Skip to content

ci(deps): update terraform aws to >= 6.7.0

Deniz Raif Durmazrequested to merge
renovate/public-terraform-major into main

This MR contains the following updates:

Package Type Update Change
aws (source) required_provider minor >= 6.4.0 -> >= 6.7.0

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.7.0

Compare Source

FEATURES:

  • New Resource: aws_quicksight_ip_restriction (#​43596)
  • New Resource: aws_quicksight_key_registration (#​43587)

ENHANCEMENTS:

  • data-source/aws_codebuild_fleet: Add instance_type attribute in compute_configuration block (#​43449)
  • data-source/aws_ebs_volume: Add volume_initialization_rate attribute (#​43565)
  • data-source/aws_ecs_service: Support load_balancer attribute (#​43582)
  • data-source/aws_s3_access_point: Add tags attribute. This functionality requires the s3:ListTagsForResource IAM permission with S3 Access Points for general purpose buckets and the s3express:ListTagsForResource IAM permission with S3 Access Points for directory buckets (#​43630)
  • data-source/aws_verifiedpermissions_policy_store: Add deletion_protection attribute (#​43452)
  • resource/aws_athena_workgroup: Add configuration.identity_center_configuration argument (#​38717)
  • resource/aws_cleanrooms_collaboration: Add analytics_engine argument (#​43614)
  • resource/aws_codebuild_fleet: Add instance_type argument in compute_configuration block to support custom instance types (#​43449)
  • resource/aws_ebs_volume: Add volume_initialization_rate argument (#​43565)
  • resource/aws_s3_access_point: Add tags argument and tags_all attribute. This functionality requires the s3:ListTagsForResource, s3:TagResource, and s3:UntagResource IAM permissions with S3 Access Points for general purpose buckets and the s3express:ListTagsForResource, s3express:TagResource, and s3express:UntagResource IAM permissions with S3 Access Points for directory buckets (#​43630)
  • resource/aws_verifiedpermissions_policy_store: Add deletion_protection argument (#​43452)

BUG FIXES:

  • resource/aws_bedrockagent_flow: Fix missing required field, CreateFlowInput.Definition.Nodes[0].Configuration[prompt].SourceConfiguration[resource].PromptArn errors on Create (#​43595)
  • resource/aws_s3_bucket: Accept NoSuchTagSetError responses from S3-compatible services (#​43589)
  • resource/aws_s3_object: Accept NoSuchTagSetError responses from S3-compatible services (#​43589)
  • resource/aws_servicequotas_service_quota: Fix error when updating a pending service quota request (#​43606)
  • resource/aws_ssm_parameter: Fix Provider produced inconsistent final plan errors when changing from using value to using value_wo (#​42877)
  • resource/aws_ssm_parameter: Fix version not being updated when description changes (#​42595)

v6.6.0

Compare Source

FEATURES:

  • New Resource: aws_connect_phone_number_contact_flow_association (#​43557)
  • New Resource: aws_nat_gateway_eip_association (#​42591)

ENHANCEMENTS:

  • data-source/aws_cloudwatch_event_bus: Add log_config attribute (#​43453)
  • data-source/aws_ssm_patch_baseline: Add available_security_updates_compliance_status argument (#​43560)
  • feature/aws_bedrock_guardrail: Add cross_region_config, content_policy_config.tier_config, and topic_policy_config.tier_config arguments (#​43517)
  • resource/aws_athena_database: Add workgroup argument (#​36628)
  • resource/aws_batch_compute_environment: Add compute_resources.ec2_configuration.image_kubernetes_version argument (#​43454)
  • resource/aws_cloudwatch_event_bus: Add log_config argument (#​43453)
  • resource/aws_cognito_resource_server: Allow name to be updated in-place (#​41702)
  • resource/aws_cognito_user_pool: Allow name to be updated in-place (#​42639)
  • resource/aws_globalaccelerator_custom_routing_endpoint_group: Add resource identity support (#​43539)
  • resource/aws_globalaccelerator_custom_routing_listener: Add resource identity support (#​43539)
  • resource/aws_globalaccelerator_endpoint_group: Add resource identity support (#​43539)
  • resource/aws_globalaccelerator_listener: Add resource identity support (#​43539)
  • resource/aws_imagebuilder_container_recipe: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_distribution_configuration: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_image: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_image_pipeline: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_image_recipe: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_infrastructure_configuration: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_workflow: Add resource identity support (#​43540)
  • resource/aws_inspector_assessment_target: Add resource identity support (#​43542)
  • resource/aws_inspector_assessment_template: Add resource identity support (#​43542)
  • resource/aws_inspector_resource_group: Add resource identity support (#​43542)
  • resource/aws_nat_gateway: Change secondary_allocation_ids to Optional and Computed (#​42591)
  • resource/aws_ssm_patch_baseline: Add available_security_updates_compliance_status argument (#​43560)
  • resource/aws_ssm_service_setting: Support short format (with /ssm/ prefix) for setting_id (#​43562)

BUG FIXES:

