Update Terraform aws to ~> 4.43.0 - autoclosed
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
aws (source) | required_provider | minor |
~> 4.23.0 -> ~> 4.43.0
|
⚠ Dependency Lookup Warnings ⚠
Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.
Release Notes
hashicorp/terraform-provider-aws
v4.43.0
FEATURES:
-
New Resource:
aws_neptune_global_cluster
(#26133)
ENHANCEMENTS:
- data-source/aws_ecs_cluster: Add
service_connect_defaults
attribute (#28052) - resource/aws_ce_cost_category: Allow configuration of
effective_start
value (#28055) - resource/aws_ecs_cluster: Add
service_connect_defaults
argument (#28052) - resource/aws_ecs_service: Add
service_connect_configuration
argument in support of ECS Service Connect (#28052) - resource/aws_glue_classifier: Add
custom_datatypes
andcustom_datatype_configured
arguments (#28048) - resource/aws_neptune_cluster: Add
global_cluster_identifier
argument (#26133)
v4.42.0
FEATURES:
-
New Data Source:
aws_redshiftserverless_credentials
(#28026) -
New Resource:
aws_cloudwatch_log_data_protection_policy
(#28049)
ENHANCEMENTS:
- data-source/aws_memorydb_cluster: Add
data_tiering
attribute (#28022) - resource/aws_db_instance: Add
blue_green_update
argument in support of RDS Blue/Green Deployments (#28046) - resource/aws_efs_file_system: Add support for
AFTER_1_DAY
lifecycle_policy.transition_to_ia
argument (#28054) - resource/aws_efs_file_system: Add support for
elastic
throughput_mode
argument (#28054) - resource/aws_emrserverless_application: Add
architecture
argument (#28027) - resource/aws_emrserverless_application: Mark
maximum_capacity
andmaximum_capacity.disk
as Computed, preventing spurious resource diffs (#28027) - resource/aws_memorydb_cluster: Add
data_tiering
attribute (#28022) - resource/aws_sns_topic_subscription: Add
filter_policy_scope
argument in support of SNS message filtering (#28004)
BUG FIXES:
- resource/aws_lambda_function: Don't fail resource Create if AWS Signer service is not available in the configured Region (#28008)
- resource/aws_memorydb_cluster: Allow more than one element in
snapshot_arns
(#28022) - resource/aws_sagemaker_user_profile:
user_settings.jupyter_server_app_settings
,user_settings.kernel_gateway_app_settings
, anduser_settings.tensor_board_app_settings
are updateable (#28025)
v4.41.0
FEATURES:
-
New Data Source:
aws_sqs_queues
(#27890) -
New Resource:
aws_ivschat_logging_configuration
(#27924) -
New Resource:
aws_ivschat_room
(#27974) -
New Resource:
aws_rds_clusters
(#27891) -
New Resource:
aws_redshiftserverless_resource_policy
(#27920) -
New Resource:
aws_scheduler_schedule
(#27975)
ENHANCEMENTS:
- data-source/aws_cloudtrail_service_account: Add service account ID for
ap-south-2
AWS Region (#27983) - data-source/aws_elasticache_cluster: Add
cache_nodes.outpost_arn
andpreferred_outpost_arn
attributes (#27934) - data-source/aws_elasticache_cluster: Add
ip_discovery
andnetwork_type
attributes (#27856) - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for
ap-south-2
AWS Region (#27983) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for
ap-south-2
AWS Region (#27983) - data-source/aws_rds_cluster: Add
engine_mode
attribute (#27892) - provider: Support
ap-south-2
as a valid AWS Region (#27950) - resource/aws_amplify_app: Add support for
WEB_COMPUTE
platform
value in support of Next.js web apps (#27925) - resource/aws_elasticache_cluster: Add
ip_discovery
andnetwork_type
arguments in support of IPv6 clusters (#27856) - resource/aws_elasticache_cluster: Add
outpost_mode
andpreferred_outpost_arn
arguments andcache_nodes.outpost_arn
attribute. NOTE: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#27934) - resource/aws_lambda_function: Add support for
nodejs18.x
runtime
value (#27923) - resource/aws_lambda_layer_version: Add support for
nodejs18.x
compatible_runtimes
value (#27923) - resource/aws_medialive_channel: Add
start_channel
attribute (#27882) - resource/aws_nat_gateway: Update
private_ip
attribute to be configurable (#27953)
BUG FIXES:
- resource/aws_cloudcontrolapi_resource: Remove invalid regular expressions from CloudFormation resource schema (#27935)
- resource/aws_dms_endpoint: Add ability to use AWS Secrets Manager with the
sybase
engine (#27949) - resource/aws_resourcegroups_group: Properly set
configuration.parameters
as optional (#27985)
v4.40.0
NOTES:
- data-source/aws_identitystore_group: The
filter
argument has been deprecated. Use thealternate_identifier
argument instead (#27762)
FEATURES:
-
New Data Source:
aws_controltower_controls
(#26978) -
New Data Source:
aws_ivs_stream_key
(#27789) -
New Resource:
aws_appconfig_extension
(#27860) -
New Resource:
aws_appconfig_extension_association
(#27860) -
New Resource:
aws_controltower_control
(#26990) -
New Resource:
aws_evidently_feature
(#27395) -
New Resource:
aws_ivs_channel
(#27726) -
New Resource:
aws_networkmanager_connect_attachment
(#27787) -
New Resource:
aws_opensearch_inbound_connection_accepter
(#22988) -
New Resource:
aws_opensearch_outbound_connection
(#22988) -
New Resource:
aws_scheduler_schedule_group
(#27800) -
New Resource:
aws_schemas_registry_policy
(#27705) -
New Resource:
aws_sesv2_email_identity_mail_from_attributes
(#27672)
ENHANCEMENTS:
- data-source/aws_cloudtrail_service_account: Add service account ID for
eu-central-2
AWS Region (#27814) - data-source/aws_cloudtrail_service_account: Add service account ID for
eu-south-2
AWS Region (#27855) - data-source/aws_connect_instance: Add
multi_party_conference_enabled
attribute (#27734) - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for
eu-central-2
AWS Region (#27814) - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for
eu-south-2
AWS Region (#27855) - data-source/aws_identitystore_group: Add
alternate_identifier
argument anddescription
attribute (#27762) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for
eu-central-2
AWS Region (#27814) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for
eu-south-2
AWS Region (#27855) - data-source/aws_s3_bucket: Add hosted zone ID for
eu-central-2
AWS Region (#27814) - data-source/aws_s3_bucket: Add hosted zone ID for
eu-south-2
AWS Region (#27855) - provider: Support
eu-central-2
