common Ground Bot requested to merge renovate/terraform into main Mar 05, 2024

This MR contains the following updates:

Package	Type	Update	Change
aws (source)	required_provider	minor	`5.24.0` -> `5.39.1`
azurerm (source)	required_provider	minor	`3.78.0` -> `3.94.0`
google (source)	required_provider	minor	`5.5.0` -> `5.19.0`
terraform-google-modules/kubernetes-engine/google (source)	module	minor	`30.0.0` -> `30.1.0`

Release Notes

hashicorp/terraform-provider-aws (aws)

`v5.39.1`

Compare Source

BUG FIXES:

data-source/aws_instance: Fix panic: Invalid address to set related to root_block_device.0.tags_all (#36054)

`v5.39.0`

Compare Source

FEATURES:

New Data Source: aws_redshift_data_shares (#35937)
New Resource: aws_apprunner_deployment (#35758)
New Resource: aws_config_retention_configuration (#15136)
New Resource: aws_securityhub_automation_rule (#34781)
New Resource: aws_shield_proactive_engagement (#34667)

ENHANCEMENTS:

aws_kinesis_firehose_delivery_stream: Add custom_time_zone and file_extension arguments to the extended_S3_configuration configuration block (#35969)
resource/aws_appflow_flow: Allow task.source_fields to be a null value (#35993)
resource/aws_codepipeline: Add trigger configuration block (#35475)
resource/aws_config_configuration_recorder: Add plan-time validation of aws_config_organization_custom_rule.lambda_function_arn (#15136)
resource/aws_instance: Add configurable read timeout (#35955)
resource/aws_instance: Apply default tags to volumes/block devices managed through an aws_instance, add ebs_block_device.*.tags_all and root_block_device.*.tags_all attributes which include default tags (#33769)
resource/aws_mq_broker: Add data_replication_mode and data_replication_primary_broker_arn arguments, enabling support for cross-region data replication (#35990)
resource/aws_mwaa_environment: Add endpoint_management attribute (#35961)
resource/aws_redshiftserverless_namespace: Add attributes admin_password_secret_kms_key_id and manage_admin_password (#35965)
resource/aws_shield_drt_access_log_bucket_association: Support resource import (#34667)
resource/aws_shield_drt_access_role_arn_association: Support resource import (#34667)
resource/aws_spot_instance_request: Add configurable read timeout (#35955)
resource/aws_wafv2_web_acl: Add application_integration_url attribute (#35974)

BUG FIXES:

data/aws_redshiftserverless_namespace: Properly set iam_roles attribute on read (#35965)
resource/aws_appflow_flow: Fix perpetual diff when task.task_type is set to Map_all (#35993)
resource/aws_config_configuration_recorder: Fix panic: interface conversion: interface {} is nil, not map[string]interface {} when recording_group.exclusion_by_resource_types is empty (#15136)
resource/aws_config_rule: Change name to ForceNew (#15136)
resource/aws_config_rule: Fix InvalidParameterValueException: PolicyText is required when Owner is CUSTOM_POLICY errors on resource Update (#15136)
resource/aws_ecs_task_definition: Fix perpetual container_definitions diffs when Names are ordered differently (#36029)
resource/aws_msk_replicator: Fix incorrect detect_and_copy_new_topics attribute value from state read/refresh (#35966)
resource/aws_redshiftserverless_workgroup: Fix max_capacity removal (#36032)
resource/aws_redshiftserverless_workgroup: Fix updating both base_capacity and max_capacity (#36032)
resource/aws_shield_drt_access_log_bucket_association: Change log_bucket and role_arn_association_id to ForceNew (#34667)

`v5.38.0`

Compare Source

FEATURES:

New Data Source: aws_batch_job_definition (#34663)
New Data Source: aws_cognito_user_group (#34046)
New Data Source: aws_cognito_user_groups (#34046)

ENHANCEMENTS:

data-source/aws_alb_target_group: Add load_balancer_arns attribute (#34364)
data-source/aws_ec2_instance_type: Add maximum_network_cards attribute (#35840)
data-source/aws_elasticache_subnet_group: Add vpc_id attribute (#35887)
data-source/aws_lb_target_group: Add load_balancer_arns attribute (#34364)
provider: Add token_bucket_rate_limiter_capacity parameter (#35926)
resource/aws_alb_target_group: Add load_balancer_arns attribute (#34364)
resource/aws_codedeploy_deployment_config: Add arn attribute (#35888)
resource/aws_codepipeline: Add execution_mode argument (#35875)
resource/aws_config_configuration_recorder: Add recording_mode configuration block (#35527)
resource/aws_db_instance: Add plan-time validation of performance_insights_retention_period (#35870)
resource/aws_elasticache_subnet_group: Add vpc_id attribute (#35887)
resource/aws_lb_target_group: Add load_balancer_arns attribute (#34364)
resource/aws_redshiftserverless_workgroup: Add max_capacity argument (#35720)
resource/aws_transfer_server: Add TransferSecurityPolicy-2024-01 and TransferSecurityPolicy-FIPS-2024-01 as valid values for security_policy_name (#35879)

BUG FIXES:

data-source/aws_caller_identity: Fix authentication signature error when alternate sts_region is specified (#35860)
data-source/aws_eks_access_entry: Fix cluster_name plan-time validation, allowing single-character names (#35874)
data-source/aws_eks_addon: Fix cluster_name plan-time validation, allowing single-character names (#35874)
data-source/aws_eks_cluster: Fix name plan-time validation, allowing single-character names (#35874)
resource/aws_cloudsearch_domain: Prevent panic when reading nil index_field options response values (#35900)
resource/aws_eks_access_entry: Fix cluster_name plan-time validation, allowing single-character names (#35874)
resource/aws_eks_access_policy_association: Fix cluster_name plan-time validation, allowing single-character names (#35874)
resource/aws_eks_addon: Fix cluster_name plan-time validation, allowing single-character names (#35874)
resource/aws_eks_cluster: Fix name plan-time validation, allowing single-character names (#35874)
resource/aws_eks_fargate_profile: Fix cluster_name plan-time validation, allowing single-character names (#35874)
resource/aws_eks_node_group: Fix cluster_name plan-time validation, allowing single-character names (#35874)
resource/aws_prometheus_scraper: Fixes invalid result after apply error. (#35844)
resource/aws_sqs_queue_policy: Retry IAM eventual consistency errors (#35861)

`v5.37.0`

Compare Source

NOTES:

provider: Updates to Go 1.21 (used by Terraform starting with v1.6.0), which, for Windows, requires at least Windows 10 or Windows Server 2016--support for previous versions has been discontinued--and, for macOS, requires macOS 10.15 Catalina or later--support for previous versions has been discontinued. (#35832)
resource/aws_bedrock_provisioned_model_throughput: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#35689)

FEATURES:

New Data Source: aws_db_parameter_group (#35698)
New Resource: aws_bedrock_provisioned_model_throughput (#35689)
New Resource: aws_cloudfront_key_value_store (#35663)
New Resource: aws_redshift_data_share_consumer_association (#35771)

ENHANCEMENTS:

data-source/aws_ecr_pull_through_cache_rule: Add credential_arn attribute (#34475)
data-source/aws_ecs_task_execution: Add client_token argument (#34402)
data-source/aws_neptune_cluster_instance: Add skip_final_snapshot argument (#35698)
data-source/aws_rds_engine_version: Improve search functionality and options by adding latest, preferred_major_targets, and preferred_upgrade_targets. Add version_actual attribute (#35698)
data-source/aws_rds_orderable_db_instance: Improve search functionality and options by adding engine_latest_version and supports_clusters arguments and converting read_replica_capable, supported_engine_modes, supported_network_types, and supports_multi_az to arguments for use as search criteria (#35698)
resource/aws_appsync_graphql_api: Add introspection_config, query_depth_limit, and resolver_count_limit arguments (#35631)
resource/aws_codeartifact_domain: Add s3_bucket_arn attribute (#35760)
resource/aws_ecr_pull_through_cache_rule: Add credential_arn argument (#34475)
resource/aws_ecs_service: Add service_connect_configuration.service.timeout and service_connect_configuration.service.tls configuration blocks (#35684)
resource/aws_ecs_task_definition: Add track_latest argument (#30154)
resource/aws_glue_catalog_database: Add federated_database argument (#35799)
resource/aws_glue_trigger: Add configurable timeouts (#35542)
resource/aws_rds_cluster: Add domain and domain_iam_role_name arguments to support Kerberos authentication (#35753)
resource/aws_route53_record: Add geoproximity_routing_policy configuration block to support geoproximity routing (#35565)
resource/aws_route53_resolver_rule: Add target_ip.protocol argument (#35744)
resource/aws_sagemaker_endpoint_configuration: Add routing_config argument. Enables the specification of a routing_strategy. (#34777)
resource/aws_sagemaker_space: Add ownership_settings, space_sharing_settings, space_settings.app_type, space_settings.code_editor_app_settings, space_settings.custom_file_system, space_settings.jupyter_lab_app_settings, and space_settings.space_storage_settings arguments (#35116)

BUG FIXES:

provider: Fix failed to get rate limit token, retry quota exceeded errors (#35817)
resource/aws_apigateway_domain_name: Properly send changes to ownership_verification_certificate_arn on update (#35777)
resource/aws_apigatewayv2_route: Fix BadRequestException: Unable to update route. Authorizer type is invalid or null errors when updating authorizer_id (#35821)
resource/aws_autoscaling_group: Fix version to computed for inconsistent final plan issue (#35774)
resource/aws_datasync_task: Fix crash when reading empty report_override values (#35778)
resource/aws_datasync_task: Prevent ValidationErrors when empty values are sent with report_override arguments (#35778)
resource/aws_db_proxy: Change auth from TypeList to TypeSet as order is not significant (#35819)
resource/aws_ecs_account_setting_default: Remove plan-time validation of value (#33393)
resource/aws_ecs_task_definition: Fix perpetual container_definitions diffs when Secrets are ordered differently (#35792)
resource/aws_eks_access_policy_association: Retry IAM eventual consistency errors on create (#35736)
resource/aws_instance: Fix ReservationCapacityExceeded errors when updating instance_type and capacity_reservation_specification.capacity_reservation_target.capacity_reservation_id (#33412)
resource/aws_lakeformation_resource: Properly handle configured false values for use_service_linked_role (#35799)
resource/aws_medialive_channel: Added client_cache to hls_group_settings. (#35738)
resource/aws_ram_resource_share_accepter: Fix handling of out-of-band resource share deletion (#35800)
resource/aws_redshift_data_share_authorization: Fix read operation to properly handle shares in ACTIVE status (#35771)
resource/aws_s3_bucket_acl: Correctly updates access_control_policy when switching configuration to acl. (#35775)
resource/resource_share_acceptor: Wait until RAM resource share available after accepting the invitation (#34753)

`v5.36.0`

Compare Source

NOTES:

data-source/aws_media_convert_queue: The AWS Elemental MediaConvert service has been converted to use standard Regional endpoints instead of deprecated per-account endpoints (#35615)
resource/aws_controltower_landing_zone: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#34595)
resource/aws_media_convert_queue: The AWS Elemental MediaConvert service has been converted to use standard Regional endpoints instead of deprecated per-account endpoints (#35615)

FEATURES:

New Resource: aws_controltower_landing_zone (#34595)
New Resource: aws_osis_pipeline (#35582)
New Resource: aws_redshift_data_share_authorization (#35703)
New Resource: aws_securitylake_custom_log_source (#35354)

ENHANCEMENTS:

resource/aws_cloudwatch_metric_stream: Add plan-time validation of output_format (#35569)
resource/aws_db_instance: Add diag.log and notify.log as valid values for enabled_cloudwatch_logs_exports (#35626)
resource/aws_db_instance: Add domain_auth_secret_arn, domain_dns_ips, domain_fqdn, and domain_ou arguments to support self-managed Active Directory (#35500)
resource/aws_s3_bucket_metric: Add filter.access_point argument (#35590)
resource/aws_verifiedaccess_group: Add sse_configuration argument (#34055)

BUG FIXES:

resource/aws_db_instance: Creating resource from point-in-time recovery now handles password attribute correctly (#35589)
resource/aws_dynamodb_table: Ensure that replicas are always set on Read (#35630)
resource/aws_emr_cluster: Properly normalize launch_specifications.on_demand_specification.allocation_strategy and launch_specifications.spot_specification.allocation_strategy values to fix perpetual state differences (#34367)
resource/aws_kinesis_firehose_delivery_stream: Change extended_s3_configuration.processing_configuration.processors.parameters from TypeList to TypeSet as order is not significant (#35672)
resource/aws_lambda_function: Resolve consecutive diff issue in logging_config when values for application_log_level or system_log_level are not specified (#35694)
resource/aws_lb_listener: Fixes unexpected diff when using default_action parameters which don't match the type. (#35678)
resource/aws_lb_listener: Was incorrectly reporting conflicting default_action[].target_group_arn when ignore_changes was set. (#35671)
resource/aws_lb_listener: Was not storing default_action[].forward in state if only a single target_group was set. (#35671)
resource/aws_lb_listener_rule: Fixes unexpected diff when using action parameters which don't match the type. (#35678)
resource/aws_lb_listener_rule: Was incorrectly reporting conflicting action[].target_group_arn when ignore_changes was set. (#35671)
resource/aws_lb_listener_rule: Was not storing action[].forward in state if only a single target_group was set. (#35671)
resource/aws_ssm_patch_baseline: Mark json as Computed if there are content changes (#35606)

`v5.35.0`

Compare Source

FEATURES:

New Data Source: aws_bedrock_custom_model (#34310)
New Data Source: aws_bedrock_custom_models (#34310)
New Data Source: aws_ssmcontacts_rotation (#32710)
New Resource: aws_bedrock_custom_model (#34310)
New Resource: aws_lexv2models_slot (#34617)
New Resource: aws_lexv2models_slot_type (#35555)
New Resource: aws_rekognition_collection (#35407)
New Resource: aws_sesv2_email_identity_policy (#35486)
New Resource: aws_ssmcontacts_rotation (#32710)

ENHANCEMENTS:

data-source/aws_redshift_cluster: Add multi_az attribute (#35508)
resource/aws_lakeformation_resource: Add hybrid_access_enabled argument (#35571)
resource/aws_lakeformation_resource: Add with_federation argument (#35154)
resource/aws_redshift_cluster: Add multi_az argument (#35508)
resource/aws_redshiftserverless_endpoint_access: Add owner_account argument (#35509)
resource/aws_wafv2_rule_group: Add header_order to field_to_match configuration blocks (#35521)
resource/aws_wafv2_web_acl: Add header_orderto field_to_match configuration blocks (#35521)

BUG FIXES:

data-source/aws_networkmanager_core_network_policy_document: Remove core_network_configuration.edge_locations maximum item limit (#35585)
resource/aws_backup_plan: Fix InvalidParameterValueException: Invalid lifecycle. EBS Cold Tier is not yet supported errors on resource Create in AWS GovCloud (US) (#35560)
resource/aws_cognito_user_group: Allow import of user groups with names containing / (#35501)
resource/aws_dms_event_subscription: Mark source_ids as Optional. This fixes a regression introduced in v5.31.0 (#35541)
resource/aws_efs_file_system: Increase lifecycle_policy maximum item limit to 3 (#35522)
resource/aws_eks_access_entry: Retry IAM eventual consistency errors on create (#35535)
resource/aws_finspace_kx_cluster: Increase command_line_arguments max length restriction from 50 to 1024. (#35581)