  • resource/aws_appsync_api_cache: Fix "missing required field" error during update (#​43523)
  • resource/aws_cloudwatch_log_delivery_destination: Fix update failure when tags are set (#​43576)
  • resource/aws_ecs_service: Fix unspecified test_listener_rule incorrectly being set as empty string in load_balancer.advanced_configuration block (#​43558)

v6.5.0

Compare Source

NOTES:

  • resource/aws_cognito_log_delivery_configuration: Because we cannot easily test all this functionality, it is best effort and we ask for community help in testing (#​43396)
  • resource/aws_ecs_service: Acceptance tests cannot fully reproduce scenarios with deployments older than 3 months. Community feedback on this fix is appreciated, particularly for long-running ECS services with in-place updates (#​43502)

FEATURES:

  • New Data Source: aws_ecr_images (#​42577)
  • New Resource: aws_cognito_log_delivery_configuration (#​43396)
  • New Resource: aws_networkfirewall_firewall_transit_gateway_attachment_accepter (#​43430)
  • New Resource: aws_s3_bucket_metadata_configuration (#​41364)

ENHANCEMENTS:

  • data-source/aws_dms_endpoint: Add postgres_settings.authentication_method and postgres_settings.service_access_role_arn attributes (#​43440)
  • data-source/aws_networkfirewall_firewall: Add availability_zone_change_protection, availability_zone_mapping, firewall_status.sync_states.attachment.status_message, firewall_status.transit_gateway_attachment_sync_states, transit_gateway_id, and transit_gateway_owner_account_id attributes (#​43430)
  • resource/aws_alb_listener: Add resource identity support (#​43161)
  • resource/aws_alb_listener_rule: Add resource identity support (#​43155)
  • resource/aws_alb_target_group: Add resource identity support (#​43171)
  • resource/aws_dms_endpoint: Add oracle_settings configuration block for authentication method (#​43125)
  • resource/aws_dms_endpoint: Add postgres_settings.authentication_method and postgres_settings.service_access_role_arn arguments (#​43440)
  • resource/aws_dms_endpoint: Add plan-time validation of postgres_settings.database_mode, postgres_settings.map_long_varchar_as, and postgres_settings.plugin_name arguments (#​43440)
  • resource/aws_dms_replication_instance: Add dns_name_servers attribute and kerberos_authentication_settings configuration block for Kerberos authentication settings (#​43125)
  • resource/aws_dx_gateway_association: Add transit_gateway_attachment_id attribute. This functionality requires the ec2:DescribeTransitGatewayAttachments IAM permission (#​43436)
  • resource/aws_globalaccelerator_accelerator: Add resource identity support (#​43200)
  • resource/aws_globalaccelerator_custom_routing_accelerator: Add resource identity support (#​43423)
  • resource/aws_glue_registry: Add resource identity support (#​43450)
  • resource/aws_glue_schema: Add resource identity support (#​43450)
  • resource/aws_iam_openid_connect_provider: Add resource identity support (#​43503)
  • resource/aws_iam_policy: Add resource identity support (#​43503)
  • resource/aws_iam_saml_provider: Add resource identity support (#​43503)
  • resource/aws_iam_service_linked_role: Add resource identity support (#​43503)
  • resource/aws_inspector2_enabler: Support CODE_REPOSITORY as a valid value for resource_types (#​43525)
  • resource/aws_inspector2_organization_configuration: Add auto_enable.code_repository argument (#​43525)
  • resource/aws_lb_listener: Add resource identity support (#​43161)
  • resource/aws_lb_listener_rule: Add resource identity support (#​43155)
  • resource/aws_lb_target_group: Add resource identity support (#​43171)
  • resource/aws_lb_trust_store: Add resource identity support (#​43186)
  • resource/aws_networkfirewall_firewall: Add availability_zone_change_protection, availability_zone_mapping, and transit_gateway_id arguments and firewall_status.transit_gateway_attachment_sync_states and transit_gateway_owner_account_id attributes (#​43430)
  • resource/aws_networkfirewall_firewall: Mark subnet_mapping and vpc_id as Optional (#​43430)
  • resource/aws_quicksight_account_subscription: Add import support. This resource can now be imported via the aws_account_id argument. (#​43501)
  • resource/aws_sns_topic: Add resource identity support (#​43202)
  • resource/aws_wafv2_rule_group: Add rules_json argument (#​43397)
  • resource/aws_wafv2_web_acl: Add statement.rate_based_statement.custom_key.asn argument (#​43506)

BUG FIXES:

  • provider: Prevent planned forces replacement on region for numerous resource types when upgrading from a pre-v6.0.0 provider version and -refresh=false is in effect (#​43516)
  • resource/aws_api_gateway_resource: Recompute path when path_part is updated (#​43215)
  • resource/aws_bedrockagent_flow: Remove definition.connection and definition.node list length limits (#​43471)
  • resource/aws_ecs_service: Improve stabilization logic to handle both new deployments and in-place updates correctly. This fixes a regression introduced in v6.4.0 (#​43502)
  • resource/aws_instance: Recompute ipv6_addresses when ipv6_address_count is updated (#​43158)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by Deniz Raif Durmaz

Merge request reports