as a valid AWS Region (#27812) - provider: Support
eu-south-2
as a valid AWS Region (#27847) - resource/aws_acm_certificate: Add
key_algorithm
argument in support of ECDSA TLS certificates (#27781) - resource/aws_autoscaling_group: Add support for
price-capacity-optimized
spot_allocation_strategy
value (#27795) - resource/aws_cloudwatch_logs_group: Add
skip_destroy
argument (#26775) - resource/aws_cognito_user_pool: Add
sns_region
attribute tosms_configuration
block (#26684) - resource/aws_connect_instance: Add
multi_party_conference_enabled
argument (#27734) - resource/aws_customer_gateway: Make
ip_address
optional (#26673) - resource/aws_docdb_cluster_instance: Add
enable_performance_insights
andperformance_insights_kms_key_id
arguments (#27769) - resource/aws_dynamodb_table_item: Allow the creation of items with the same hash key but different range keys (#27517)
- resource/aws_ec2_fleet: Add support for
price-capacity-optimized
spot_options.allocation_strategy
value (#27795) - resource/aws_ecs_service: Add
triggers
argument to enable in-place updates (redeployments) on each apply, when used withforce_new_deployment = true
(#25840) - resource/aws_medialive_channel: Add support for more
output
,output_groups
,audio_descriptions
andvideo_descriptions
inencoder_settings
. Add support forinput_settings
ininput_attachments
(#27823) - resource/aws_msk_cluster: Add
storage_mode
argument (#27546) - resource/aws_neptune_cluster: Add
serverless_v2_scaling_configuration
block in support of Neptune Serverless (#27763) - resource/aws_network_interface_sg_attachment: Add import support (#27785)
- resource/aws_security_group_rule: Add
security_group_rule_id
attribute (#27828) - resource/aws_spot_fleet_request: Add support for
priceCapacityOptimized
allocation_strategy
value (#27795)
BUG FIXES:
- resource/aws_appstream_stack: Fix
redirect_url
max character length (#27744) - resource/aws_dynamodb_table: Allow changing KMS keys on tables with replicas. (#23156)
- resource/aws_route53_resolver_endpoint: Fix deduplication with multiple IPs on the same subnet (#25708)
- resource/aws_sesv2_email_identity_feedback_attributes: Fix invalid resource ID in error messages when creating the resource (#27784)
v4.39.0
BREAKING CHANGES:
- resource/aws_secretsmanager_secret_rotation: Remove unused
tags
attribute (#27656)
NOTES:
- provider: Add OpenBSD to list of OSes which the provider is built on (#27663)
FEATURES:
-
New Data Source:
aws_dynamodb_table_item
(#27504) -
New Data Source:
aws_route53_resolver_firewall_config
(#25496) -
New Data Source:
aws_route53_resolver_firewall_domain_list
(#25509) -
New Data Source:
aws_route53_resolver_firewall_rule_group
(#25511) -
New Data Source:
aws_route53_resolver_firewall_rule_group_association
(#25512) -
New Data Source:
aws_route53_resolver_firewall_rules
(#25536) -
New Resource:
aws_ivs_playback_key_pair
(#27678) -
New Resource:
aws_ivs_recording_configuration
(#27718) -
New Resource:
aws_lightsail_lb_https_redirection_policy
(#27679) -
New Resource:
aws_medialive_channel
(#26810) -
New Resource:
aws_networkmanager_site_to_site_vpn_attachment
(#27387) -
New Resource:
aws_redshift_endpoint_authorization
(#27654) -
New Resource:
aws_redshift_partner
(#27665) -
New Resource:
aws_redshiftserverless_snapshot
(#27741)
ENHANCEMENTS:
- data-source/aws_rds_engine_version: Support
default_only
,include_all
, andfilter
(#26923) - resource/aws_lightsail_instance: Add
ip_address_type
argument (#27699) - resource/aws_security_group: Do not pass
from_port
orto_port
values to the AWS API if arule
'sprotocol
value is-1
orall
(#27642) - resource/aws_wafv2_rule_group: Correct maximum nesting level for
and_statement
,not_statement
,or_statement
andrate_based_statement
(#27682)
BUG FIXES:
- resource/aws_cognito_identity_pool: Fix deletion of identity pool on tags-only update (#27669)
- resource/aws_dynamodb_table: Correctly set
stream_arn
as Computed whenstream_enabled
changes (#27664) - resource/aws_lightsail_instance_public_ports: Resource will now be removed from state properly when parent instance is removed (#27699)
- resource/aws_s3_bucket: Attributes
arn
andhosted_zone_id
were incorrectly settable but ignored (#27597) - resource/aws_security_group: Return an error if a
rule
'sprotocol
value isall
andfrom_port
orto_port
are not0
(#27642) - resource/aws_vpn_connection: Configuring exactly one of
transit_gateway_id
orvpn_gateway_id
is not required (#27693)
v4.38.0
FEATURES:
-
New Data Source:
aws_connect_instance_storage_config
(#27308) -
New Resource:
aws_apprunner_vpc_ingress_connection
(#27600) -
New Resource:
aws_connect_phone_number
(#26364) -
New Resource:
aws_evidently_segment
(#27159) -
New Resource:
aws_fsx_file_cache
(#27384) -
New Resource:
aws_lightsail_disk
(#27537) -
New Resource:
aws_lightsail_disk_attachment
(#27537) -
New Resource:
aws_lightsail_lb_stickiness_policy
(#27514) -
New Resource:
aws_sagemaker_servicecatalog_portfolio_status
(#27548) -
New Resource:
aws_sesv2_email_identity_feedback_attributes
(#27433) -
New Resource:
aws_ssm_default_patch_baseline
(#27610)
ENHANCEMENTS:
- data-source/aws_networkmanager_core_network_policy_document: Add plan-time validation for
core_network_configuration.edge_locations.asn
(#27305) - resource/aws_ami_copy: Add
imds_support
attribute (#27561) - resource/aws_ami_from_instance: Add
imds_support
attribute (#27561) - resource/aws_apprunner_service: Add
ingress_configuration
argument block. (#27600) - resource/aws_batch_compute_environment: Add
eks_configuration
configuration block (#27499) - resource/aws_batch_compute_environment: Allow deletion of AWS Batch compute environments in
INVALID
state (#26931) - resource/aws_budgets_budget: Add
auto_adjust_data
configuration block (#27474) - resource/aws_budgets_budget: Add
planned_limit
configuration block (#25766) - resource/aws_cognito_user_pool: Add
deletion_protection
argument (#27612) - resource/aws_cognito_user_pool_client: Add
auth_session_validity
argument (#27620) - resource/aws_lb_target_group: Add support for
target_failover
andstickiness
attributes for GENEVE protocol target groups (#27334) - resource/aws_sagemaker_domain: Add
domain_settings
,app_security_group_management