`v5.34.0`

Compare Source

FEATURES:

New Resource: aws_rekognition_project (#35429)
New Resource: aws_route53domains_delegation_signer_record (#33596)

ENHANCEMENTS:

data-source/aws_codecommit_repository: Add kms_key_id attribute (#35095)
data-source/aws_imagebuilder_components: Add support for ThirdParty owner value (#35286)
data-source/aws_imagebuilder_container_recipes: Add support for ThirdParty owner value (#35286)
data-source/aws_imagebuilder_image_recipes: Add support for ThirdParty owner value (#35286)
data-source/aws_ssm_patch_baseline: Add json attribute to facilitate use with S3 buckets (#33402)
resource/aws_accessanalyzer_analyzer: Add configuration configuration block (#35310)
resource/aws_appflow_flow: Add flow_status attribute (#34948)
resource/aws_codecommit_repository: Add kms_key_id argument (#35095)
resource/aws_codecommit_trigger: Add plan-time validation of trigger.destination_arn and trigger.events (#35095)
resource/aws_ecs_capacity_provider: Add auto_scaling_group_provider.managed_draining argument (#35421)
resource/aws_fis_experiment_template: Add support for AutoScalingGroups, Buckets, ReplicationGroups, Tables and TransitGateways to action.*.target (#35300)
resource/aws_fsx_openzfs_file_system: Add skip_final_backup argument (#35320)
resource/aws_network_interface_sg_attachment: Increase default timeouts to 3 minutes and allow them to be configured (#35435)
resource/aws_prometheus_scraper: Add role_arn attribute (#35453)
resource/aws_route53domains_registered_domain: Support resource import (#33596)
resource/aws_ssm_patch_baseline: Add json attribute to facilitate use with S3 buckets (#33402)
resource/aws_wafv2_web_acl: Add challenge_config argument (#35367)

BUG FIXES:

resource/aws_codebuild_project: Allow build_batch_config to be removed on Update (#34121)
resource/aws_eks_access_entry: Mark kubernetes_groups as Computed (#35391)
resource/aws_eks_access_entry: Mark type and user_name as Optional, allowing values to be configured (#35391)
resource/aws_grafana_license_association: Fix missing workspace_id attribute after import (#35290)
resource/aws_security_group_rule: Fix UnsupportedOperation: The functionality you requested is not available in this region errors on Read in certain partitions (#33484)

`v5.33.0`

Compare Source

FEATURES:

New Data Source: aws_eks_access_entry (#35037)
New Resource: aws_eks_access_entry (#35037)
New Resource: aws_eks_access_policy_association (#35037)
New Resource: aws_lexv2models_intent (#34891)

ENHANCEMENTS:

data-source/aws_eks_cluster: Add access_config attribute (#35037)
data-source/aws_secretsmanager_secret: Add created_date and last_changed_date attributes (#35117)
data-source/aws_secretsmanager_secret_version: Add created_date attribute (#35117)
resource/aws_backup_plan: Add rule.lifecycle.opt_in_to_archive_for_supported_resources and rule.copy_action.lifecycle.opt_in_to_archive_for_supported_resources and arguments (#34994)
resource/aws_eks_cluster: Add access_config configuration block (#35037)
resource/aws_lakeformation_resource: Add use_service_linked_role argument (#35284)
resource/aws_secretsmanager_secret_rotation: Add rotate_immediately argument (#35105)

BUG FIXES:

resource/aws_datasync_task: Allow schedule to be removed successfully (#35282)
resource/aws_fis_experiment_template: Fix validation error when not using target.resource_arns or target.resource_tag attributes. (#35254)
resource/aws_lb_listener: Fix ValidationError: Mutual Authentication mode passthrough does not support ignoring certificate expiry errors when mutual_authentication.mode is set to passthrough (#35289)
resource/aws_secretsmanager_secret_version: Fix InvalidParameterException: The parameter RemoveFromVersionId can't be empty. Staging label AWSCURRENT is currently attached to version ..., so you must explicitly reference that version in RemoveFromVersionId errors when a secret is updated outside Terraform (#19943)

`v5.32.1`

Compare Source

BUG FIXES:

data-source/aws_ecr_image: Fix error when most_recent is not also latest (#35269)
resource/aws_iot_ca_certificate: Change registration_config.role_arn from TypeBool to TypeString, fixing Inappropriate value for attribute "role_arn": a bool is required errors (#35234)
resource/aws_mq_broker: Fix interface conversion: interface {} is *schema.Set, not []string panic (#35265)

`v5.32.0`

Compare Source

FEATURES:

New Data Source: aws_mq_broker_engine_types (#34232)
New Data Source: aws_msk_bootstrap_brokers (#32484)
New Data Source: aws_verifiedpermissions_policy_store (#32204)
New Resource: aws_ebs_fast_snapshot_restore (#35211)
New Resource: aws_elasticache_serverless_cache (#34951)
New Resource: aws_imagebuilder_workflow (#35097)
New Resource: aws_kinesis_resource_policy (#35167)
New Resource: aws_prometheus_scraper (#34749)
New Resource: aws_securitylake_aws_log_source (#34974)
New Resource: aws_ssoadmin_application_access_scope (#34811)
New Resource: aws_verifiedpermissions_policy_store (#32204)
New Resource: aws_verifiedpermissions_policy_template (#32205)
New Resource: aws_verifiedpermissions_schema (#32204)

ENHANCEMENTS:

data-source/aws_batch_compute_environment: Add update_policy attribute (#34353)
data-source/aws_ecr_image: Add image_uri attribute (#24526)
data-source/aws_efs_file_system: Add lifecycle_policy.transition_to_archive attribute (#35096)
data-source/aws_efs_file_system: Add protection attribute (#35029)
data-source/aws_elastic_beanstalk_hosted_zone: Add hosted zone ID for il-central-1 AWS Region (#35131)
data-source/aws_elb_hosted_zone_id: Add hosted zone ID for ca-west-1 AWS Region (#35131)
data-source/aws_fsx_ontap_file_system: Add ha_pairs and throughput_capacity_per_ha_pair attributes (#34993)
data-source/aws_glue_catalog_table: Add region attribute to target_table block. (#34817)
data-source/aws_lambda_function: Add logging_config attribute (#35050)
data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for ca-west-1 AWS Region (#35131)
data-source/aws_lb_target_group: Add load_balancing_anomaly_mitigation attribute (#35083)
data-source/aws_msk_configuration: Remove name length validation (#34399)
data-source/aws_networkfirewall_firewall_policy: Add firewall_policy.tls_inspection_configuration_arn attribute (#35094)
data-source/aws_prometheus_workspace: Add kms_key_arn attribute (#35062)
data-source/aws_route53_resolver_endpoint: Add protocols attribute (#35098)
data-source/aws_route53_resolver_endpoint: Add resolver_endpoint_type attribute (#34798)
data-source/aws_s3_bucket: Add hosted zone ID for ca-west-1 AWS Region (#35131)
provider: Support ca-west-1 as a valid AWS Region (#35131)
resource/aws_appflow_flow: Add destination_connector_properties.s3.s3_output_format_config.target_file_size argument (#35215)
resource/aws_appstream_fleet: Increase idle_disconnect_timeout_in_seconds max value for validation to 360000 (#35173)
resource/aws_autoscaling_group: Add instance_refresh.preferences.max_healthy_percentage attribute (#34929)
resource/aws_autoscaling_group: Fix ValidationError: The instance ... is not part of Auto Scaling group ... errors on resource Delete when disabling scale-in protection for instances that are already fully terminated (#35071)
resource/aws_batch_compute_environment: Add update_policy parameter (#34353)
resource/aws_batch_job_definition: Add scheduling_priority argument and arn_prefix attribute (#34997)
resource/aws_cloud9_environment_ec2: Add amazonlinux-2023-x86_64 and resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64 as valid values for image_id (#35020)
resource/aws_codepipeline: Add pipeline_type argument and variable configuration block (#34841)
resource/aws_dms_replication_task: Allow cdc_start_time to use RFC3339 formatted dates in addition to UNIX timestamps (#31917)
resource/aws_dms_replication_task: Remove ForceNew from replication_instance_arn, allowing in-place migration between DMS instances (#30721)
resource/aws_efs_file_system: Add lifecycle_policy.transition_to_archive argument (#35096)
resource/aws_efs_file_system: Add protection configuration block (#35029)
resource/aws_efs_replication_configuration: Increase Create timeout to 20 minutes (#34955)
resource/aws_efs_replication_configuration: Mark destination.file_system_id as Optional, enabling EFS replication fallback (#34955)
resource/aws_finspace_kx_dataview: Increase default create, update, and delete timeouts to 4 hours (#35207)
resource/aws_finspace_kx_scaling_group: Increase default create, delete timeouts to 4 hours (#35206)
resource/aws_fsx_lustre_file_system: Allow per_unit_storage_throughput to be updated in-place (#34932)
resource/aws_fsx_ontap_file_system: Add ha_pairs and throughput_capacity_per_ha_pair arguments (#34993)
resource/aws_fsx_ontap_file_system: Increase maximum value of disk_iops_configuration.iops to 2400000 (#34993)
resource/aws_fsx_ontap_file_system: throughput_capacity is Optional (#34993)
resource/aws_glue_catalog_table: Add region attribute to target_table block. (#34817)
resource/aws_glue_classifier: Add csv_classifier.serde argument (#34251)
resource/aws_kinesis_firehose_delivery_stream: Add opensearch_configuration.document_id_options configuration block (#35137)
resource/aws_kinesis_firehose_delivery_stream: Add splunk_configuration.buffering_interval and splunk_configuration.buffering_size arguments (#35137)
resource/aws_kinesis_firehose_delivery_stream: Adjust elasticsearch_configuration.buffering_interval, http_endpoint_configuration.buffering_interval, opensearch_configuration.buffering_interval, opensearchserverless_configuration.buffering_interval, redshift_configuration.s3_backup_configuration.buffering_interval,extended_s3_configuration.s3_backup_configuration.buffering_interval, elasticsearch_configuration.s3_configuration.buffering_interval, http_endpoint_configuration.s3_configuration.buffering_interval, opensearch_configuration.s3_configuration.buffering_interval, opensearchserverless_configuration.s3_configuration.buffering_interval, redshift_configuration.s3_configuration.buffering_interval and splunk_configuration.s3_configuration.buffering_interval minimum values to 0 to support zero buffering (#35137)
resource/aws_kms_key: Add xks_key_id attribute (#31216)
resource/aws_lambda_function: Add logging_config configuration block in support of advanced logging controls (#35050)
resource/aws_lambda_function: Add support for python3.12 runtime value (#35049)
resource/aws_lambda_layer_version: Add support for python3.12 compatible_runtimes value (#35049)
resource/aws_lb_target_group: Add load_balancing_anomaly_mitigation argument (#35083)
resource/aws_lb_target_group: Add weighted_random as a valid value for load_balancing_algorithm_type (#35083)
resource/aws_neptune_cluster: Add storage_type argument (#34985)
resource/aws_neptune_cluster_instance: Add storage_type attribute (#34985)
resource/aws_networkfirewall_firewall: Add configurable timeouts (#34918)
resource/aws_networkfirewall_firewall_policy: Add firewall_policy.tls_inspection_configuration_arn argument (#35094)
resource/aws_prometheus_workspace: Add kms_key_arn argument, enabling encryption at-rest using AWS KMS Customer Managed Keys (CMK) (#35062)
resource/aws_redshiftserverless_workgroup: Add port argument (#34925)
resource/aws_route53_resolver_endpoint: Add protocols argument (#35098)
resource/aws_route53_resolver_endpoint: Add resolver_endpoint_type argument (#34798)
resource/aws_s3_bucket: Modify resource Read to support third-party S3 API implementations. Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#35035)
resource/aws_s3_bucket: Modify server-side encryption configuration error handling, enabling support for NetApp StorageGRID (#34890)
resource/aws_transfer_server: Add TransferSecurityPolicy-PQ-SSH-Experimental-2023-04 and TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04 as valid values for security_policy_name (#35129)
resource/aws_verifiedaccess_endpoint: Add policy_document argument (#34264)

BUG FIXES:

data-source/aws_lb_target_group: Change deregistration_delay from TypeInt to TypeString (#31436)
data-source/aws_s3_bucket_object: Remove any leading ./ from key to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)
data-source/aws_s3_object: Remove any leading ./ from key to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)
resource/aws_cloud9_environment_ec2: image_id is Required (#35020)
resource/aws_codebuild_project: Prevent erroneous diffs on build_timeout and queued_timeout for Lambda compute types (#35043)
resource/aws_datasync_agent: Fix import of agents created with activation_key by removing requirement for one of ip_address or activation_key to be set (#35150)
resource/aws_dms_replication_config: Prevent erroneous diffs on replication_settings (#34356)
resource/aws_dms_replication_task: Prevent erroneous diffs on replication_task_settings (#34356)
resource/aws_dynamodb_table: Fix error when waiting for snapshot to be created (#34848)
resource/aws_finspace_kx_dataview: Properly set arn attribute on read, resolving persistent differences when tags are configured (#34998)
resource/aws_glue_catalog_database: Properly handle out-of-band resource deletion (#35195)
resource/aws_iot_indexing_configuration: Correct plan-time validation of thing_indexing_configuration.filter.named_shadow_names (#35225)
resource/aws_kinesis_firehose_delivery_stream: Fix InvalidArgumentException: Both BufferSizeInMBs and BufferIntervalInSeconds are required to configure buffering for lambda processor errors on resource Update (#26964)
resource/aws_kinesis_firehose_delivery_stream: Fix perpetual extended_s3_configuration.processing_configuration.processors.parameters diffs when processor type is Lambda (#35137)
resource/aws_lambda_function: Ensure lambda does not get deployed if source_code_hash does not change. (#29921)
resource/aws_lb: Fix ValidationError: Attributes cannot be empty errors (#35228)
resource/aws_lb_target_group: Fix diff on stickiness.cookie_name when stickiness.type is lb_cookie (#31436)
resource/aws_memorydb_cluster: Treat snapshotting status as pending when creating cluster (#31077)
resource/aws_ram_principal_association: Fix reading RAM Resource Share (...) Principal Association (...): couldn't find resource (21 retries) errors when a high number of principals are associated with a resource share (#34738)
resource/aws_s3_bucket_object: Remove any leading ./ from key to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)
resource/aws_s3_object: Remove any leading ./ from key to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)
resource/aws_s3_object_copy: Remove any leading ./ from key to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)
resource/aws_secretsmanager_secret_rotation: No longer ignores changes to rotation_rules.automatically_after_days when rotation_rules.schedule_expression is set. (#35024)
resource/aws_ses_configuration_set: Fix tracking_options being omitted from state and resulting in persistent diff (#35056)
resource/aws_ssoadmin_application: Fix portal_options.sign_in_options.application_url triggering ValidationError when unset (#34967)

`v5.31.0`

Compare Source

FEATURES:

New Data Source: aws_polly_voices (#34916)
New Data Source: aws_ssoadmin_application_assignments (#34796)
New Data Source: aws_ssoadmin_principal_application_assignments (#34815)
New Resource: aws_finspace_kx_dataview (#34828)
New Resource: aws_finspace_kx_scaling_group (#34832)
New Resource: aws_finspace_kx_volume (#34833)
New Resource: aws_ssoadmin_trusted_token_issuer (#34839)

ENHANCEMENTS:

data-source/aws_cloudwatch_log_group: Add log_group_class attribute (#34812)
data-source/aws_dms_endpoint: Add postgres_settings attribute (#34724)
data-source/aws_lb: Add connection_logs attribute (#34864)
data-source/aws_lb: Add dns_record_client_routing_policy attribute (#34135)
data-source/aws_opensearchserverless_collection: Add standby_replicas attribute (#34677)
resource/aws_db_instance: Add support for IBM Db2 databases (#34834)
resource/aws_dms_endpoint: Add elasticsearch_settings.use_new_mapping_type argument (#29470)
resource/aws_dms_endpoint: Add postgres_settings configuration block (#34724)
resource/aws_finspace_kx_cluster: Add database.dataview_name, scaling_group_configuration, and tickerplant_log_configuration arguments. (#34831)
resource/aws_finspace_kx_cluster: The capacity_configuration argument is now optional. (#34831)
resource/aws_lb: Add connection_logs configuration block (#34864)
resource/aws_lb: Add plan-time validation that exactly one of either subnets or subnet_mapping is configured (#33205)
resource/aws_lb: Allow the number of subnet_mappings for Application Load Balancers to be changed without recreating the resource (#33205)
resource/aws_lb: Allow the number of subnet_mappings for Network Load Balancers to be increased without recreating the resource (#33205)
resource/aws_lb: Allow the number of subnets for Network Load Balancers to be increased without recreating the resource (#33205)
resource/aws_opensearchserverless_collection: Add standby_replicas attribute (#34677)

BUG FIXES:

data-source/aws_ecr_pull_through_cache_rule: Fix plan time validation for ecr_repository_prefix (#34716)
provider: Always use the S3 regional endpoint in us-east-1 for S3 directory bucket operations. This fixes no such host errors (#34893)
resource/aws_appmesh_virtual_node: Remove limit of 50 backends per virtual node (#34774)
resource/aws_cloudwatch_log_group: Fix invalid new value for .skip_destroy: was cty.False, but now null errors (#30354)
resource/aws_cloudwatch_log_group: Remove default value (STANDARD) for log_group_class argument and mark as Computed. This fixes InvalidParameterException: Only Standard log class is supported errors in AWS Regions other than AWS Commercial (#34812)
resource/aws_db_instance: Fix error where Terraform loses track of resource if Blue/Green Deployment is applied outside of Terraform (#34728)
resource/aws_dms_event_subscription: source_ids and source_type are Required (#33731)
resource/aws_ecr_pull_through_cache_rule: Fix plan time validation for ecr_repository_prefix (#34716)
resource/aws_lb: Correct in-place update of security_groups for Network Load Balancers when the new value is Computed (#33205)
resource/aws_lb: Fix InvalidConfigurationRequest: Load balancer attribute key 'dns_record.client_routing_policy' is not supported on load balancers with type 'network' errors on resource Create in AWS GovCloud (US) (#34135)
resource/aws_medialive_channel: Fixed errors related to setting the failover_condition argument (#33410)
resource/aws_securitylake_data_lake: Fix reflect.Set: value of type basetypes.StringValue is not assignable to type types.ARN panic when importing resources with nil ARN fields (#34820)
resource/aws_vpc: Increase IPAM pool allocation deletion timeout from 20 minutes to 35 minutes (#34859)

`v5.30.0`

Compare Source

FEATURES:

New Data Source: aws_codeguruprofiler_profiling_group (#34672)
New Data Source: aws_ecr_repositories (#34446)
New Data Source: aws_lb_trust_store (#34584)
New Data Source: aws_ssoadmin_application (#34773)
New Data Source: aws_ssoadmin_application_providers (#34670)
New Resource: aws_codeguruprofiler_profiling_group (#34672)
New Resource: aws_customerprofiles_domain (#34622)
New Resource: aws_customerprofiles_profile (#34622)
New Resource: aws_lb_trust_store (#34584)
New Resource: aws_lb_trust_store_revocation (#34584)
New Resource: aws_securitylake_data_lake (#34521)
New Resource: aws_ssoadmin_application (#34723)
New Resource: aws_ssoadmin_application_assignment (#34741)
New Resource: aws_ssoadmin_application_assignment_configuration (#34752)

ENHANCEMENTS:

data-source/aws_appconfig_configuration_profile: Add kms_key_identifier attribute (#34725)
data-source/aws_lb: Add enforce_security_group_inbound_rules_on_private_link_traffic attribute (#33767)
data-source/aws_lb_listener: Add mutual_authentication attribute (#34584)
resource/aws_appconfig_configuration_profile: Add kms_key_identifier attribute (#34725)
resource/aws_appconfig_deployment: Add kms_key_identifier attribute (#34739)
resource/aws_cloudwatch_log_group: Add log_group_class argument (#34679)
resource/aws_lb: Add enforce_security_group_inbound_rules_on_private_link_traffic argument (#33767)
resource/aws_lb_listener: Add mutual_authentication configuration block (#34584)
resource/aws_s3_bucket: Fix stack overflow fatal errors on resource Delete when force_destroy is true and the bucket contains delete markers (#34712)
resource/aws_sagemaker_app: Add resource_spec.sagemaker_image_version_alias argument (#34729)
resource/aws_sagemaker_app_image_config: Add jupyter_lab_image_config configuration block (#34696)
resource/aws_sagemaker_domain: Add default_user_settings.code_editor_app_settings, default_user_settings.custom_file_system_config, default_user_settings.custom_posix_user_config, default_user_settings.default_landing_uri, default_user_settings.jupyter_lab_app_settings, default_user_settings.space_storage_settings, default_user_settings.studio_web_portal arguments (#34729)
resource/aws_sagemaker_domain: Add sagemaker_image_version_alias argument under all default_resource_spec blocks (#34729)
resource/aws_sagemaker_domain: Add single_sign_on_application_arn attribute (#34729)
resource/aws_sagemaker_space: Add sagemaker_image_version_alias argument under all default_resource_spec blocks (#34729)
resource/aws_sagemaker_space: Add space_display_name argument (#34729)
resource/aws_sagemaker_space: Add url attribute (#34729)
resource/aws_sagemaker_user_profile: Add sagemaker_image_version_alias argument under all default_resource_spec blocks (#34729)
resource/aws_sagemaker_user_profile: Add user_settings.code_editor_app_settings, user_settings.custom_file_system_config, user_settings.custom_posix_user_config, user_settings.default_landing_uri, user_settings.jupyter_lab_app_settings, user_settings.space_storage_settings, user_settings.studio_web_portal arguments (#34729)
resource/aws_transfer_server: Add support for TransferSecurityPolicy-FIPS-2023-05 security_policy_name value (#34709)

BUG FIXES:

resource/aws_ami: Correctly sets deprecation_time on creation and update due to eventual consistency (#34691)
resource/aws_ami: Correctly sets description on update due to eventual consistency (#34691)
resource/aws_ami: Now allows removing deprecation_time (#34691)
resource/aws_appflow_flow: Fix perpetual diff on destination_flow_config (#34770)
resource/aws_backup_vault_policy: Fix eventual consistency error when waiting for IAM (#34671)
resource/aws_eks_pod_identity_association: Retry IAM eventual consistency errors on create and update (#34717)
resource/aws_glue_connection: Fix crash while creating resource with empty physical_connection_requirements configuration block (#34737)

`v5.29.0`

Compare Source

FEATURES:

New Resource: aws_docdbelastic_cluster (#31033)
New Resource: aws_eks_pod_identity_association (#34566)

ENHANCEMENTS:

resource/aws_docdb_cluster: Add storage_type argument (#34637)
resource/aws_neptune_parameter_group: Add name_prefix argument (#34500)

BUG FIXES:

resource/aws_networkmanager_attachment_accepter: Now revokes attachment on deletion for VPC Attachments (#34547)
resource/aws_networkmanager_vpc_attachment: Fixes error when modifying options fields while waiting for acceptance (#34547)
resource/aws_networkmanager_vpc_attachment: Fixes error where VPC Attachments waiting for acceptance could not be deleted (#34547)
resource/aws_s3_directory_bucket: Fix NotImplemented: This bucket does not support Object Versioning errors on resource Delete when force_destroy is true (#34647)

`v5.28.0`

Compare Source

FEATURES:

New Data Source: aws_s3_directory_buckets (#34612)
New Resource: aws_s3_directory_bucket (#34612)

ENHANCEMENTS:

resource/aws_s3control_access_grants_instance: Add identity_center_arn argument and identity_center_application_arn attribute (#34582)

BUG FIXES:

resource/aws_elaticache_replication_group: Fix regression caused by the introduction of the auth_token_update_strategy argument with a default value (#34600)

`v5.27.0`

Compare Source

NOTES:

provider: This release includes an update to the AWS SDK for Go v2 with breaking type changes to several services: internetmonitor, ivschat, pipes, and s3. These changes primarily affect how arguments with default values are serialized for outbound requests, changing scalar types to pointers. See this AWS SDK for Go V2 issue for additional context. The corresponding provider changes should make this breakfix transparent to users, but as with any breaking change there is the potential for missed edge cases. If errors are observed in the impacted resources, please link to this dependency update pull request in the bug report (#34476)

FEATURES:

New Data Source: aws_emr_supported_instance_types (#34481)
New Resource: aws_apprunner_default_auto_scaling_configuration_version (#34292)
New Resource: aws_lexv2models_bot_version (#33858)
New Resource: aws_s3control_access_grant (#34564)
New Resource: aws_s3control_access_grants_instance (#34564)
New Resource: aws_s3control_access_grants_instance_resource_policy (#34564)
New Resource: aws_s3control_access_grants_location (#34564)

ENHANCEMENTS:

resource/aws_apprunner_auto_scaling_configuration_version: Add has_associated_service and is_default attributes (#34292)
resource/aws_apprunner_service: Add network_configuration.ip_address_type argument (#34292)
resource/aws_apprunner_service: Add source_configuration.code_repository.source_directory argument to support monorepos (#34292)
resource/aws_apprunner_service: Allow health_check_configuration to be updated in-place (#34292)
resource/aws_cloudwatch_event_rule: Add state parameter and deprecate is_enabled parameter (#34510)
resource/aws_elaticache_replication_group: Add auth_token_update_strategy argument (#34460)
resource/aws_lambda_function: Add support for java21 runtime value (#34476)
resource/aws_lambda_function: Add support for python3.12 runtime value (#34533)
resource/aws_lambda_layer_version: Add support for java21 compatible_runtimes value (#34476)
resource/aws_lambda_layer_version: Add support for python3.12 compatible_runtimes value (#34533)
resource/aws_s3_bucket_logging: Add target_object_key_format configuration block to support automatic date-based partitioning (#34504)

BUG FIXES:

resource/aws_appflow_flow: Fix InvalidParameter: 2 validation error(s) found error when destination_flow_config or task is updated (#34456)
resource/aws_appflow_flow: Fix interface conversion: interface {} is nil, not map[string]interface {} panic (#34456)
resource/aws_apprunner_service: Correctly set service_url for private services (#34292)
resource/aws_glue_trigger: Fix ConcurrentModificationException: Workflow <workflowName> was modified while adding trigger <triggerName> errors (#34530)
resource/aws_lb_target_group: Adds plan- and apply-time validation for invalid parameter combinations (#34488)
resource/aws_lexv2_bot_locale: Fix voice_settings.engine validation, value conversion errors (#34532)
resource/aws_lexv2models_bot: Properly send type argument on create and update when configured (#34524)
resource/aws_pipes_pipe: Fix error when zero value is sent to source_parameters on update (#34487)

`v5.26.0`

Compare Source

FEATURES:

New Data Source: aws_iot_registration_code (#15098)
New Resource: aws_bedrock_model_invocation_logging_configuration (#34303)
New Resource: aws_iot_billing_group (#31237)
New Resource: aws_iot_ca_certificate (#15098)
New Resource: aws_iot_event_configurations (#31237)

ENHANCEMENTS:

data-source/aws_autoscaling_group: Add instance_maintenance_policy attribute (#34430)
provider: Adds https_proxy and no_proxy parameters. (#34243)
resource/aws_autoscaling_group: Add instance_maintenance_policy configuration block (#34430)
resource/aws_finspace_kx_cluster: Increase default create and update timeouts to 4 hours to allow for increased startup times with large volumes of cached data (#34398)
resource/aws_finspace_kx_environment: Increase default delete timeout to 75 minutes (#34398)
resource/aws_iam_group_policy_attachment: Add plan-time validation of policy_arn (#34378)
resource/aws_iam_policy_attachment: Add plan-time validation of policy_arn (#34378)
resource/aws_iam_role_policy_attachment: Add plan-time validation of policy_arn (#34378)
resource/aws_iam_user_policy_attachment: Add plan-time validation of policy_arn (#34378)
resource/aws_iot_ca_certificate: Add ca_certificate_id attribute (#15098)
resource/aws_iot_policy: Add configurable timeouts (#34329)
resource/aws_iot_policy: When updating the resource, delete the oldest non-default version of the policy if creating a new version would exceed the maximum number of versions (5) (#34329)
resource/aws_lambda_function: Add support for nodejs20.x and provided.al2023 runtime values (#34401)
resource/aws_lambda_layer_version: Add support for nodejs20.x and provided.al2023 compatible_runtimes values (#34401)
resource/aws_quicksight_analysis: Add definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline attribute (#33931)
resource/aws_quicksight_analysis: Add definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options attribute (#33931)
resource/aws_quicksight_analysis: Add number_display_format_configuration and percentage_display_format_configuration to nested numeric_format_configuration argument (#33931)
resource/aws_quicksight_dashboard: Add definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline attribute (#33931)
resource/aws_quicksight_dashboard: Add definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options attribute (#33931)
resource/aws_quicksight_dashboard: Add number_display_format_configuration and percentage_display_format_configuration to nested numeric_format_configuration argument (#33931)
resource/aws_quicksight_template: Add definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline attribute (#33931)
resource/aws_quicksight_template: Add definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options attribute (#33931)
resource/aws_quicksight_template: Add number_display_format_configuration and percentage_display_format_configuration to nested numeric_format_configuration argument (#33931)
resource/aws_rds_cluster: Add delete_automated_backups argument (#34309)