,default_user_settings.r_session_app_settings
, anddefault_user_settings.canvas_app_settings
arguments. (#27542) - resource/aws_sagemaker_user_profile: Add
user_settings.r_session_app_settings
anduser_settings.canvas_app_settings
arguments. (#27542) - resource/aws_sagemaker_workforce: Add
workforce_vpc_config
argument (#27538) - resource/aws_sfn_state_machine: Add
name_prefix
argument (#27574)
BUG FIXES:
- data-source/aws_ip_ranges: Fix regression causing filtering on
regions
andservices
to become case-sensitive (#27558) - resource/aws_batch_compute_environment: Update
compute_resources.security_group_ids
to be optional (#26172) - resource/aws_dynamodb_table: Fix bug causing spurious diffs with and preventing proper updating of
stream_enabled
andstream_view_type
(#27566) - resource/aws_instance: Use EC2 API idempotency to ensure that only a single Instance is created (#27561)
v4.37.0
NOTES:
- resource/aws_medialive_multiplex_program: The
statemux_settings
argument has been deprecated. Use thestatmux_settings
argument instead (#27223)
FEATURES:
-
New Data Source:
aws_dx_router_configuration
(#27341) -
New Resource:
aws_inspector2_enabler
(#27505) -
New Resource:
aws_lightsail_lb_certificate
(#27462) -
New Resource:
aws_lightsail_lb_certificate_attachment
(#27462) -
New Resource:
aws_route53_resolver_config
(#27487) -
New Resource:
aws_sesv2_dedicated_ip_assignment
(#27361) -
New Resource:
aws_sesv2_email_identity
(#27260)
ENHANCEMENTS:
- data-source/aws_acmpca_certificate_authority: Add
usage_mode
attribute (#27496) - data-source/aws_outposts_assets: Add
host_id_filter
andstatus_id_filter
arguments (#27303) - resource/aws_acmpca_certificate_authority: Add
usage_mode
argument to support short-lived certificates (#27496) - resource/aws_apprunner_vpc_connector: Add ability to update
tags
(#27345) - resource/aws_datasync_task: Add
security_descriptor_copy_flags
tooptions
configuration block (#26992) - resource/aws_ec2_capacity_reservation: Add
placement_group_arn
argument (#27458) - resource/aws_ec2_transit_gateway: Add support to modify
amazon_side_asn
argument (#27306) - resource/aws_elasticache_global_replication_group: Add
global_node_groups
andnum_node_groups
arguments (#27500) - resource/aws_elasticache_global_replication_group: Add timeouts. (#27500)
- resource/aws_evidently_project: Support configurable timeouts for create, update, and delete (#27336)
- resource/aws_flow_log: Amazon VPC Flow Logs supports Kinesis Data Firehose as destination (#27340)
- resource/aws_medialive_multiplex_program: Add ability to update
multiplex_program_settings
in place (#27223) - resource/aws_network_interface_attachment: Added import capabilities for the resource (#27364)
- resource/aws_sesv2_dedicated_ip_pool: Add
scaling_mode
attribute (#27388) - resource/aws_ssm_parameter: Support
aws:ssm:integration
as a valid value fordata_type
(#27329)
BUG FIXES:
- data-source/aws_route53_traffic_policy_document: Fixed incorrect capitalization for
GeoproximityLocations
(#27473) - resource/aws_connect_contact_flow: Change
type
to ForceNew (#27347) - resource/aws_ecs_service: Correctly handle unconfigured
task_definition
, makingEXTERNAL
deployments possible (#27390) - resource/aws_lb_target_group: Fix import issues on
aws_lb_target_group
when specifyingip_address_type
ofipv4
(#27464) - resource/aws_rds_proxy_endpoint: Respect configured provider
default_tags
value on resource Update (#27367) - resource/aws_vpc_ipam_pool_cidr: Fix crash when IPAM Pool CIDR not found (#27512)
v4.36.1
BUG FIXES:
- data-source/aws_default_tags: Fix regression setting
tags
tonull
instead of an empty map ({}
) when nodefault_tags
are defined (#27377)
v4.36.0
FEATURES:
-
New Data Source:
aws_elasticache_subnet_group
(#27233) -
New Data Source:
aws_sesv2_dedicated_ip_pool
(#27278) -
New Resource:
aws_lightsail_certificate
(#25283) -
New Resource:
aws_lightsail_domain_entry
(#27309) -
New Resource:
aws_lightsail_lb
(#27339) -
New Resource:
aws_lightsail_lb_attachment
(#27339) -
New Resource:
aws_sesv2_dedicated_ip_pool
(#27278)
ENHANCEMENTS:
- data-source/aws_route53_zone: Add
primary_name_server
attribute (#27293) - resource/aws_appstream_stack: Add validation for
application_settings
. (#27257) - resource/aws_lightsail_container_service: Add
private_registry_access
argument (#27236) - resource/aws_mq_broker: Add configurable timeouts (#27035)
- resource/aws_resourcegroups_group: Add
configuration
argument (#26934) - resource/aws_route53_zone: Add
primary_name_server
attribute (#27293) - resource/aws_rum_app_monitor: Add
app_monitor_id
attribute (#26994) - resource/aws_sns_platform_application: Add
apple_platform_bundle_id
andapple_platform_team_id
arguments. NOTE: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#23147)
BUG FIXES:
- resource/aws_appstream_stack: Fix panic with
application_settings
. (#27257) - resource/aws_sqs_queue: Change
sqs_managed_sse_enabled
toComputed
as newly created SQS queues use SSE-SQS encryption by default. This means that Terraform will only perform drift detection of the attribute's value when present in a configuration (#26843) - resource/aws_sqs_queue: Respect configured
sqs_managed_sse_enabled
value on resource Create. In particular a configuredfalse
value is sent to the AWS API, which overrides the new service default value oftrue
(#27335)
v4.35.0
FEATURES:
-
New Data Source:
aws_rds_reserved_instance_offering
(#26025) -
New Data Source:
aws_vpc_ipam_pools
(#27101) -
New Resource:
aws_codepipeline_custom_action_type
(#8123) -
New Resource:
aws_comprehend_document_classifier
(#26951) -
New Resource:
aws_inspector2_delegated_admin_account
(#27229) -
New Resource:
aws_rds_reserved_instance
(#26025) -
New Resource:
aws_s3control_storage_lens_configuration
(#27097) -
New Resource:
aws_sesv2_configuration_set
(#27056) -
New Resource:
aws_transfer_tag
(#27131)
ENHANCEMENTS:
- data-source/aws_dx_connection: Add
vlan_id
attribute (#27148) - data-source/aws_vpc: Add
enable_network_address_usage_metrics
attribute (#27165) - resource/aws_cognito_user_pool: Add
user_attribute_update_settings
attribute (#27129) - resource/aws_default_vpc: Add
enable_network_address_usage_metrics
argument (#27165) - resource/aws_dx_connection: Add
vlan_id
attribute (#27148) - resource/aws_elasticache_global_replication_group: Add support for updating
cache_node_type
andautomatic_failover_enabled
. (#27134) - resource/aws_globalaccelerator_accelerator: Add
ip_addresses
argument in support of BYOIP addresses (#27181) - resource/aws_opsworks_custom_layer: Add
load_based_auto_scaling
argument (#10962) - resource/aws_prometheus_workspace: Add
logging_configuration
argument (#27213) - resource/aws_vpc: Add
enable_network_address_usage_metrics
argument (#27165)
BUG FIXES:
- data-source/aws_identitystore_user: Change the type of
external_ids
to a string instead of a bool. (#27184) - resource/aws_ecs_task_definition: Prevent panic when supplying a
null
value incontainer_definitions
(#27263) - resource/aws_identitystore_user: Change the type of
external_ids
to a string instead of a bool. (#27184) - resource/aws_organizations_policy_attachment: Handle missing policy when reading policy attachment (#27238)
- resource/aws_ssm_service_setting: Prevent panic during status read (#27232)
v4.34.0
NOTES:
- data-source/aws_identitystore_user: The
filter
argument has been deprecated. Use thealternate_identifier
argument instead (#27053)
FEATURES:
-
New Data Source:
aws_appconfig_configuration_profile
(#27054) -
New Data Source:
aws_appconfig_configuration_profiles
(#27054) -
New Data Source:
aws_appconfig_environment
(#27054) -
New Data Source:
aws_appconfig_environments
(#27054) -
New Data Source:
aws_vpc_ipam_pool_cidrs
(#27051) -
New Resource:
aws_evidently_project
(#24263)
ENHANCEMENTS:
- data-source/aws_ami: Add
imds_support
attribute (#27084) - data-source/aws_identitystore_user: Add
alternate_identifier
argument andaddresses
,display_name
,emails
,external_ids
,locale
,name
,nickname
,phone_numbers
,preferred_language
,profile_url
,timezone
,title
anduser_type
attributes (#27053) - datasource/aws_eks_cluster: Add
service_ipv6_cidr
attribute tokubernetes_network_config
block (#26980) - resource/aws_ami: Add
imds_support
argument (#27084) - resource/aws_ami_copy: Add
imds_support
argument (#27084) - resource/aws_ami_from_instance: Add
imds_support
argument (#27084) - resource/aws_cloudwatch_event_target: Add
capacity_provider_strategy
configuration block to theecs_target
configuration block (#27068) - resource/aws_eks_addon: Add
MRESERVE
option toresolve_conflicts
argument. (#27038) - resource/aws_eks_cluster: Add
service_ipv6_cidr
attribute tokubernetes_network_config
block (#26980) - resource/aws_mwaa_environment: Add custom timeouts (#27031)
- resource/aws_networkfirewall_firewall_policy: Add
firewall_policy.stateful_rule_group_reference.override
argument (#25135) - resource/aws_wafv2_rule_group: Add
headers
attribute to thefield_to_match
block (#26506) - resource/aws_wafv2_rule_group: Add rate_based_statement (#27113)
- resource/aws_wafv2_rule_group: Add support for
regex_match_statement
(#22452) - resource/aws_wafv2_web_acl: Add
headers
attribute to thefield_to_match
block (#26506) - resource/aws_wafv2_web_acl: Add support for
regex_match_statement
(#22452)
BUG FIXES:
- data-source/aws_iam_policy_document: Better handling when invalid JSON passed to
override_policy_documents
(#27055) - data-source/aws_ses_active_receipt_rule_set: Prevent crash when no receipt rule set is active (#27073)
- resource/aws_keyspaces_table: Change
schema_definition.clustering_key
andschema_definition.partition_key
to lists in order to respect configured orderings (#26812) - resource/aws_rolesanywhere_profile: Correctly handle updates to
enabled
andsession_policy
(#26858) - resource/aws_rolesanywhere_trust_anchor: Correctly handle updates to
enabled
(#26858)
v4.33.0
FEATURES:
-
New Data Source:
aws_kms_custom_key_store
(#24787) -
New Resource:
aws_identitystore_group
(#26674) -
New Resource:
aws_identitystore_group_membership
(#26944) -
New Resource:
aws_identitystore_user
(#26948) -
New Resource:
aws_inspector2_organization_configuration
(#27000) -
New Resource:
aws_kms_custom_key_store
(#26997)
ENHANCEMENTS:
- resource/aws_acm_certificate: Add
early_renewal_duration
,pending_renewal
,renewal_eligibility
,renewal_summary
andtype
attributes (#26784) - resource/aws_appautoscaling_policy: Add
alarm_arns
attribute (#27011) - resource/aws_dms_endpoint: Add
s3_settings.use_task_start_time_for_full_load_timestamp
argument (#27004) - resource/aws_ec2_traffic_mirror_target: Add
gateway_load_balancer_endpoint_id
argument (#26767) - resource/aws_kms_key: Add
custom_key_store_id
attribute (#24787)
BUG FIXES:
- resource/aws_rds_cluster: Support
upgrade
as a valid value inenabled_cloudwatch_logs_exports
(#26792) - resource/aws_ssm_parameter: Allow parameter overwrite on create (#26785)
v4.32.0
ENHANCEMENTS:
- resource/aws_eks_cluster: Add
outpost_config
argument to support EKS local clusers on Outposts (#26866)
BUG FIXES:
- resource/aws_ec2_managed_prefix_list: MaxEntries and Entry(s) can now be changed in the same apply (#26845)
v4.31.0
FEATURES:
-
New Data Source:
aws_ec2_managed_prefix_lists
(#26727) -
New Resource:
aws_sqs_queue_redrive_allow_policy
(#26733) -
New Resource:
aws_sqs_queue_redrive_policy
(#26733)
ENHANCEMENTS:
- data-source/aws_lambda_function: Add
qualified_invoke_arn
attribute (#26439) - resource/aws_db_instance: Add
custom_iam_instance_profile
attribute (#26765) - resource/aws_lambda_function: Add
qualified_invoke_arn
attribute (#26439)
BUG FIXES:
- resource/aws_autoscaling_attachment: Retry errors like
ValidationError: Trying to update too many Load Balancers/Target Groups at once. The limit is 10
when creating or deleting resource (#26654) - resource/aws_dynamodb_table: No longer returns error for an ARCHIVED table (#26744)
- resource/aws_instance: Prevents errors in ISO regions when not using DisableApiStop attribute (#26745)
- resource/aws_replication_subnet_group: Add retry to create step, resolving
AccessDeniedFault
error (#26768)
v4.30.0
FEATURES:
-
New Resource:
aws_medialive_multiplex
(#26608) -
New Resource:
aws_medialive_multiplex_program
(#26694) -
New Resource:
aws_redshiftserverless_usage_limit
(#26636) -
New Resource:
aws_ssoadmin_customer_managed_policy_attachment
(#25915)
ENHANCEMENTS:
- data-source/aws_rds_cluster: Add