BUG FIXES:

resource/aws_chime_voice_connector: Fix read error when resource is not created in us-east-1 (#34334)
resource/aws_chime_voice_connector_group: Fix read error when resource is not created in us-east-1 (#34334)
resource/aws_chime_voice_connector_logging: Fix read error when resource is not created in us-east-1 (#34334)
resource/aws_chime_voice_connector_origination: Fix read error when resource is not created in us-east-1 (#34334)
resource/aws_chime_voice_connector_termination: Fix read error when resource is not created in us-east-1 (#34334)
resource/aws_chime_voice_connector_termination_credentials: Fix read error when resource is not created in us-east-1 (#34334)
resource/aws_chimesdkmediapipelines_media_insights_pipeline_configuration: Fix eventual consistency error when resource is not created in us-east-1 (#34334)
resource/aws_chimesdkvoice_sip_media_application: Fix eventual consistency errors when not using us-east-1 (#34426)
resource/aws_chimesdkvoice_sip_rule: Fix eventual consistency errors when not using us-east-1 (#34426)
resource/aws_elasticache_user: Fix UserNotFound: ... is not available for tagging errors on resource Read when there is a concurrent update to the user (#34396)
resource/aws_grafana_workspace_api_key: Change key to Sensitive (#34105)
resource/aws_iam_group_policy_attachment: Retry ConcurrentModificationException errors on create and delete (#34378)
resource/aws_iam_policy_attachment: Retry ConcurrentModificationException errors on create and delete (#34378)
resource/aws_iam_role_policy_attachment: Retry ConcurrentModificationException errors on create and delete (#34378)
resource/aws_iam_user_policy_attachment: Retry ConcurrentModificationException errors on create and delete (#34378)
resource/aws_inspector2_delegated_admin_account: Fix errors: *target must be interface or implement error panic (#34424)
resource/aws_inspector2_enabler: Fix interface conversion: interface {} is nil, not map[string]inspector2.AccountResourceStatus panic (#34424)
resource/aws_iot_ca_certificate: Change ca_pem and certificate_pem to ForceNew (#15098)
resource/aws_iot_policy: Retry DeleteConflictException errors on delete (#34329)
resource/aws_quicksight_analysis: Fix handling of the nested number_scale, prefix, and suffix integer arguments (#33931)
resource/aws_quicksight_analysis: Fix handling of the nested rolling_date argument (#33931)
resource/aws_quicksight_analysis: Fix handling of the nested select_all_options argument (#33931)
resource/aws_quicksight_analysis: Fix handling of the nested visual_ids argument (#33931)
resource/aws_quicksight_analysis: Fixes to various optional blocks utilizing the shared column schema definition (#33931)
resource/aws_quicksight_analysis: Nested column_index and row_index arguments now properly handle zero values (#33931)
resource/aws_quicksight_dashboard: Fix handling of the nested number_scale, prefix, and suffix integer arguments (#33931)
resource/aws_quicksight_dashboard: Fix handling of the nested rolling_date argument (#33931)
resource/aws_quicksight_dashboard: Fix handling of the nested select_all_options argument (#33931)
resource/aws_quicksight_dashboard: Fix handling of the nested visual_ids argument (#33931)
resource/aws_quicksight_dashboard: Fixes to various optional blocks utilizing the shared column schema definition (#33931)
resource/aws_quicksight_dashboard: Nested column_index and row_index arguments now properly handle zero values (#33931)
resource/aws_quicksight_data_set: Increase permissions.actions maximum item limit to 20, aligning with the AWS API limits (#33931)
resource/aws_quicksight_data_source: Set all parameters to update aws_quicksight_data_source (#33061)
resource/aws_quicksight_template: Fix handling of the nested number_scale, prefix, and suffix integer arguments (#33931)
resource/aws_quicksight_template: Fix handling of the nested rolling_date argument (#33931)
resource/aws_quicksight_template: Fix handling of the nested select_all_options argument (#33931)
resource/aws_quicksight_template: Fix handling of the nested visual_ids argument (#33931)
resource/aws_quicksight_template: Fixes to various optional blocks utilizing the shared column schema definition (#33931)
resource/aws_quicksight_template: Nested column_index and row_index arguments now properly handle zero values (#33931)
resource/aws_sagemaker_user_profile: Change default_user_settings.canvas_app_settings.identity_provider_oauth_settings from TypeSet to TypeList, preventing interface conversion: interface {} is *schema.Set, not []interface {} panics (#34418)
resource/aws_synthetics_canary: Fix to properly suppress differences when expression is rate(0 minutes) (#34084)
resource/aws_vpn_connection: Fix UnsupportedOperation: The tunnel inside ip version parameter is not currently supported in this region error when creating connections in certain partitions and Regions (#34420)

`v5.25.0`

Compare Source

NOTES:

resource/aws_cloudtrail: The resource's import ID has changed from name to arn (#30758)

FEATURES:

New Data Source: aws_apigatewayv2_vpc_link (#33974)
New Data Source: aws_athena_named_query (#24815)
New Data Source: aws_bedrock_foundation_model (#34148)
New Data Source: aws_bedrock_foundation_models (#34148)
New Resource: aws_athena_prepared_statement (#33417)
New Resource: aws_lexv2models_bot_locale (#33949)

ENHANCEMENTS:

provider: Adds SSO API endpoint override parameter endpoints.sso (#34302)
resource/aws_appflow_connector_profile: Add jwt_token and oauth2_grant_type arguments to the connector_profile_config.connector_profile_credentials.salesforce block. (#34248)
resource/aws_autoscaling_group: Add plan-time validation of initial_lifecycle_hook.default_result, initial_lifecycle_hook.heartbeat_timeout, initial_lifecycle_hook.lifecycle_transition, initial_lifecycle_hook.name, initial_lifecycle_hook.notification_target_arn and initial_lifecycle_hook.role_arn (#12145)
resource/aws_autoscaling_lifecycle_hook: Add plan-time validation of default_result, heartbeat_timeout, lifecycle_transition, name, notification_target_arn and role_arn (#12145)
resource/aws_datasync_task: Add task_report_config argument (#33861)
resource/aws_db_instance: Add postgres as a valid engine value for blue/green deployments (#34216)
resource/aws_dms_endpoint: Add pause_replication_tasks, which when set to true, pauses associated running replication tasks, regardless if they are managed by Terraform, prior to modifying the endpoint (only tasks paused by the resource will be restarted after the modification completes) (#34316)
resource/aws_eks_cluster: Allow vpc_config.security_group_ids and vpc_config.subnet_ids to be updated in-place (#32409)
resource/aws_inspector2_organization_configuration: Add lambda_code argument to the auto_enable configuration block (#34261)
resource/aws_route53_record: Allow import of records with an empty record name. (#34212)
resource/aws_sagemaker_domain: Add default_user_settings.canvas_app_settings.direct_deploy_settings, default_user_settings.canvas_app_settings.identity_provider_oauth_settings and default_user_settings.canvas_app_settings.kendra_settings arguments (#34265)
resource/aws_sagemaker_domain: Change default_space_settings.kernel_gateway_app_settings.custom_image, default_user_settings.kernel_gateway_app_settings.custom_image and default_user_settings.r_session_app_settings.custom_image MaxItems from 30 to 200 (#34265)
resource/aws_sagemaker_feature_group: Add offline_store_config.s3_storage_config.resolved_output_s3_uri, online_store_config.storage_type and online_store_config.ttl_duration arguments (#34283)
resource/aws_sagemaker_feature_group: Allow online_store_config.ttl_duration to be updated in-place (#34283)
resource/aws_sagemaker_model: Add container.model_data_source and primary_container.model_data_source configuration blocks (#34158)
resource/aws_sagemaker_space: Change space_settings.kernel_gateway_app_settings.custom_image MaxItems from 30 to 200 (#34265)
resource/aws_sagemaker_user_profile: Add default_user_settings.canvas_app_settings.direct_deploy_settings, default_user_settings.canvas_app_settings.identity_provider_oauth_settings and default_user_settings.canvas_app_settings.kendra_settings arguments (#34265)
resource/aws_sns_topic: Add archive_policy argument and beginning_archive_time attribute to support message archiving (#34252)
resource/aws_sns_topic: Add replay_policy argument (#34252)

BUG FIXES:

provider: Fix Value Conversion Error panic for certain resources when null tag values are specified (#34319)
provider: Fixes parsing error in AWS shared config files with extra whitespace (#34300)
provider: Fixes poor performance when parsing AWS shared config files (#34300)
resource/aws_autoscaling_group: Change all initial_lifecycle_hook configuration block attributes to ForceNew (#34260)
resource/aws_cloudtrail: Change the id attribute from the trail's name to its ARN to support organization trails (#30758)
resource/aws_cloudwatch_event_rule: Increase event_pattern max length for validation to 4096 (#34270)
resource/aws_sagemaker_domain: Fix updating default_space_settings.r_studio_server_pro_app_settings.access_status from ENABLED to DISABLED (#34265)

hashicorp/terraform-provider-azurerm (azurerm)

`v3.94.0`

Compare Source

FEATURES:

New Resource: azurerm_kubernetes_fleet_update_run (#24813)

ENHANCEMENTS:

dependencies: updating to v0.20240228.1142829 of github.com/hashicorp/go-azure-sdk (#25081)
servicefabric: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#25002)
springcloud: updating to API Version 2024-01-01-preview (#24937)
securitycenter: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#25081)
Data Source: azurerm_storage_table_entities - support for select (#24987)
Data Source: azurerm_netapp_volume - support for the smb_access_based_enumeration and smb_non_browsable properties (#24514)
azurerm_cosmosdb_account - add support for the minimal_tls_version property (#24966)
azurerm_federated_identity_credential - the federated credentials can now be changed without creating a new resource (#25003)
azurerm_kubernetes_cluster - support for the current_kubernetes_version property (#25079)
azurerm_kubernetes_cluster - private DNS is now allowed for the web_app_routing property (#25038)
azurerm_kubernetes_cluster - migration between different outbound_types is now allowed (#25021)
azurerm_mssql_database - support for the recovery_point_id and restore_long_term_retention_backup_id properties (#24904)
azurerm_linux_virtual_machine - support for the automatic_upgrade_enabled, disk_controller_type, os_image_notification, treat_failure_as_deployment_failure_enabled, and vm_agent_platform_updates_enabledproperties (#23394)
azurerm_nginx_deployment - support for the automatic_upgrade_channel property (#24867)
azurerm_netapp_volume - support for the smb_access_based_enumeration and smb_non_browsable properties (#24514)
azurerm_netapp_pool - support for the encryption_type property (#24993)
azurerm_role_definition - upgrade to the API version 2022-05-01-preview (#25008)
azurerm_redis_cache - allow AAD auth for all SKUs (#25006)
azurerm_sql_managed_instance - support for the zone_redundant_enabled property (#25089)
azurerm_spring_cloud_gateway - support for the application_performance_monitoring_ids property (#24919)
azurerm_spring_cloud_configuration_service - support for the refresh_interval_in_seconds property (#25009)
azurerm_synapse_workspace - support for using the user_assigned_identity_id property within the customer_managed_key block (#25027)
azurerm_windows_virtual_machine - support for the automatic_upgrade_enabled, disk_controller_type, os_image_notification, treat_failure_as_deployment_failure_enabled, and vm_agent_platform_updates_enabledproperties (#23394)

BUG FIXES:

azurerm_api_management_notification_recipient_email - fixing an issue where response pages weren't iterated over correctly (#25055)
azurerm_api_management_notification_recipient_user - fixing an issue where response pages weren't iterated over correctly (#25055)
azurerm_batch_pool - fix setting the extension.settings_json property (#24976)
azurerm_key_vault_key - expiration_date can be updated if newer date is ahead (#25000)
azurerm_pim_active_role_assignment - fix an isue where the resource would disappear or fail to import after 45 days (#24524)
azurerm_pim_eligible_role_assignment - fix an isue where the resource would disappear or fail to import after 45 days (#24524)
azurerm_recovery_services_vault - validate that use_system_assigned_identity and user_assigned_identity_id cannot be set at the same time (#24091)
azurerm_recovery_vaults will now create properly with SystemAssigned,UserAssigned identity (#24978)
azurerm_subscription - fixing an issue where response pages weren't iterated over correctly (#25055)

`v3.93.0`

Compare Source

FEATURES:

New Data Source: azurerm_express_route_circuit_peering (#24971)
New Data Source: azurerm_storage_table_entities (#24973)
New Resource: azurerm_dev_center_catalog (#24833)
New Resource: azurerm_system_center_virtual_machine_manager_server (#24278)

BUG FIXES:

azurerm_key_vault - conditionally polling the Data Plane endpoint when public_network_access_enabled is set to false (#23823)
azurerm_storage_account - allow the identity.type property to be SystemAssigned, UserAssigned when using a Customer Managed Key (#24923)
azurerm_automation_account - prevent the identity.identity_ids User Assigned identity being set when not specified in config (#24977)

ENHANCEMENTS:

dependencies: updating to v0.20240221.1170458 of hashicorp/go-azure-sdk (#24967)
dependencies: refactor azurerm_spring_cloud_configuration_service to use go-azure-sdk (#24918)
provider: support or the feature flag virtual_machine_scale_set.reimage_on_manual_upgrade (#22975)
sentinel: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24962)
sqlvirtualmachines: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24912)
nginx : updating to use 2024-01-01-preview (#24868)
azurerm_cosmosdb_account - support for the backup.tier property (#24595)
azurerm_linux_virtual_machine - the virtual_machine_scale_set_id proeprty can now be changed without creating a new resource (#24768)
azurerm_machine_learning_workspace - support for the managed_network.isolation_mode property (#24951)
azurerm_private_dns_resolver_inbound_endpoint - support the static value for the private_ip_allocation_method property (#24952)
azurerm_postgresql_flexible_server - expose the storage_tier field (#24892)
azurerm_redis_cache - support for the preferred_data_persistence_auth_method property (#24370)
azurerm_servicebus_namespace - support for the premium_messaging_partitions property (#24676)
azurerm_windows_virtual_machine - the virtual_machine_scale_set_id proeprty can now be changed without creating a new resource (#24768)

BUG FIXES:

azurerm_cognitive_deployment - the version_upgrade_option property can not be updated without creating a new resource (#24922)
azurerm_data_protection_backup_vault - support or the soft_delete and retention_duration_in_days properties (#24775)
azurerm_data_factory_pipeline - correctly handle incorrect header values (#24921)
azurerm_kusto_cluster - optimized_auto_scale is now updated after sku has been updated (#24906)
azurerm_key_vault_certificate - will now only update the lifetime_action of the certificate block unless otherwise required (#24755)
azurerm_linux_virtual_machine_scale_set - correctly include public_ip_prefix_id during updates (#24939)
azurerm_postgresql_flexible_server - the customer_managed_key.key_vault_key_id property is now required (#24981)
azurerm_nginx_deployment - changing the sku property now creates a new resource (#24905)
azurerm_orchestrated_virtual_machine_scale_set - the disk_size_gb and lun parameters of data_disks are optional now (#24944)
azurerm_storage_account - change order of API calls to be GET-then-PUT ratehr then PATCHES (#23935)
azurerm_storage_account - improve the validation around the immutability_policy being used with blob_properties (#24938)
azurerm_security_center_setting - prevent a bug when name is SENTINEL (#24497)
azurerm_windows_virtual_machine_scale_set - correctly include public_ip_prefix_id during updates (#24939)

`v3.92.0`

Compare Source

FEATURES:

New Data Source: azurerm_virtual_desktop_application_group (#24771)

ENHANCEMENTS:

provider: support for the feature flag postgresql_flexible_server.restart_server_on_configuration_value_change property (#23811)
dependencies: updating to v0.20240214.1142753 of github.com/hashicorp/go-azure-sdk (#24889)
automation: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24858)
maintenance: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24819)
containerapps: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24862)
containerservices: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24872)
timeseriesinsights: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24889)
azurerm_container_app_environment: support for the infrastructure_resource_group_name property (#24361)
azurerm_cost_anomaly_alert - support for the subscription_id property (#24258)
azurerm_cosmosdb_account - add default values for the consistency_policy code block (#24830)
azurerm_dashboard_grafana - support for the smtp block (#24717)
azurerm_key_vault_certificates - support for the tags property (#24857)
azurerm_key_vault_secrets - support for the tags property (#24857)
azurerm_orchestrated_virtual_machine_scale_set - support for the additional_unattend_content block (#24292)
azurerm_virtual_desktop_host_pool - support for the vm_template property (#24369)