network_type
attribute (#26489) - resource/aws_eks_addon: Support configurable timeouts for addon create, update, and delete (#26629)
- resource/aws_rds_cluster: Add
network_type
argument (#26489) - resource/aws_rds_cluster_instance: Add
network_type
attribute (#26489) - resource/aws_s3_bucket_object_lock_configuration: Update
rule
argument to be Optional (#26520) - resource/aws_vpn_connection: Add
tunnel1_log_options
andtunnel2_log_options
arguments (#26637)
BUG FIXES:
- data-source/aws_ec2_managed_prefix_list: Fixes bug where an error is returned for regions with more than 100 managed prefix lists (#26683)
- data-source/aws_iam_policy_document: Correctly handle unquoted Boolean values in
Condition
(#26657) - data-source/aws_iam_policy_document: Prevent crash when
source_policy_documents
contains empty or invalid JSON documents (#26640) - resource/aws_eip: Defaults to default regional
domain
whenvpc
not set (#26716) - resource/aws_instance: No longer fails when setting
metadata_options.instance_metadata_tags
(#26631) - resource/aws_lambda_function: Update the environment variables if the
kms_key_arn
has changed (#26696) - resource/aws_opsworks_stack: Defaults to default VPC when not supplied (#26711)
- resource/aws_security_group: Defaults to default VPC when not supplied (#26697)
v4.29.0
NOTES:
- resource/aws_db_instance: With AWS's retirement of EC2-Classic no new RDS DB Instances can be created referencing RDS DB Security Groups (#26525)
- resource/aws_db_security_group: With AWS's retirement of EC2-Classic no new RDS DB Security Groups can be created (#26525)
- resource/aws_default_vpc: With AWS's retirement of EC2-Classic the
enable_classiclink
andenable_classiclink_dns_support
attributes have been deprecated and will be removed in a future version (#26525) - resource/aws_eip: With AWS's retirement of EC2-Classic no new non-VPC EC2 EIPs can be created (#26525)
- resource/aws_elasticache_cluster: With AWS's retirement of EC2-Classic no new ElastiCache Clusters can be created referencing ElastiCache Security Groups (#26525)
- resource/aws_elasticache_security_group: With AWS's retirement of EC2-Classic no new ElastiCache Security Groups can be created (#26525)
- resource/aws_instance: With the retirement of EC2-Classic,
aws_instance
has been updated to remove support for EC2-Classic (#26532) - resource/aws_launch_configuration: With AWS's retirement of EC2-Classic no new Auto Scaling Launch Configurations can be created referencing ClassicLink (#26525)
- resource/aws_opsworks_stack: With AWS's retirement of EC2-Classic no new OpsWorks Stacks can be created without referencing a VPC (#26525)
- resource/aws_redshift_cluster: With AWS's retirement of EC2-Classic no new Redshift Clusters can be created referencing Redshift Security Groups (#26525)
- resource/aws_redshift_security_group: With AWS's retirement of EC2-Classic no new Redshift Security Groups can be created (#26525)
- resource/aws_security_group: With AWS's retirement of EC2-Classic no new Security Groups can be created without referencing a VPC (#26525)
- resource/aws_vpc: With AWS's retirement of EC2-Classic no new VPCs can be created with ClassicLink enabled (#26525)
- resource/aws_vpc_peering_connection: With AWS's retirement of EC2-Classic no new VPC Peering Connections can be created with ClassicLink options enabled (#26525)
- resource/aws_vpc_peering_connection_accepter: With AWS's retirement of EC2-Classic no VPC Peering Connections can be accepted with ClassicLink options enabled (#26525)
- resource/aws_vpc_peering_connection_options: With AWS's retirement of EC2-Classic no new VPC Peering Connection Options can be created with ClassicLink options enabled (#26525)
FEATURES:
-
New Data Source:
aws_location_tracker_associations
(#26472) -
New Resource:
aws_cloudfront_origin_access_control
(#26508) -
New Resource:
aws_medialive_input
(#26550) -
New Resource:
aws_medialive_input_security_group
(#26550) -
New Resource:
aws_redshiftserverless_endpoint_access
(#26555)
ENHANCEMENTS:
- data-source/aws_cloudtrail_service_account: Add service account ID for
me-central-1
AWS Region (#26572) - data-source/aws_eks_node_group: Add
capacity_type
attribute (#26521) - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for
me-central-1
AWS Region (#26572) - data-source/aws_instance: Add
host_resource_group_arn
attribute (#26532) - data-source/aws_lambda_function: Return most recent published version when
qualifier
is not set (#11195) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for
me-central-1
AWS Region (#26572) - data-source/aws_s3_bucket: Add hosted zone ID for
me-central-1
AWS Region (#26572) - provider: Support
me-central-1
as a valid AWS Region (#26590) - provider: Add
source_identity
argument toassume_role
block (#25368) - resource/aws_cloudfront_distribution: Add
origin_access_control_id
to theorigin
configuration block (#26510) - resource/aws_dms_endpoint: Add
redis_settings
configuration block (#26411) - resource/aws_ec2_fleet: Add
target_capacity_unit_type
attribute to thetarget_capacity_specification
configuration block (#26493) - resource/aws_instance: Add
host_resource_group_arn
attribute; improve compatibility with launching instances in a host resource group using an AMI registered with License Manager. NOTE: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing. (#26532) - resource/aws_lambda_event_source_mapping: Add
amazon_managed_kafka_event_source_config
andself_managed_kafka_event_source_config
configuration blocks (#26560) - resource/aws_lambda_function: Add validation for
function_name
attribute (#25259) - resource/aws_opensearch_domain: Add support for enabling fine-grained access control on existing domains with
advanced_security_options
anonymous_auth_enabled
(#26503) - resource/aws_redshiftserverless_endpoint_workgroup: Add
endpoint
attribute (#26555) - resource/aws_spot_fleet_request: Add
target_capacity_unit_type
argument (#26493) - resource/aws_wafv2_rule_group: Add
cookies
attribute to thefield_to_match
block (#25845) - resource/aws_wafv2_rule_group: Add
json_body
attribute to thefield_to_match
block (#24772) - resource/aws_wafv2_web_acl: Add
cookies
attribute to thefield_to_match
block (#25845) - resource/aws_wafv2_web_acl: Add
json_body
attribute to thefield_to_match
block (#24772)
BUG FIXES:
- provider: No longer silently ignores
assume_role
block whenrole_arn
has unknown value. (#26590) - resource/aws_security_group: Fix complex dependency violations such as using a security group with an EMR cluster (#26553)
v4.28.0
NOTES:
- resource/aws_db_instance: With the retirement of EC2-Classic the
security_group_names
attribute has been deprecated and will be removed in a future version (#26427) - resource/aws_db_security_group: With the retirement of EC2-Classic the
aws_db_security_group
resource has been deprecated and will be removed in a future version (#26427) - resource/aws_elasticache_cluster: With the retirement of EC2-Classic the
security_group_names
attribute has been deprecated and will be removed in a future version (#26427) - resource/aws_elasticache_security_group: With the retirement of EC2-Classic the
aws_elasticache_security_group
resource has been deprecated and will be removed in a future version (#26427) - resource/aws_launch_configuration: With the retirement of EC2-Classic the
vpc_classic_link_id
andvpc_classic_link_security_groups
attributes have been deprecated and will be removed in a future version (#26427) - resource/aws_redshift_cluster: With the retirement of EC2-Classic the
cluster_security_groups
attribute has been deprecated and will be removed in a future version (#26427) - resource/aws_redshift_security_group: With the retirement of EC2-Classic the
aws_redshift_security_group
resource has been deprecated and will be removed in a future version (#26427) - resource/aws_vpc: With the retirement of EC2-Classic the
enable_classiclink
andenable_classiclink_dns_support
attributes have been deprecated and will be removed in a future version (#26427) - resource/aws_vpc_peering_connection: With the retirement of EC2-Classic the
allow_classic_link_to_remote_vpc
andallow_vpc_to_remote_classic_link
attributes have been deprecated and will be removed in a future version (#26427) - resource/aws_vpc_peering_connection_accepter: With the retirement of EC2-Classic the
allow_classic_link_to_remote_vpc
andallow_vpc_to_remote_classic_link
attributes have been deprecated and will be removed in a future version (#26427) - resource/aws_vpc_peering_connection_options: With the retirement of EC2-Classic the
allow_classic_link_to_remote_vpc
andallow_vpc_to_remote_classic_link
attributes have been deprecated and will be removed in a future version (#26427)
FEATURES:
-
New Data Source:
aws_ec2_network_insights_analysis
(#23532) -
New Data Source:
aws_ec2_network_insights_path
(#23532) -
New Data Source:
aws_ec2_transit_gateway_attachment
(#26264) -
New Data Source:
aws_location_tracker_association
(#26404) -
New Resource:
aws_ec2_network_insights_analysis
(#23532) -
New Resource:
aws_ec2_transit_gateway_policy_table
(#26264) -
New Resource:
aws_ec2_transit_gateway_policy_table_association
(#26264) -
New Resource:
aws_grafana_workspace_api_key
(#25286) -
New Resource:
aws_networkmanager_transit_gateway_peering
(#26264) -
New Resource:
aws_networkmanager_transit_gateway_route_table_attachment
(#26264) -
New Resource:
aws_redshiftserverless_workgroup
(#26467)
ENHANCEMENTS:
- data-source/aws_db_instance: Add
network_type
attribute (#26185) - data-source/aws_db_subnet_group: Add
supported_network_types
attribute (#26185) - data-source/aws_rds_orderable_db_instance: Add
supported_network_types
attribute (#26185) - resource/aws_db_instance: Add
network_type
argument (#26185) - resource/aws_db_subnet_group: Add
supported_network_types
argument (#26185) - resource/aws_glue_job: Add support for
3.9
as validpython_version
value (#26407) - resource/aws_kendra_index: The
document_metadata_configuration_updates
argument can now be updated. Refer to the documentation for more details. (#20294)
BUG FIXES:
- resource/aws_appstream_fleet: Fix crash when providing empty
domain_join_info
(e.g.,directory_name = ""
) (#26454) - resource/aws_eip: Include any provider-level configured
default_tags
on resource Create (#26308) - resource/aws_kinesis_firehose_delivery_stream: Updating
tags
no longer causes an unnecessary update (#26451) - resource/aws_organizations_policy: Prevent
InvalidParameter
errors by handlingcontent
as generic JSON, not an IAM policy (#26279)
v4.27.0
FEATURES:
-
New Resource:
aws_msk_serverless_cluster
(#25684) -
New Resource:
aws_networkmanager_attachment_accepter
(#26227) -
New Resource:
aws_networkmanager_vpc_attachment
(#26227)
ENHANCEMENTS:
- data-source/aws_networkfirewall_firewall: Add
capacity_usage_summary
,configuration_sync_state_summary
, andstatus
attributes to thefirewall_status
block (#26284) - resource/aws_acm_certificate: Add
not_after
argument (#26281) - resource/aws_acm_certificate: Add
not_before
argument (#26281) - resource/aws_chime_voice_connector_logging: Add
enable_media_metric_logs
argument (#26283) - resource/aws_cloudfront_distribution: Support
http3
andhttp2and3
as valid values for thehttp_version
argument (#26313) - resource/aws_inspector_assessment_template: Add
event_subscription
configuration block (#26334) - resource/aws_lb_target_group: Add
ip_address_type
argument (#26320) - resource/aws_opsworks_stack: Add plan-time validation for
custom_cookbooks_source.type
(#26278)
BUG FIXES:
- resource/aws_appflow_flow: Correctly specify
trigger_config.trigger_properties.scheduled.schedule_start_time
during create and update (#26289) - resource/aws_db_instance: Prevent
InvalidParameterCombination: No modifications were requested
errors when onlydelete_automated_backups
,final_snapshot_identifier
and/orskip_final_snapshot
change (#26286) - resource/aws_opsworks_custom_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_ecs_cluster_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_ganglia_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_haproxy_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_java_app_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_memcached_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_mysql_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_nodejs_app_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_php_app_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_rails_app_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_stack: Correctly apply