BUG FIXES:

azurerm_container_app_environment: avoid unwanted changes when updating and using log_analytics_workspace_id (#24303)
azurerm_cosmosdb_account - fixed regression in the backup code block (#24830)
azurerm_data_factory - allow the git_url property to be blank/empty (#24879)
azurerm_linux_web_app_slot - the worker_count property now works correctly in the site_config block (#24515)
azurerm_linux_web_app - support off for the file_system_level property (#24877)
azurerm_linux_web_app_slot - support off for the file_system_level property (#24877)
azurerm_private_endpoint - fixing an issue where updating the Private Endpoint would remove any Application Security Group Association (#24846)
azurerm_search_service - fixed the update function to adjust for changed API behaviour (#24837)
azurerm_search_service - fixed the update function to adjust for changed API behaviour (#24903)
azurerm_windows_web_app - support off for the file_system_level property (#24877)
azurerm_windows_web_app_slot - support off for the file_system_level property (#24877)

`v3.91.0`

Compare Source

FEATURES:

New Data Source: azurerm_databricks_access_connector (#24769)
New Resource: azurerm_data_protection_backup_policy_kubernetes_cluster (#24718)
New Resource: azurerm_chaos_studio_experiment (#24779)
New Resource: azurerm_chaos_studio_capability (#24779)
New Resource: azurerm_dev_center_gallery (#23760)
New Resource: azurerm_kubernetes_fleet_member (#24792)
New Resource: azurerm_iotcentral_organization (#23132)
New Resource: azurerm_spring_cloud_app_dynamics_application_performance_monitoring (#24750)

ENHANCEMENTS:

dependencies: updating to v0.20240208.1095436 of github.com/hashicorp/go-azure-sdk/resource-manager (#24819)
dependencies: updating to v0.20240208.1095436 of github.com/hashicorp/go-azure-sdk/sdk (#24819)
dependencies: refactor azurerm_app_service_environment_v3 to use go-azure-sdk (#24760)
dependencies: refactor azurerm_role_definition to use go-azure-sdk (#24266)
managedhsm: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24761)
hdinsight: updating to API Version 2023-07-01 (#24761)
streamanalytics: updating to use the transport layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24819)
azurerm_app_service_environment_v3 - support for the remote_debugging_enabled property (#24760)
azurerm_storage_account - support for the local_user_enabled property (#24800)
azurerm_log_analytics_workspace_table - support for the total_retention_in_days property (#24513)
azurerm_maching_learning_workspace - support for the feature_store and kind properties (#24716)
azurerm_traffic_manager_azure_endpoint - support for the always_serve_enabled property (#24573)
azurerm_traffic_manager_external_endpoint - support for the always_serve_enabled property (#24573)

BUG FIXES:

azurerm_api_management - the virtual_network_configuration property now updates correctly outside of virtual_network_type (#24569)

`v3.90.0`

Compare Source

UPGRADE NOTES:

provider - The provider will now automatically register the AppConfiguration, DataFactory, and SignalRService Resource Providers. When running Terraform with limited permissions, note that you must disable automatic Resource Provider Registration and ensure that any Resource Providers Terraform requires are registered. (#24645)

FEATURES:

New Data Source: azurerm_nginx_configuration (#24642)
New Data Source: azurerm_virtual_desktop_workspace (#24732)
New Resource: azurerm_kubernetes_fleet_update_strategy (#24328)
New Resource: azurerm_site_recovery_vmware_replicated_vm (#22477)
New Resource: azurerm_spring_cloud_new_relic_application_performance_monitoring (#24699)

ENHANCEMENTS:

provider: registering the Resource Provider Microsoft.AppConfiguration (#24645)
provider: registering the Resource Provider Microsoft.DataFactory (#24645)
provider: registering the Resource Provider Microsoft.SignalRService (#24645)
provider: the Provider is now built using Go 1.21.6 (#24653)
dependencies: the dependency github.com/hashicorp/go-azure-sdk has been split into multiple Go Modules - and as such will be referred to by those paths going forwards (#24636)
dependencies: updating to ``v0.20240201.1064937ofgithub.com/hashicorp/go-azure-sdk/resource-manager` (#24738)
dependencies: updating to v0.20240201.1064937 of github.com/hashicorp/go-azure-sdk/sdk (#24738)
appservice: update to go-azure-sdk and API version 2023-01-01 (#24688)
datafactory: updating to use tombuildsstuff/kermit (#24675)
hdinsight: refactoring to use github.com/hashicorp/go-azure-sdk/resource-manager (#24011)
hdinsight: updating to API Version 2021-06-01 (#24011)
loadbalancer: updating to use hashicorp/go-azure-sdk (#24291)
nginx: updating to API Version 2023-09-01 (#24640)
servicefabricmanagedcluster: updating to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24654)
springcloud: updating to use API Version 2023-11-01-preview (#24690)
subscriptions: refactoring to use hashicorp/go-azure-sdk (#24663)
Data Source: azurerm_stream_analytics_job - support for User Assigned Identities (#24738)
azurerm_cosmosdb_account - support for the gremlin_database and tables_to_restore properties (#24627)
azurerm_bot_channel_email - support for the magic_code property (#23129)
azurerm_cosmosdb_account - support for the partition_merge_enabled property (#24615)
azurerm_mssql_managed_database - support for the immutable_backups_enabled property (#24745)
azurerm_mssql_database - support for the immutable_backups_enabled property (#24745)
azurerm_palo_alto_next_generation_firewall_virtual_hub_panorama - support for the trusted_address_ranges property (#24459)
azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack - support for the trusted_address_ranges property (#24459)
azurerm_palo_alto_next_generation_firewall_virtual_network_panorama - support for the trusted_address_ranges property (#24459)
azurerm_servicebus_namespace - updating to use API Version 2022-10-01-preview (#24650)
azurerm_spring_cloud_api_portal - support for the api_try_out_enabled property (#24696)
azurerm_spring_cloud_gateway - support for the local_response_cache_per_route and local_response_cache_per_instance properties (#24697)
azurerm_stream_analytics_job - support for User Assigned Identities (#24738)
azurerm_subscription - refactoring to use hashicorp/go-azure-sdk to set tags on the subscription (#24734)
azurerm_virtual_desktop_workspace - correctly validate the name property (#24668)

BUG FIXES:

provider: skip registration for resource providers that are unavailable (#24571)
azurerm_app_configuration - no longer require lifecycle_ignore_changes for the value property when using a key vault reference (#24702)
azurerm_app_service_managed_certificate - fix casing issue in app_service_plan_id by parsing insensitively (#24664)
azurerm_cognitive_deployment - updates now include the version property (#24700)
azurerm_dns_cname_record - prevent casing issue in target_resource_id by parsing the ID insensitively (#24181)
azurerm_mssql_managed_instance_failover_group - prevent an issue when trying to create a failover group with a managed instance from a different subscription (#24646)
azurerm_storage_account - conditionally update properties only when needed (#24669)
azurerm_storage_account - change update order for access_tierto prevent errors when uploading blobs to the archive tier (#22250)

`v3.89.0`

Compare Source

FEATURES:

New Data Source: azurerm_data_factory_trigger_schedule (#24572)
New Data Source: azurerm_data_factory_trigger_schedules (#24572)
New Data Source: azurerm_ip_groups (#24540)
New Data Source: azurerm_nginx_certificate (#24577)
New Resource: azurerm_chaos_studio_target (#24580)
New Resource: azurerm_elastic_san_volume_group (#24166)
New Resource: azurerm_netapp_account_encryption (#23733)
New Resource: azurerm_redhat_openshift_cluster (#24375)

ENHANCEMENTS:

dependencies: updating to v0.66.1 of github.com/hashicorp/go-azure-helpers (#24561)
dependencies: updating to v0.20240124.1115501 of github.com/hashicorp/go-azure-sdk (#24619)
bot: updating to API Version 2021-05-01-preview (#24555)
containerservice: the SDK Clients now support logging (#24564)
cosmosdb: updating to API Version 2023-04-15 (#24541)
loadtestservice: updating to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (and support logging) (#24578)
managedidentity: updating to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (and support logging) (#24578)
azurerm_api_management_api - change the id format so specific revisions can be managed by Terraform (#23031)
azurerm_data_protection_backup_vault - the redundancy propety can now be set to ZoneRedundant (#24556)
azurerm_data_factory_integration_runtime_azure_ssis - support for the credential_name property (#24458)
azurerm_orchestrated_virtual_machine_scale_set - support 2022-datacenter-azure-edition-hotpatch and 2022-datacenter-azure-edition-hotpatch-smalldisk hotpatching images (#23500)
azurerm_stream_analytics_job - support for the sku_name property (#24554)

BUG FIXES:

Data Source: azurerm_app_service - parsing the API Response for app_service_plan_id case-insensitively (#24626)
Data Source: azurerm_function_app - parsing the API Response for app_service_plan_id case-insensitively (#24626)
azurerm_app_configuration_key - the value for the value property can now be removed/emptied (#24582)
azurerm_app_service - parsing the API Response for app_service_plan_id case-insensitively (#24626)
azurerm_app_service_plan - fix casing in serverFarms due to ID update (#24562)
azurerm_app_service_slot - parsing the API Response for app_service_plan_id case-insensitively (#24626)
azurerm_automation_schedule - only one monthly_occurence block can now be specified (#24614)
azurerm_cognitive_deployment - the model.version property is no longer required (#24264)
azurerm_container_app - multiple custom_scale_rule can not be updated (#24509)
azurerm_container_registry_task_schedule_run_now - prevent issue where the incorrect scheduled run in tracked if there have been multiple (#24592)
azurerm_function_app - parsing the API Response for app_service_plan_id case-insensitively (#24626)
azurerm_function_app_slot - parsing the API Response for app_service_plan_id case-insensitively (#24626)
azurerm_logic_app_standard - now will parse the app service ID insensitively (#24562)
azurerm_logic_app_workflow - the workflow_parameters will now correctly handle information specified by $connections (#24141)
azurerm_mssql_managed_instance_security_alert_policy - can not update empty storage attributes (#24553)
azurerm_network_interface - the ip_configuration properties are no longer added to a Load Balancer Backend if one of those ip_configurations is associated with a backend (#24470)

`v3.88.0`

Compare Source

FEATURES:

New Data Source: azurerm_nginx_deployment (#24492)
New Resource: azurerm_spring_cloud_dynatrace_application_performance_monitoring (#23889)
New Resource: azurerm_virtual_machine_run_command (#23377)

ENHANCEMENTS:

dependencies: updating to v0.20240117.1163544 of github.com/hashicorp/go-azure-sdk (#24481)
dependencies: updating to v0.65.1 of github.com/hashicorp/go-azure-helpers (#24479)
datashare: updating to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24481)
kusto: updating to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#24477)
Data Source: azurerm_application_gateway - support for the trusted_client_certificate.data property (#24474)
azurerm_service_plan: refactoring to use hashicorp/go-azure-sdk (#24483)
azurerm_container_group - support for the priority property (#24374)
azurerm_mssql_managed_database - support for the point_in_time_restore property (#24535)
azurerm_mssql_managed_instance - now exports the dns_zone attribute (#24435)
azurerm_linux_web_app_slot - support for setting python_version to 3.12 (#24363)
azurerm_linux_web_app - support for setting python_version to 3.12 (#24363)
azurerm_linux_function_app_slot - support for setting python_version to 3.12 (#24363)
azurerm_linux_function_app - support for setting python_version to 3.12 (#24363)

BUG FIXES:

azurerm_application_gateway - the components property within the url block is no longer computed (#24480)
azurerm_cdn_frontdoor_route - prevent an issue where cdn_frontdoor_origin_path gets removed on update if unchanged. (#24488)
azurerm_cognitive_account - fixing support for the DC0 SKU (#24526)

`v3.87.0`

Compare Source

FEATURES:

New Data Source: azurerm_network_manager (#24398)
New Resource: azurerm_security_center_server_vulnerability_assessments_setting (#24299)

ENHANCEMENTS:

dependencies: updating to v0.20240111.1094251 of github.com/hashicorp/go-azure-sdk (#24463)
Data Source: azurerm_mssql_database - support for identity, transparent_data_encryption_enabled, transparent_data_encryption_key_vault_key_id and transparent_data_encryption_key_automatic_rotation_enabled (#24412)
Data Source: azurerm_mssql_server - support for transparent_data_encryption_key_vault_key_id (#24412)
machinelearning: updating to API Version 2023-10-01 (#24416)
paloaltonetworks: updating to API Version 2023-09-01 (#24290)
azurerm_container_app - update create time validations for ingress.0.traffic_weight (#24042)
azurerm_container_app- support for the ip_security_restriction block (#23870)
azurerm_kubernetes_cluster - properties in default_node_pool.linux_os_config.sysctl_config are now updateable via node pool cycling (#24397)
azurerm_linux_web_app - support the VS2022 value for the remote_debugging_version property (#24407)
azurerm_mssql_database - support for identity, transparent_data_encryption_key_vault_key_id and transparent_data_encryption_key_automatic_rotation_enabled (#24412)
azurerm_postgres_flexible_server - the sku_name property now supports being set to MO_Standard_E96ds_v5 (#24367)
azurerm_role_assignment - support for the principal_type property (#24271)
azurerm_windows_web_app - support the VS2022 value for the remote_debugging_version property (#24407)
azurerm_cdn_frontdoor_firewall_policy - support for request_body_check_enabled property (#24406)

BUG FIXES:

Data Source: azurerm_role_definition - fix role_definition_id (#24418)
azurerm_api_management - the sku_name property can now be updated (#24431)
azurerm_arc_kubernetes_flux_configuration - prevent a bug where certain sensitive properties for bucket and git_repository were being overwritten after an update to the resource is made (#24066)
azurerm_kubernetes_flux_configuration - prevent a bug where certain sensitive properties for bucket and git_repository were being overwritten after an update to the resource is made (#24066)
azure_linux_web_app - prevent a bug in App Service processing of application_stack in updates to site_config (#24424)
azure_linux_web_app_slot - Fix bug in App Service processing of application_stack in updates to site_config (#24424)
azurerm_network_manager_deployment - update creation wait logic to better tolerate the api returning not found (#24330)
azurerm_virtual_machine_data_disk_attachment - do not update applications profile with disks (#24145)
azure_windows_web_app - prevent a bug in App Service processing of application_stack in updates to site_config (#24424)
azure_windows_web_app_slot - prevent a bug in App Service processing of application_stack in updates to site_config (#24424)
azurerm_maintenance_configuration - set the reboot property in flatten from AlwaysReboot to Always (#24376)
azurerm_container_app_environment - the workload_profile property can now be updated (#24409)

`v3.86.0`

Compare Source

FEATURES:

New Data Source: azurerm_dashboard_grafana (#24243)
New Resource: azurerm_log_analytics_workspace_table (#24229)
New Resource: azurerm_automation_powershell72_module (#23980)
New Resource: azurerm_data_factory_credential_user_managed_identity (#24307)