tags
during create ifregion
is not equal to the configured AWS Region (#26278) - resource/aws_opsworks_static_web_layer: Correctly apply
tags
during create if the stack'sregion
is not equal to the configured AWS Region (#26278)
v4.26.0
FEATURES:
-
New Data Source:
aws_fsx_openzfs_snapshot
(#26184) -
New Data Source:
aws_networkfirewall_firewall
(#25495) -
New Data Source:
aws_prometheus_workspace
(#26120) -
New Resource:
aws_comprehend_entity_recognizer
(#26244) -
New Resource:
aws_connect_instance_storage_config
(#26152) -
New Resource:
aws_directory_service_radius_settings
(#14045) -
New Resource:
aws_directory_service_region
(#25755) -
New Resource:
aws_dynamodb_table_replica
(#26250) -
New Resource:
aws_location_tracker_association
(#26061)
ENHANCEMENTS:
- data-source/aws_directory_service_directory: Add
radius_settings
attribute (#14045) - data-source/aws_directory_service_directory: Set
dns_ip_addresses
to the owner directory's DNS IP addresses for SharedMicrosoftAD directories (#20819) - data-source/aws_elasticsearch_domain: Add
throughput
attribute to theebs_options
configuration block (#26045) - data-source/aws_opensearch_domain: Add
throughput
attribute to theebs_options
configuration block (#26045) - resource/aws_autoscaling_group: Better error handling when attempting to create Auto Scaling groups with incompatible options (#25987)
- resource/aws_backup_vault: Add
force_destroy
argument (#26199) - resource/aws_directory_service_directory: Add
desired_number_of_domain_controllers
argument (#25755) - resource/aws_directory_service_directory: Add configurable timeouts for Create, Update and Delete (#25755)
- resource/aws_directory_service_shared_directory: Add configurable timeouts for Delete (#25755)
- resource/aws_directory_service_shared_directory_accepter: Add configurable timeouts for Create and Delete (#25755)
- resource/aws_elasticsearch_domain: Add
throughput
attribute to theebs_options
configuration block (#26045) - resource/aws_glue_job: Add
execution_class
argument (#26188) - resource/aws_macie2_classification_job: Add
bucket_criteria
attribute to thes3_job_definition
configuration block (#19837) - resource/aws_opensearch_domain: Add
throughput
attribute to theebs_options
configuration block (#26045)
BUG FIXES:
- resource/aws_appflow_flow: Fix
trigger_properties.scheduled
being set during resource read (#26240) - resource/aws_db_instance: Add retries (for handling IAM eventual consistency) when creating database replicas that use enhanced monitoring (#20926)
- resource/aws_db_instance: Apply
monitoring_interval
andmonitoring_role_arn
when creating viarestore_to_point_in_time
(#20926) - resource/aws_dynamodb_table: Fix
replica.*.propagate_tags
not propagating tags to newly added replicas (#26257) - resource/aws_emr_instance_group: Handle deleted instance groups during resource read (#26154)
- resource/aws_emr_instance_group: Mark
instance_count
as Computed to prevent diff when autoscaling is active (#26154) - resource/aws_lb_listener: Fix
ValidationError
when tags are added oncreate
(#26194) - resource/aws_lb_target_group: Fix
ValidationError
when tags are added oncreate
(#26194) - resource/aws_macie2_classification_job: Fix incorrect plan diff for
TagScopeTerm()
when updating resources (#19837) - resource/aws_security_group_rule: Disallow empty strings in
prefix_list_ids
(#26220)
v4.25.0
FEATURES:
-
New Data Source:
aws_waf_subscribed_rule_group
(#10563) -
New Data Source:
aws_wafregional_subscribed_rule_group
(#10563) -
New Resource:
aws_kendra_data_source
(#25686) -
New Resource:
aws_macie2_classification_export_configuration
(#19856) -
New Resource:
aws_transcribe_language_model
(#25698)
ENHANCEMENTS:
- data-source/aws_alb: Allow customizable read timeout (#26121)
- data-source/aws_ami: Allow customizable read timeout (#26121)
- data-source/aws_ami_ids: Allow customizable read timeout (#26121)
- data-source/aws_availability_zone: Allow customizable read timeout (#26121)
- data-source/aws_availability_zones: Allow customizable read timeout (#26121)
- data-source/aws_customer_gateway: Allow customizable read timeout (#26121)
- data-source/aws_dx_location: Add
available_macsec_port_speeds
attribute (#26110) - data-source/aws_ebs_default_kms_key: Allow customizable read timeout (#26121)
- data-source/aws_ebs_encryption_by_default: Allow customizable read timeout (#26121)
- data-source/aws_ebs_snapshot: Allow customizable read timeout (#26121)
- data-source/aws_ebs_snapshot_ids: Allow customizable read timeout (#26121)
- data-source/aws_ebs_volume: Allow customizable read timeout (#26121)
- data-source/aws_ebs_volumes: Allow customizable read timeout (#26121)
- data-source/aws_ec2_client_vpn_endpoint: Allow customizable read timeout (#26121)
- data-source/aws_ec2_coip_pool: Allow customizable read timeout (#26121)
- data-source/aws_ec2_coip_pools: Allow customizable read timeout (#26121)
- data-source/aws_ec2_host: Allow customizable read timeout (#26121)
- data-source/aws_ec2_instance_type: Allow customizable read timeout (#26121)
- data-source/aws_ec2_instance_type_offering: Allow customizable read timeout (#26121)
- data-source/aws_ec2_instance_type_offerings: Allow customizable read timeout (#26121)
- data-source/aws_ec2_instance_types: Allow customizable read timeout (#26121)
- data-source/aws_ec2_local_gateway: Allow customizable read timeout (#26121)
- data-source/aws_ec2_local_gateway_route_table: Allow customizable read timeout (#26121)
- data-source/aws_ec2_local_gateway_route_tables: Allow customizable read timeout (#26121)
- data-source/aws_ec2_local_gateway_virtual_interface: Allow customizable read timeout (#26121)
- data-source/aws_ec2_local_gateway_virtual_interface_group: Allow customizable read timeout (#26121)
- data-source/aws_ec2_local_gateway_virtual_interface_groups: Allow customizable read timeout (#26121)
- data-source/aws_ec2_local_gateways: Allow customizable read timeout (#26121)
- data-source/aws_ec2_managed_prefix_list: Allow customizable read timeout (#26121)