ENHANCEMENTS:

dependencies: updating to v0.20231215.1114251 of hashicorp/go-azure-sdk (#24251)
dependencies: azurerm_spring_cloud_api_portal - update to use hashicorp/go-azure-sdk (#24321)
Data Source: azurerm_kusto_cluster - now exports the identity block (#24314)
azurerm_data_protection_backup_policy_postgresql - support for the time_zone property (#24312)
azurerm_data_protection_backup_policy_disk - support for the time_zone property (#24312)
azurerm_key_vault_managed_hardware_security_module -the tags property can now be updated (#24333)
azurerm_logic_app_standard - support for the site_config.0.public_network_access_enabled property (#24257)
azurerm_log_analytics_workspace_table - support for the plan property (#24341)
azurerm_linux_web_app - support the value 20-lts for the node_version property (#24289)
azurerm_recovery_services_vault - support creation with immutability set to locked (#23806)
azurerm_spring_cloud_service - support for the sku_tier property (#24103)

BUG FIXES:

Data Source: azurerm_role_definition - correctly export the role_definition_id attribute (#24320)
azurerm_bot_service - fixing a bug where public_network_access_enabled was always set to true (#24255)
azurerm_bot_service_azure_bot - tags can now be updated (#24332)
azurerm_cosmosdb_account - fix validation for the ip_range_filter property (#24306)
azurerm_linux_virtual_machine - the additional_capabilities.0.ultra_ssd_enabled can now be changed during the update (#24274)
azurerm_logic_app_standard - update the default value of version from ~3 which is no longer supported to ~4 (#24134)
azurerm_logic_app_standard - fix a crash when setting the default version 4.0 flag (#24322)
azurerm_iothub_device_update_account - changing the sku property now creates a new resource (#24324)
azurerm_iothub - prevent an inconsistant value after an apply (#24326)
azurerm_orchestrated_virtual_machine_scale_set - correctly update the resource when hotpatch is enabled (#24335)
azurerm_windows_virtual_machine - the additional_capabilities.0.ultra_ssd_enabled can now be changed during the update (#24274)
azurerm_scheduled_query_rules_alert - changing the data_source_id now creates a new resource (#24327)
azurerm_scheduled_query_rules_log - changing the data_source_id now creates a new resource (#24327)

`v3.85.0`

Compare Source

FEATURES:

New Data Source: azurerm_locations (#23324)

ENHANCEMENTS:

provider: support for authenticating using Azure Kubernetes Service Workload Identity (#23965)
dependencies: updating to v0.65.0 of github.com/hashicorp/go-azure-helpers (#24222)
dependencies: updating to v0.20231214.1220802 of github.com/hashicorp/go-azure-sdk (#24246)
dependencies: updating to version v0.20231214.1160726 of github.com/hashicorp/go-azure-sdk (#24241)
dependencies: update security/automation to use hashicorp/go-azure-sdk (#24156)
dependencies dataprotection: updating to API Version 2023-05-01 (#24143)
kusto: removing the remnants of the old Resource ID Parsers now this uses hashicorp/go-azure-sdk (#24238)
Data Source: azurerm_cognitive_account - export the identity block (#24214)
Data Source: azurerm_monitor_workspace - add support for the default_data_collection_endpoint_id and default_data_collection_rule_id properties (#24153)
Data Source: azurerm_shared_image_gallery - add support for the image_names property (#24176)
azurerm_dns_txt_record - allow up to 4096 characters for the property record.value (#24169)
azurerm_container_app - support for the workload_profile_name property (#24219)
azurerm_container_app - suppot for the init_container block (#23955)
azurerm_hpc_cache_blob_nfs_target - support for the verification_timer_in_seconds and write_back_timer_in_seconds properties (#24207)
azurerm_hpc_cache_nfs_target - support for the verification_timer_in_seconds and write_back_timer_in_seconds properties (#24208)
azurerm_linux_web_app - make client_secret_setting_name optional and conflict with client_secret_certificate_thumbprint (#21834)
azurerm_linux_web_app_slot - make client_secret_setting_name optional and conflict with client_secret_certificate_thumbprint (#21834)
azurerm_linux_web_app - fix a bug in app_settings where settings could be lost (#24221)
azurerm_linux_web_app_slot - fix a bug in app_settings where settings could be lost (#24221)
azurerm_log_analytics_workspace - add support for the immediate_data_purge_on_30_days_enabled property (#24015)
azurerm_mssql_server - support for other identity types for the key vault key (#24236)
azurerm_machine_learning_datastore_blobstorage - resource now skips validation when being created (#24078)
azurerm_machine_learning_datastore_datalake_gen2 - resource now skips validation when being created (#24078)
azurerm_machine_learning_datastore_fileshare - resource now skips validation when being created (#24078)
azurerm_monitor_workspace - support for the default_data_collection_endpoint_id and default_data_collection_rule_id properties (#24153)
azurerm_redis_cache - support for the storage_account_subscription_id property (#24101)
azurerm_storage_blob - support for the source_content type Page (#24177)
azurerm_web_application_firewall_policy - support new values to the rule_group_name property (#24194)
azurerm_windows_web_app - make the client_secret_setting_name property optional and conflicts with the client_secret_certificate_thumbprint property (#21834)
azurerm_windows_web_app_slot - make the client_secret_setting_name property optional and conflicts with the client_secret_certificate_thumbprint property (#21834)
azurerm_windows_web_app - fix a bug in app_settings where settings could be lost (#24221)
azurerm_windows_web_app_slot - fix a bug in app_settings where settings could be lost (#24221)
azurerm_cognitive_account - add ContentSafety to the kind property validation (#24205)

BUG FIXES:

provider: fix an authentication issue with Azure Storage when running in Azure China cloud (#24246)
Data Source: azurerm_role_definition - fix bug where role_definition_id and scope were being incorrectly set (#24211)
azurerm_batch_account - fix bug where UserAssigned, SystemAssigned could be passed to the resource even though it isn't supported (#24204)
azurerm_batch_pool - fix bug where settings_json and protected_settings were not being unmarshaled (#24075)
azurerm_bot_service_azure_bot - fix bug where public_network_access_enabled was being set as the value for LuisKey (#24164)
azurerm_cognitive_account_customer_managed_key - identity_client_id is no longer passed to the api when it is empty (#24231)
azurerm_linux_web_app_slot - error when service_plan_id is identical to the parent service_plan_id (#23403)
azurerm_management_group_template_deployment - fixing a bug where template_spec_version_id couldn't be updated (#24072)
azurerm_pim_active_role_assignment - fix an importing issue by filtering available role assignments based on the provided scope (#24077)
azurerm_pim_eligible_role_assignment - fix an importing issue by filtering available role assignments based on the provided scope (#24077)
azurerm_resource_group_template_deployment - fixing a bug where template_spec_version_id couldn't be updated (#24072)
azurerm_security_center_setting - fix the casing for the setting_name Sentinel (#24210)
azurerm_storage_account - Fix crash when checking for routingInputs.PublishInternetEndpoints and routingInputs.PublishMicrosoftEndpoints (#24228)
azurerm_storage_share_file - prevent panic when the file specified by source is empty (#24179)
azurerm_subscription_template_deployment - fixing a bug where template_spec_version_id couldn't be updated (#24072)
azurerm_tenant_template_deployment - fixing a bug where template_spec_version_id couldn't be updated (#24072)
azurerm_virtual_machine - prevent a panic by nil checking the first element of additional_capabilities (#24159)
azurerm_windows_web_app_slot - error when service_plan_id is identical to the parent service_plan_id (#23403)

`v3.84.0`

Compare Source

FEATURES:

New Data Source: azurerm_storage_containers (#24061)
New Resource: azurerm_elastic_san (#23619)
New Resource: azurerm_key_vault_managed_hardware_security_module_role_assignment (#22332)
New Resource: azurerm_key_vault_managed_hardware_security_module_role_definition (#22332)

ENHANCEMENTS:

dependencies: updating mssql elasticpools from v5.0 to 2023-05-01-preview
dependencies: updating to v0.20231207.1122031 of github.com/hashicorp/go-azure-sdk (#24149)
Data Source: azurerm_storage_account - export the primary and secondary internet and microsoft hostnames for blobs, dfs, files, queues, tables and web (#23517)
Data Source: azurerm_cosmosdb_account - export the connection_strings, primary_sql_connection_string, secondary_sql_connection_string, primary_readonly_sql_connection_string, secondary_readonly_sql_connection_string, primary_mongodb_connection_string, secondary_mongodb_connection_string, primary_readonly_mongodb_connection_string, and secondary_readonly_mongodb_connection_string attributes (#24129)
azurerm_bot_service_azure_bot - support for the public_network_access_enabled property (#24125)
azurerm_container_app_environment - support for the workload_profile property (#23478)
azurerm_cosmosdb_cassandra_datacenter - support for the seed_node_ip_addresses property (#24076)
azurerm_firewall - support for the dns_proxy_enabled property (#20519)
azurerm_kubernetes_cluster - support for the support_plan property and the sku_tier Premium (#23970)
azurerm_mssql_database - support for enclave_type field (#24054)
azurerm_mssql_elasticpool - support for enclave_type field (#24054)
azurerm_mssql_managed_instance - support for more vcores: 6, 10, 12, 20, 48, 56, 96, 128 (#24085)
azurerm_redis_linked_server - support for the property geo_replicated_primary_host_name (#23984)
azurerm_storage_account - expose the primary and secondary internet and microsoft hostnames for blobs, dfs, files, queues, tables and web (#23517)
azurerm_synapse_role_assignment - support for the principal_type property (#24089)
azurerm_spring_cloud_build_deployment - support for the application_performance_monitoring_ids property (#23969)
azurerm_virtual_network_gateway - support for the bgp_route_translation_for_nat_enabled, dns_forwarding_enabled, ip_sec_replay_protection_enabled, remote_vnet_traffic_enabled, virtual_wan_traffic_enabled, radius_server, virtual_network_gateway_client_connection, policy_group, and ipsec_policy property (#23220)

BUG FIXES:

azurerm_application_insights_api_key - prevent a bug where multiple keys couldn't be created for an Application Insights instance (#23463)
azurerm_container_registry - the network_rule_set.virtual_network property has been deprecated (#24140)
azurerm_hdinsight_hadoop_cluster - set roles.edge_node.install_script_action.parameters into state by retrieving the value provided in the user config since this property isn't returned by the API (#23971)
azurerm_kubernetes_cluster - prevent a bug where maintenance window start date was always recalculated and sent to the API (#23985)
azurerm_mssql_database - will no longer send all long retention values in payload unless set (#24124)
azurerm_mssql_managed_database - will no longer send all long retention values in payload unless set (#24124)
azurerm_mssql_server_microsoft_support_auditing_policy - only include storage endpoint in payload if set (#24122)
azurerm_mobile_network_packet_core_control_plane - prevent a panic if the HTTP Response is nil (#24083)
azurerm_storage_account - revert plan time name validation (#23799) (#24142)
azurerm_web_application_firewall_policy - split create and update function to fix lifecycle - ignore changes (#23412)

`v3.83.0`

Compare Source

UPGRADE NOTES:

Key Vaults are now loaded using the ListBySubscription API within the Key Vault Resource Provider rather than the Resources API. This change means that the Provider now caches the list of Key Vaults available within a Subscription, rather than loading these piecemeal to workaround stale data returned from the Resources API (#24019)

FEATURES:

New Data Source: azurerm_stack_hci_cluster (#24032)

ENHANCEMENTS:

dependencies: updating to v0.20231129.1103252 of github.com/hashicorp/go-azure-sdk (#24063)
automation: updating to API Version 2023-11-01 (#24017)
keyvault: the cache is now populated using the ListBySubscription endpoint on the KeyVault Resource Provider rather than via the Resources API (#24019).
keyvault: updating the cache to populate all Key Vaults available within the Subscription to reduce the number of API calls (#24019)
Data Source azurerm_private_dns_zone: refactoring to use the ListBySubscription API rather than the Resources API when resource_group_name is omitted (#24024)
azurerm_dashboard_grafana - support for grafana_major_version (#24014)
azurerm_linux_web_app - add support for dotnet 8 (#23893)
azurerm_linux_web_app_slot - add support for dotnet 8 (#23893)
azurerm_media_transform - deprecate face_detector_preset and video_analyzer_preset (#24002)
azurerm_postgresql_database - update the validation of collation to include Norwegian_Norway.1252 (#24070)
azurerm_postgresql_flexible_server - updating to API Version 2023-06-01-preview (#24016)
azurerm_redis_cache - support for the active_directory_authentication_enabled property (#23976)
azurerm_windows_web_app - add support for dotnet 8 (#23893)
azurerm_windows_web_app_slot - add support for dotnet 8 (#23893)
azurerm_storage_account - add name validation in custom diff (#23799)

BUG FIXES:

authentication: fix a bug where auxiliary tenants were not correctly authorized (#24063)
azurerm_app_configuration - normalize location in replica block (#24074)
azurerm_cosmosdb_account - cosmosdb version and capabilities can now be updated at the same time (#24029)
azurerm_data_factory_flowlet_data_flow - source and sink properties are now optional (#23987)
azurerm_datadog_monitor_tag_rule - correctly handle default rule (#22806)
azurerm_ip_group: fixing a crash when firewall_ids and firewall_policy_ids weren't parsed correctly from the API Response (#24031)
azurerm_nginx_deployment - add default value of 20 for capacity (#24033)

`v3.82.0`

Compare Source

FEATURES:

New Data Source: azurerm_monitor_workspace (#23928)
New Resource: azurerm_application_load_balancer_subnet_association (#23628)

ENHANCEMENTS:

dependencies: updating to v0.20231117.1130141 of github.com/hashicorp/go-azure-sdk (#23945)
azurestackhci: updating to API Version 2023-08-01 (#23939)
dashboard: updating to API Version 2023-09-01 (#23929)
hpccache: updating to API version 2023-05-01 (#24005)
mssql: updating resources using hashicorp/go-azure-sdk to API Version 2023-02-01-preview (#23721)
templatespecversions: updating to API Version 2022-02-01 (#24007)
Data Source: azurerm_template_spec_version - refactoring to use hashicorp/go-azure-sdk (#24007)
azurerm_cosmosdb_postgresql_cluster - coordinator_storage_quota_in_mb and coordinator_vcore_count are no longer required for read replicas (#23928)
azurerm_dashboard_grafana - sku can now be set to Essential (#23934)
azurerm_gallery_application_version - add support for the config_file, package_file and target_region.exclude_from_latest properties (#23816)
azurerm_hdinsight_hadoop_cluster - script_actions is no longer Force New (#23888)
azurerm_hdinsight_hbase_cluster - script_actions is no longer Force New (#23888)
azurerm_hdinsight_interactive_query_cluster - script_actions is no longer Force New (#23888)
azurerm_hdinsight_kafka_cluster - script_actions is no longer Force New (#23888)
azurerm_hdinsight_spark_cluster - script_actions is no longer Force New (#23888)
azurerm_kubernetes_cluster - add support for the gpu_instance property (#23887)
azurerm_kubernetes_cluster_node_pool - add support for the gpu_instance property (#23887)
azurerm_log_analytics_workspace - add support for the identity property (#23864)
azurerm_linux_function_app - add support for dotnet 8 (#23638)
azurerm_linux_function_app_slot - add support for dotnet 8 (#23638)
azurerm_managed_lustre_file_system - export attribute mgs_address (#23942)
azurerm_mssql_database - support for Hyperscale SKUs (#23974)
azurerm_mssql_database - refactoring to use hashicorp/go-azure-sdk (#23721)
azurerm_mssql_server - refactoring to use hashicorp/go-azure-sdk (#23721)
azurerm_shared_image - add support for trusted_launch_supported (#23781)
azurerm_spring_cloud_container_deployment - add support for the application_performance_monitoring_ids property (#23862)
azurerm_spring_cloud_customized_accelerator - add support for the accelerator_type and path properties (#23797)
azurerm_point_to_site_vpn_gateway - allow multiple connection_configurations blocks (#23936)
azurerm_private_dns_cname_record - ttl can now be set to 0 (#23918)
azurerm_windows_function_app - add support for dotnet 8 (#23638)
azurerm_windows_function_app_slot - add support for dotnet 8 (#23638)