- data-source/aws_ec2_serial_console_access: Allow customizable read timeout (#26121)
- data-source/aws_ec2_spot_price: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_connect: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_connect_peer: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_dx_gateway_attachment: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_multicast_domain: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_peering_attachment: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_route_table: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_route_tables: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_vpc_attachment: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_vpc_attachments: Allow customizable read timeout (#26121)
- data-source/aws_ec2_transit_gateway_vpn_attachment: Allow customizable read timeout (#26121)
- data-source/aws_eip: Allow customizable read timeout (#26121)
- data-source/aws_eips: Allow customizable read timeout (#26121)
- data-source/aws_instance: Allow customizable read timeout (#26121)
- data-source/aws_instances: Allow customizable read timeout (#26121)
- data-source/aws_internet_gateway: Allow customizable read timeout (#26121)
- data-source/aws_key_pair: Allow customizable read timeout (#26121)
- data-source/aws_launch_template: Allow customizable read timeout (#26121)
- data-source/aws_lb: Add
preserve_host_header
attribute (#26056) - data-source/aws_lb: Allow customizable read timeout (#26121)
- data-source/aws_lb_listener: Allow customizable read timeout (#26121)
- data-source/aws_lb_target_group: Allow customizable read timeout (#26121)
- data-source/aws_nat_gateway: Allow customizable read timeout (#26121)
- data-source/aws_nat_gateways: Allow customizable read timeout (#26121)
- data-source/aws_network_acls: Allow customizable read timeout (#26121)
- data-source/aws_network_interface: Allow customizable read timeout (#26121)
- data-source/aws_network_interfaces: Allow customizable read timeout (#26121)
- data-source/aws_prefix_list: Allow customizable read timeout (#26121)
- data-source/aws_route: Allow customizable read timeout (#26121)
- data-source/aws_route_table: Allow customizable read timeout (#26121)
- data-source/aws_route_tables: Allow customizable read timeout (#26121)
- data-source/aws_security_group: Allow customizable read timeout (#26121)
- data-source/aws_security_groups: Allow customizable read timeout (#26121)
- data-source/aws_subnet: Allow customizable read timeout (#26121)
- data-source/aws_subnet_ids: Allow customizable read timeout (#26121)
- data-source/aws_subnets: Allow customizable read timeout (#26121)
- data-source/aws_vpc: Allow customizable read timeout (#26121)
- data-source/aws_vpc_dhcp_options: Allow customizable read timeout (#26121)
- data-source/aws_vpc_endpoint: Allow customizable read timeout (#26121)
- data-source/aws_vpc_endpoint_service: Allow customizable read timeout (#26121)
- data-source/aws_vpc_ipam_pool: Allow customizable read timeout (#26121)
- data-source/aws_vpc_ipam_preview_next_cidr: Allow customizable read timeout (#26121)
- data-source/aws_vpc_peering_connection: Allow customizable read timeout (#26121)
- data-source/aws_vpc_peering_connections: Allow customizable read timeout (#26121)
- data-source/aws_vpcs: Allow customizable read timeout (#26121)
- data-source/aws_vpn_gateway: Allow customizable read timeout (#26121)
- resource/aws_ecrpublic_repository: Add
tags
argument andtags_all
attribute to support resource tagging (#26057) - resource/aws_fsx_openzfs_file_system: Add
root_volume_configuration.record_size_kib
argument (#26049) - resource/aws_fsx_openzfs_volume: Add
record_size_kib
argument (#26049) - resource/aws_globalaccelerator_accelerator: Support
DUAL_STACK
value forip_address_type
(#26055) - resource/aws_iam_role_policy: Add plan time validation to
role
argument (#26082) - resource/aws_internet_gateway: Allow customizable timeouts (#26121)
- resource/aws_internet_gateway_attachment: Allow customizable timeouts (#26121)
- resource/aws_lb: Add
preserve_host_header
argument (#26056) - resource/aws_s3_bucket: Allow customizable timeouts (#26121)
BUG FIXES:
- resource/aws_api_gateway_rest_api: Add
put_rest_api_mode
argument to address race conditions when importing OpenAPI Specifications (#26051) - resource/aws_appstream_fleet: Fix IAM
InvalidRoleException
error on creation (#26060)
v4.24.0
FEATURES:
ENHANCEMENTS:
- data-source/aws_ecs_service: Add
tags
attribute (#25961) - resource/aws_datasync_task: Add
includes
argument (#25929) - resource/aws_guardduty_detector: Add
malware_protection
attribute to thedatasources
configuration block (#25994) - resource/aws_guardduty_organization_configuration: Add
malware_protection
attribute to thedatasources
configuration block (#25992) - resource/aws_security_group: Additional plan-time validation for
name
andname_prefix
(#15011) - resource/aws_security_group_rule: Add configurable Create timeout (#24340)
- resource/aws_ses_configuration_set: Add
tracking_options.0.custom_redirect_domain
argument (NOTE: This enhancement is provided as best effort due to testing limitations, i.e., the requirement of a verified domain) (#26032)
BUG FIXES:
- data-source/aws_networkmanager_core_network_policy_document: Fix bug where bool values for
attachment-policy.action.require-acceptance
can only betrue
or omitted (#26010) - resource/aws_appmesh_gateway_route: Fix crash when only one of hostname rewrite or path rewrite is configured (#26012)
- resource/aws_ce_anomaly_subscription:Fix crash upon adding or removing monitor ARNs to
monitor_arn_list
. (#25941) - resource/aws_cognito_identity_pool_provider_principal_tag: Fix read operation when using an OIDC provider (#25964)
- resource/aws_route53_record: Don't ignore
dualstack
prefix in Route 53 Record alias names (#10672) - resource/aws_s3_bucket: Prevents unexpected import of existing bucket in
us-east-1
. (#26011) - resource/aws_s3_bucket: Refactored
object_lock_enabled
parameter's default assignment behavior to protect partitions without Object Lock available. (#25098)
Configuration
-
If you want to rebase/retry this MR, click this checkbox.
This MR has been generated by Renovate Bot.