BUG FIXES:

azurerm_api_management - correct a bug with additional location zones within the additional_location block (#23943)
azurerm_dev_test_linux_virtual_machine - storage_type is now ForceNew to match the updated API behaviour (#23973)
azurerm_dev_test_windows_virtual_machine - storage_type is now ForceNew to match the updated API behaviour (#23973)
azurerm_disk_encryption_set - resource will recreate if identity changes from SystemAssigned to UserAssigned (#23904)
azurerm_eventhub_cluster: sku_name is no longer ForceNew (#24009)
azurerm_firewall - recasing the value for firewall_policy_id to workaround the API returning the incorrect casing (#23993)
azurerm_security_center_subscription_pricing - fix a bug preventing removal of extensions and downgrading tier to Free (#23821)
azurerm_windows_web_app - fix an issue of incorrect application stack settings during update (#23372)

`v3.81.0`

Compare Source

ENHANCEMENTS:

dependencies: updating to v0.20231116.1162710 of github.com/hashicorp/go-azure-sdk (#23922)
managedservices: updating to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#23890)
network: updating to API Version 2023-06-01 (#23875)
servicelinker: updating to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#23890)
storage: refactoring usages of github.com/hashicorp/go-azure-sdk to use the base layer from hashicorp/go-azure-sdk rather than Azure/go-autorest (#23890)
Data Source: azurerm_network_ddos_protection_plan: refactoring to use hashicorp/go-azure-sdk (#23849)
azurerm_linux_function_app - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)
azurerm_linux_function_app_slot - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)
azurerm_linux_web_app - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)
azurerm_linux_web_app_slot - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)
azurerm_logic_app_integration_account_certificate - name now accepts underscores (#23866)
azurerm_logic_app_integration_account_partner - business_identity.value now accepts underscores (#23866)
azurerm_monitor_data_collection_rule - added support for WorkspaceTransforms as kind (#23873)
azurerm_network_ddos_protection_plan: refactoring to use hashicorp/go-azure-sdk (#23849)
azurerm_windows_function_app - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)
azurerm_windows_function_app_slot - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)
azurerm_windows_web_app - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)
azurerm_windows_web_app_slot - add support for disabling Basic Auth for default Publishing Profile via new properties ftp_publish_basic_authentication_enabled and webdeploy_publish_basic_authentication_enabled (#23900)

`v3.80.0`

Compare Source

ENHANCEMENTS:

internal/sdk - Added support for pointer Types in resource models (#23810)
dependencies: updating to v0.63.0 of github.com/hashicorp/go-azure-helpers (#23785)
dependencies: updating to v0.20231106.1151347 of github.com/hashicorp/go-azure-sdk (#23787)
azurerm_cognitive_deployment - support for the version_upgrade_option property (#22520)
azurerm_firewall_policy_rule_collection_group - add support for the property http_headers (#23641)
azurerm_kubernetes_cluster - fips_enabled can be updated in the default_node_pool without recreating the cluster (#23612)
azurerm_kusto_cluster - the cluster name can now include dashes (#23790)
azurerm_postgresql_database - update the validation of collation to include support for French_France.1252 (#23783)

BUG FIXES:

Data Source: azurerm_data_protection_backup_vault - removing import support, since Data Sources don't support being imported (#23820)
Data Source: azurerm_kusto_database - removing import support, since Data Sources don't support being imported (#23820)
Data Source: azurerm_virtual_hub_route_table - removing import support, since Data Sources don't support being imported (#23820)
azurerm_windows_web_app - prevent a panic with the auto_heal.actions property (#23836)
azurerm_windows_web_app - prevent a panic with the auto_heal.triggers property (#23812)

`v3.79.0`

Compare Source

ENHANCEMENTS:

provider: log instead of error when RPs are unavailable when validating RP registrations (#23380)
azurerm_arc_kuberenetes_cluster_extension_resource - the version and release_train properties can now be set simultaneously (#23692)
azurerm_container_apps - support for the ingress.exposed_port property (#23752)
azurerm_cosmosdb_postgresql_cluster - read replica clusters can be created without specifying administrator_login_password property (#23750)
azurerm_managed_application - arrays can be supplied in the parameter_values property (#23754)
azurerm_storage_management_policy - support for properties rule.*.actions.*.base_blob.0.tier_to_cold_after_days_since_{modification|last_access_time|creation}_greater_than and rule.*.actions.*.{snapshot|version}.0.tier_to_cold_after_days_since_creation_greater_than (#23574)

BUG FIXES:

azurerm_api_management_diagnostic - the operation_name_format attribute will only be sent if identifier is set to applicationinsights (#23736)
azurerm_backup_policy_vm - fix payload by using current datetime (#23586)
azurerm_kubernetes_cluster - the custom_ca_trust_certificates_base64 property can not be removed, only updated (#23737)

hashicorp/terraform-provider-google (google)

`v5.19.0`

Compare Source

`v5.18.0`

Compare Source

BREAKING CHANGES:

securityposture: marked policy_sets and policy_sets.policies required in google_securityposture_posture. API validation already enforced this, so no resources could be provisioned without these (#17303)

FEATURES:

New Data Source: google_compute_forwarding_rules (#17342)
New Resource: google_firebase_app_check_app_attest_config (#17279)
New Resource: google_firebase_app_check_play_integrity_config (#17279)
New Resource: google_firebase_app_check_recaptcha_enterprise_config (#17327)
New Resource: google_firebase_app_check_recaptcha_v3_config (#17327)
New Resource: google_migration_center_preference_set (#17291)
New Resource: google_netapp_volume_replication (#17348)

IMPROVEMENTS:

cloudfunctions: added output-only version_id field on google_cloudfunctions_function (#17273)
composer: supported patch versions of airflow on google_composer_environment (#17345)
compute: supported updating network_interface.stack_type field on google_compute_instance resource. (#17295)
container: added node_config.resource_manager_tags field to google_container_cluster resource (#17346)
container: added node_config.resource_manager_tags field to google_container_node_pool resource (#17346)
container: added output-only fields membership_id and membership_location under fleet in google_container_cluster resource (#17305)
looker: added custom_domain field to google_looker_instance resource (#17301)
netapp: added field restore_parameters and output-only fields state, state_details and create_time to google_netapp_volume resource (#17293)
workbench: added container_image field to google_workbench_instance resource (#17326)
workbench: added shielded_instance_config field to google_workbench_instance resource (#17306)

BUG FIXES:

bigquery: allowed users to set permissions for principal/principalSets (iamMember) in google_bigquery_dataset_iam_member. (#17292)
cloudfunctions2: fixed an issue where not specifying event_config.trigger_region in google_cloudfunctions2_function resulted in a permanent diff. The field now pulls a default value from the API when unset. (#17328)
compute: fixed issue where changes only in stateful_(internal|external)_ip would not trigger an update for google_compute_(region_)instance_group_manager (#17297)
compute: fixed perma-diff on min_ports_per_vm in google_compute_router_nat when the field is unset by making the field default to the API-set value (#17337)
dataflow: fixed crash in google_dataflox_job to return an error instead if a job's Environment field is nil when reading job information (#17344)
notebooks: changed tag field to default to the API's value if not specified in google_notebooks_instance (#17323)

`v5.17.0`

Compare Source

NOTES:

cloudbuildv2: changed underlying actuation engine for google_cloudbuildv2_connection, there should be no user-facing impact (#17222)

DEPRECATIONS:

container: deprecated support for relay_mode field in google_container_cluster.monitoring_config.advanced_datapath_observability_config in favor of enable_relay field, relay_mode field will be removed in a future major release (#17262)

FEATURES:

New Resource: google_firebase_app_check_debug_token (#17242)
New Resource: google_clouddeploy_custom_target_type (#17254)

IMPROVEMENTS:

cloudasset: allowed overriding the billing project for the google_cloud_asset_resources_search_all datasource
clouddeploy: added support for canary_revision_tags, prior_revision_tags, stable_revision_tags, and stable_cutback_duration to google_clouddeploy_delivery_pipeline
cloudfunctions: expose version_id on google_cloudfunctions_function (#17273)
compute: promoted user_ip_request_headers field on google_compute_security_policy resource to GA (#17271)
container: added support for enable_relay field to google_container_cluster.monitoring_config.advanced_datapath_observability_config (#17262)
eventarc: added support for http_endpoint.uri and network_config.network_attachment to google_eventarc_trigger (#17237)
healthcare: added reject_duplicate_message field to google_healthcare_hl7_v2_store resource (#17267)
identityplatform: added client, permissions, monitoring and mfa fields to google_identity_platform_config (#17225)
notebooks: added desired_state field to google_notebooks_instance (#17268)
vertexai: added feature_registry_source field to google_vertex_ai_feature_online_store_featureview resource (#17264)
workbench: added desired_state field to google_workbench_instance resource (#17270)

BUG FIXES:

compute: made resource_manager_tags updatable on google_compute_instance_template and google_compute_region_instance_template (#17256)
notebooks: prevented recreation of google_notebooks_instance when kms_key or service_account_scopes are changed server-side (#17232)

`v5.16.0`

Compare Source

FEATURES:

New Resource: google_clouddeploy_delivery_pipeline_iam_* (#17180)
New Resource: google_compute_instance_group_membership (#17188)
New Resource: google_discovery_engine_search_engine (#17146)
New Resource: google_firebase_app_check_service_config (#17155)

IMPROVEMENTS:

bigquery: promoted table_replication_info field on resource_bigquery_table resource to GA (#17181)
networksecurity: removed unused custom code from google_network_security_address_group (#17183)
provider: added an optional provider level label goog-terraform-provisioned to identify resources that were created by Terraform when viewing/editing these resources in other tools. (#17170)

`v5.15.0`

Compare Source

FEATURES:

New Data Source: google_compute_machine_types (#17107)
New Resource: google_blockchain_node_engine_blockchain_nodes (#17096)
New Resource: google_compute_region_network_endpoint (#17137)
New Resource: google_discovery_engine_chat_engine (#17145)
New Resource: google_discovery_engine_search_engine (#17146)
New Resource: google_netapp_volume_snapshot (#17138)

IMPROVEMENTS:

compute: added INTERNET_IP_PORT and INTERNET_FQDN_PORT options for the google_compute_region_network_endpoint_group resource. (#17137)
compute: added creation_timestamp to google_compute_instance_group_manager and google_compute_region_instance_group_manager. (#17110)
compute: added disk_id attribute to google_compute_disk resource (#17112)
compute: added stack_type attribute for google_compute_interconnect_attachment resource. (#17139)
compute: updated the google_compute_security_policy resource's json_parsing field to accept the value STANDARD_WITH_GRAPHQL (#17097)
memcache: added reserved_ip_range_id field to google_memcache_instance resource (#17101)
netapp: added deletion_policy field to google_netapp_volume resource (#17111)

BUG FIXES:

alloydb: fixed an issue where database_flags in secondary google_alloydb_instance resources would cause a diff, as they are copied from the primary (#17128)
filestore: made google_filestore_instance.source_backup field configurable (#17099)
vmwareengine: fixed a bug to prevent recreation of existing google_vmwareengine_private_cloud resources when upgrading provider version from <5.10.0 (#17135

`v5.14.0`

Compare Source

FEATURES:

New Resource: google_discovery_engine_data_store (#17084)
New Resource: google_securityposture_posture_deployment (#17085)
New Resource: google_securityposture_posture (#17079)

IMPROVEMENTS:

artifactregistry: promoted cleanup_policies and cleanup_policy_dry_run fields to GA for google_artifactregistry_repository resource (#17074)
composer: added data_retention_config field to google_composer_environment resource (#17050)
logging: updated the google_logging_project_bucket_config resource to be created using the asynchronous create method (#17067)
pubsub: added use_table_schema field to google_pubsub_subscription resource (#17054)
workflows: added call_log_level field to google_workflows_workflow resource (#17051)

BUG FIXES:

cloudfunctions2: fixed permadiff when build_config.docker_repository field is not specified on google_cloudfunctions2_function resource (#17072)
compute: fixed error when iap field is unset for google_compute_region_backend_service resource (#17071)
eventarc: fixed error when setting destination.cloud_function field on google_eventarc_trigger resource by making it output-only (#17052)

`v5.13.0`

Compare Source

NOTES:

cloudbuildv2: changed underlying actuation engine for google_cloudbuildv2_repository, there should be no user-facing impact (#16969)
provider: added support for in-place update for labels and terraform_labels fields in immutable resources (#17016)

FEATURES:

New Resource: google_netapp_backup_policy (#16962)
New Resource: google_netapp_volume (#16990)
New Resource: google_network_security_address_group_iam_* (#17013)
New Resource: google_vertex_ai_feature_group_feature (#17015)

IMPROVEMENTS:

alloydb: allowed database_version as an input on google_alloydb_cluster resource (#16967)
bigquery: added spark_options field to google_bigquery_routine resource (#17028)
cloudrunv2: added nfs and gcs fields to google_cloud_run_v2_service.template.volumes (#16972)
cloudrunv2: added tcp_socket field to google_cloud_run_v2.template.containers.liveness_probe (#16972)
compute: added enable_confidential_compute field to google_compute_instance.boot_disk.initialize_params (#16968)
compute: added enable_confidential_compute field to google_compute_disk resource (#16968)
gkehub2: added clusterupgrade field to google_gke_hub_feature resource (#16951)
notebooks: allowed machine_type and accelerator_config to be updatable on google_notebooks_runtime resource (#16993)

BUG FIXES:

compute: fixed the bug that max_ttl is sent in API calls even it is removed from configuration when changing cache_mode to FORCE_CACHE_ALL in google_compute_backend_bucket resource (#16976)
networkservices: fixed a perma-diff on addresses field in google_network_services_gateway resource (#17035)
provider: fixed universe_domain behavior to correctly throw an error when explicitly configured universe_domain values did not match credentials assumed to be in the default universe (#17014)
spanner: fixed error when adding autoscaling_config to an existing google_spanner_instance resource (#17033)

`v5.12.0`

Compare Source

FEATURES:

New Data Source: google_dns_managed_zones (#16949)
New Data Source: google_filestore_instance (#16931)
New Data Source: google_vmwareengine_external_access_rule (#16912)
New Resource: google_clouddomains_registration (#16947)
New Resource: google_netapp_kmsconfig (#16945)
New Resource: google_vertex_ai_feature_online_store_featureview (#16930)
New Resource: google_vmwareengine_external_access_rule (#16912)

IMPROVEMENTS:

compute: added md5_authentication_key field to google_compute_router_peer resource (#16923)
compute: added in-place update support to params.resource_manager_tags field in google_compute_instance resource (#16942)
compute: added in-place update support to description field in google_compute_instance resource (#16900)
gkehub: added policycontroller field to google_gke_hub_feature_membership resource (#16916)
gkehub2: added clusterupgrade field to google_gke_hub_feature resource (#16951)
gkeonprem: added in-place update support to vsphere_config field and added host_groups field in google_gkeonprem_vmware_node_pool resource (#16896)
iam: added create_ignore_already_exists field to google_service_account resource. If ignore_create_already_exists is set to true, resource creation would succeed when response error is 409 ALREADY_EXISTS. (#16927)
servicenetworking: added field deletion_policy to google_service_networking_connection (#16944)
sql: set replica_configuration, ca_cert, and server_ca_cert fields to be sensitive in google_sql_instance and google_sql_ssl_cert resources (#16932)

BUG FIXES:

bigquery: fixed perma-diff of encryption_configuration when API returns an empty object on google_bigquery_table resource (#16926)
compute: fixed an issue where the provider would wait_for_instances if set before deleting on google_compute_instance_group_manager and google_compute_region_instance_group_manager resources (#16943)
compute: fixed perma-diff that reordered stateful_external_ip and stateful_internal_ip blocks on google_compute_instance_group_manager and google_compute_region_instance_group_manager resources (#16910)
datapipeline: fixed perma-diff of scheduler_service_account_email when it's not explicitly specified in google_data_pipeline_pipeline resource (#16917)
edgecontainer: fixed resource import on google_edgecontainer_vpn_connection resource (#16948)
servicemanagement: fixed an issue where an inconsistent plan would be created when certain fields such as openapi_config, grpc_config, and protoc_output_base64, had computed values in google_endpoints_service resource (#16946)
storage: fixed an issue where retry timeout wasn't being utilized when creating google_storage_bucket resource (#16902)

`v5.11.0`

Compare Source

NOTES:

compute: changed underlying actuation engine for google_network_firewall_policy and google_region_network_firewall_policy, there should be no user-facing impact (#16837)

DEPRECATIONS:

gkehub2: deprecated field configmanagement.config_sync.oci.version in google_gke_hub_feature resource (#16818)

FEATURES:

New Data Source: google_compute_reservation (#16860)
New Resource: google_integration_connectors_endpoint_attachment (#16822)
New Resource: google_logging_folder_settings (#16800)
New Resource: google_logging_organization_settings (#16800)
New Resource: google_netapp_active_directory (#16844)
New Resource: google_vertex_ai_feature_online_store (#16840)
New Resource: google_vertex_ai_feature_group (#16842)
New Resource: google_netapp_backup_vault (#16876)

IMPROVEMENTS:

bigqueryanalyticshub: added restricted_export_config field to google_bigquery_analytics_hub_listing resource (#16850)
composer: added support for composer_internal_ipv4_cidr_block field to google_composer_environment (#16815)
compute: added provisioned_iopsand provisioned_throughput fields under boot_disk.initialize_params to google_compute_instance resource (#16871)
compute: added resource_manager_tags and disk.resource_manager_tags for google_compute_instance_template (#16889)
compute: added resource_manager_tags and disk.resource_manager_tags for google_compute_region_instance_template (#16889)
dataproc: added auxiliary_node_groups field to google_dataproc_cluster resource (#16798)
edgecontainer: increased default timeout on google_edgecontainer_cluster, google_edgecontainer_node_pool to 480m from 60m (#16886)
gkehub2: added field version under configmanagement in google_gke_hub_feature resource (#16818)
kms: added output-only field primary to google_kms_crypto_key (#16845)
metastore: added endpoint_protocol, metadata_integration, and auxiliary_versions to google_dataproc_metastore_service (#16823)
sql: added support for IAM GROUP authentication in the type field of google_sql_user (#16853)
storagetransfer: made name field settable on google_storage_transfer_job (#16838)

BUG FIXES:

container: added check that node_version and min_master_version are the same on create of google_container_cluster, when running terraform plan (#16817)
container: fixed a bug where disabling PDCSI addon gce_persistent_disk_csi_driver_config during creation will result in permadiff in google_container_cluster resource (#16794)
container: fixed an issue in which migrating from the deprecated Binauthz enablement bool to the new evaluation mode enum inadvertently caused two cluster update events, instead of none. (#16851)
containerattached: fixed crash when updating a cluster to remove admin_users or admin_groups in google_container_attached_cluster (#16852)
dialogflowcx: fixed a permadiff in the git_integration_settings field of google_diagflow_cx_agent (#16803)
monitoring: fixed the index out of range crash in dashboard_json for the resource google_monitoring_dashboard (#16792)

`v5.10.0`

Compare Source

FEATURES:

New Data Source: google_compute_region_disk (#16732)
New Data Source: google_vmwareengine_external_address (#16698)
New Data Source: google_vmwareengine_subnet (#16700)
New Data Source: google_vmwareengine_vcenter_credentials (#16709)
New Resource: google_vmwareengine_cluster (#16757)
New Resource: google_vmwareengine_external_address (#16698)
New Resource: google_vmwareengine_subnet (#16700)
New Resource: google_workbench_instance (#16773)
New Resource: google_workbench_instance_iam_* (#16773)

IMPROVEMENTS:

compute: added numeric_id field to google_compute_network resource (#16712)
compute: added remove_instance_on_destroy option to google_compute_per_instance_config resource (#16729)
compute: added remove_instance_on_destroy option to google_compute_region_per_instance_config resource (#16729)
container: added network_performance_config field to google_container_node_pool resource to support GKE tier 1 networking (#16688)
container: added support for in-place update for machine_type/disk_type/disk_size_gb in google_container_node_pool resource (#16724)
containerazure: added config.labels to google_container_azure_node_pool (#16754)
dataform: added display_name, labels and npmrc_environment_variables_secret_version fields to google_dataform_repository resource (#16733)
monitoring: added severity field to google_monitoring_alert_policy resource (#16775)
notebooks: added support for labels to google_notebooks_runtime (#16783)
recaptchaenterprise: added waf_settings to google_recaptcha_enterprise_key (#16754)
securesourcemanager: added host_config, state_note, kms_key, and private_config fields to google_secure_source_manager_instance resource (#16731)
spanner: added autoscaling_config.max_nodes and autoscaling_config.min_nodes to google_spanner_instance (#16786)
storage: added rpo field to google_storage_bucket resource (#16756)
vmwareengine: added type field to google_vmwareengine_private_cloud resource (#16781)
workloadidentity: added saml block to google_iam_workload_identity_pool_provider resource (#16710)

BUG FIXES:

logging: fixed an issue where value change of unique_writer_identity on google_logging_project_sink does not trigger diff on dependent's usages of writer_identity (#16776)

`v5.9.0`

Compare Source

FEATURES:

New Data Source: google_logging_folder_settings (#16658)
New Data Source: google_logging_organization_settings (#16658)
New Data Source: google_logging_project_settings (#16658)
New Data Source: google_vmwareengine_network_policy (#16639)
New Data Source: google_vmwareengine_nsx_credentials (#16669)
New Resource: google_scc_event_threat_detection_custom_module (#16649)
New Resource: google_secure_source_manager_instance (#16637)
New Resource: google_vmwareengine_network_policy (#16639)

IMPROVEMENTS:

bigqueryconnection: added spark support to google_bigquery_connection resource (#16677)
cloudidentity: added expiry_detail field to google_cloud_identity_group_membership resource (#16643)
container: added autoscaling_profile field in the cluster_autoscaling block in google_container_cluster resource (#16653)
gkehub: added default_cluster_config field to google_gke_hub_fleet resource (#16630)
gkehub: added binary_authorization_config field to google_gke_hub_fleet resource (#16674)
sql: added support for in-place updates to the edition field in google_sql_database_instance resource (#16629)

BUG FIXES:

artifactregistry: fixed permadiff due to unsorted virtual_repository_config array in google_artifact_registry_repository (#16646)
container: made dns_config field updatable on google_container_cluster resource (#16652)
dlp: added conflicting field validation in the storage_config.timespan_config block in data_loss_prevention_job_trigger resource (#16628)
dlp: updated the storage_config.timespan_config.timestamp_field field in data_loss_prevention_job_trigger to be optional (#16628)
firestore: added retries during creation of google_firestore_index resources to address retryable 409 code API errors ("Please retry, underlying data changed", and "Aborted due to cross-transaction contention") (#16618, #16670)
storage: fixed unexpected lifecycle_rule conditions being added for google_storage_bucket (#16683)

`v5.8.0`

Compare Source

FEATURES:

New Data Source: google_vmwareengine_network_peering (#16616)
New Resource: google_migration_center_group (#16549)
New Resource: google_netapp_storage_pool (#16573)
New Resource: google_vmwareengine_network (ga) (#16583)
New Resource: google_vmwareengine_network_peering (#16616)

IMPROVEMENTS:

artifactregistry: added remote_repository_config.upstream_credentials field to google_artifact_registry_repository resource (#16562)
cloudbuild: added fields build.artifacts.maven_artifacts, build.artifacts.npm_packages , and build.artifacts.python_packages to resource google_cloudbuild_trigger (#16543)
cloudrunv2: promoted field depends_on in google_cloud_run_v2_service to GA (#16577)
composer: added database_config.zone field in google_composer_environment (#16551)
compute: added field service_directory_registrations to resource google_compute_global_forwarding_rule (#16581)
firestore: added virtual field deletion_policy to google_firestore_database (#16576)
firestore: enabled database deletion upon destroy for google_firestore_database (#16576)
gkehub2: added policycontroller field to fleet_default_member_config in google_gke_hub_feature (#16542)
iam: added allowed_services, disable_programmatic_signin fields to google_iam_workforce_pool resource (#16580)
vmwareengine: added STANDARD type support to google_vmwareengine_network resource (#16583)
vmwareengine: promoted google_vmwareengine_private_cloud resource to GA (#16613)

BUG FIXES:

compute: fixed a permadiff caused by issues with ipv6 diff suppression in google_compute_forwarding_rule and google_compute_global_forwarding_rule (#16550)
firestore: fixed an issue where google_firestore_database could be deleted when delete_protection_state was DELETE_PROTECTION_ENABLED (#16576)
firestore: made resource creation retry for 409 errors with the text "Aborted due to cross-transaction contention" in google_firestore_index (#16618)

`v5.7.0`

Compare Source

DEPRECATIONS:

gkehub: deprecated config_management.binauthz in google_gke_hub_feature_membership (#16536)

IMPROVEMENTS:

bigtable: added standard_isolation and standard_isolation.priority fields to google_bigtable_app_profile resource (#16485)
cloudrunv2: promoted custom_audiences field to GA on google_cloud_run_v2_service resource (#16510)
compute: promoted labels field to GA on google_compute_vpn_tunnel resource (#16508)
containerattached: added proxy_config field to google_container_attached_cluster resource (#16524)
gkehub: added membership_location field to google_gke_hub_feature_membership resource (#16536)
logging: made the change to aqcuire and update the google_logging_project_sink resource that already exists at the desired location. These logging buckets cannot be removed so deleting this resource will remove the bucket config from your terraform state but will leave the logging bucket unchanged. (#16513)
memcache: added MEMCACHE_1_6_15 as a possible value for memcache_version in google_memcache_instance resource (#16531)
monitoring: added error message to delete Alert Policies first on 400 response when deleting google_monitoring_uptime_check_config resource (#16535)
spanner: added autoscaling_config field to google_spanner_instance resource (#16473)
workflows: promoted user_env_vars field to GA on google_workflows_workflow resource (#16477)

BUG FIXES:

compute: changed external_ipv6_prefix field to not be output only in google_compute_subnetwork resource (#16480)
compute: fixed issue where google_compute_attached_disk would produce an error for certain zone configs (#16484)
edgecontainer: fixed update method of google_edgecontainer_cluster resource (#16490)
provider: fixed an issue where universe domains would not overwrite API endpoints (#16521)
resourcemanager: made data_source_google_project_service no longer return an error when the service is not enabled (#16525)
sql: ssl_mode field is not stored in terraform state if it has never been used in google_sql_database_instance resource (#16486)

NOTES:

dataproc: backfilled terraform_labels field for resource google_dataproc_workflow_template, so resource recreation won't happen during provider upgrade from 4.x to 5.7 (#16517)
- provider: backfilled terraform_labels field for some immutable resources, so resource recreation won't happen during provider upgrade from 4.X to 5.7 (#16518)

`v5.6.0`

Compare Source

FEATURES:

New Resource: google_integration_connectors_connection (#16468)

IMPROVEMENTS:

assuredworkloads: added enable_sovereign_controls, partner, partner_permissions, violation_notifications_enabled, and several other output-only fields to google_assured_workloads_workloads (#16433)
composer: added storage_config to google_composer_environment (#16455)
container: added fleet field to google_container_cluster resource (#16466)
containeraws: added admin_groups to google_container_aws_cluster (#16433)
containerazure: added admin_groups to google_container_azure_cluster (#16433)
dataproc: added support for instance_flexibility_policy in google_dataproc_cluster (#16417)
dialogflowcx: added is_default_start_flow field to google_dialogflow_cx_flow resource to allow management of default flow resources via Terraform (#16441)
dialogflowcx: added is_default_welcome_intent and is_default_negative_intent fields to google_dialogflow_cx_intent resource to allow management of default intent resources via Terraform (#16441)
- gkehub: added fleet_default_member_config field to google_gke_hub_feature resource (#16457)
gkehub: added metrics_gcp_service_account_email to google_gke_hub_feature_membership (#16433)
logging: added index_configs field to logging_bucket_config resource (#16437)
logging: added index_configs field to logging_project_bucket_config resource (#16437)
monitoring: added pings_count, user_labels, and custom_content_type fields to google_monitoring_uptime_check_config resource (#16420)
spanner: added autoscaling_config field to google_spanner_instance (#16473)
sql: added ssl_mode field to google_sql_database_instance resource (#16394)
vertexai: added private_service_connect_config to google_vertex_ai_index_endpoint (#16471)
workstations: added domain_config field to resource google_workstations_workstation_cluster (beta) (#16464)

BUG FIXES:

assuredworkloads: made the violation_notifications_enabled field on the google_assured_workloads_workload resource default to values returned from the API when unset in a users configuration (#16465)
provider: made terraform_labels immutable in immutable resources to not block the upgrade. This will create a Terraform plan that recreates the resource on 4.X -> 5.6.0 upgrade for affected resources. A mitigation to backfill the values during the upgrade is planned, and will release resource-by-resource. (#16469)

terraform-google-modules/terraform-google-kubernetes-engine (terraform-google-modules/kubernetes-engine/google)

`v30.1.0`

Compare Source

Features

add direct fleet registration option (#1878) (6b267bd)
add optional membership_location to fleet-membership (#1860) (163de39)

Bug Fixes

handle missing fleet membership and extend asm timeout (#1880) (22896b0)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Admin message

chore(deps): update terraform

Release Notes

Features

Bug Fixes

Configuration

Merge request reports