Skip to content

v3.0.0

Latest
Latest

Choose a tag to compare

View all tags
@cloudposse-releaser cloudposse-releaser released this 12 Sep 17:10
· 3 commits to main since this release
v3.0.0
c71b308
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

🤖 Automatic Updates

chore(deps): update terraform aws to v6 (main) @[renovate[bot]](https://github.com/apps/renovate) (#159) This PR contains the following updates:
Package Type Update Change
aws (source) required_provider major >= 4.9.0, < 6.0 -> < 6.13

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.12.0

Compare Source

NOTES:

  • resource/aws_s3_bucket_acl: The access_control_policy.grant.grantee.display_name attribute is deprecated. AWS has ended support for this attribute. API responses began inconsistently returning it on July 15, 2025, and will stop returning it entirely on November 21, 2025. This attribute will be removed in a future major version. (#​44090)
  • resource/aws_s3_bucket_acl: The access_control_policy.owner.display_name attribute is deprecated. AWS has ended support for this attribute. API responses began inconsistently returning it on July 15, 2025, and will stop returning it entirely on November 21, 2025. This attribute will be removed in a future major version. (#​44090)
  • resource/aws_s3_bucket_logging: The target_grant.grantee.display_name attribute is deprecated. AWS has ended support for this attribute. API responses began inconsistently returning it on July 15, 2025, and will stop returning it entirely on November 21, 2025. This attribute will be removed in a future major version. (#​44090)

FEATURES:

  • New Resource: aws_cognito_managed_login_branding (#​43817)

ENHANCEMENTS:

  • data-source/aws_efs_mount_target: Add ip_address_type and ipv6_address attributes (#​44079)
  • data-source/aws_instance: Add placement_group_id attribute (#​38527)
  • data-source/aws_lambda_function: Add source_kms_key_arn attribute (#​44080)
  • data-source/aws_launch_template: Add placement.group_id attribute (#​44097)
  • provider: Support ap-southeast-6 as a valid AWS Region (#​44127)
  • resource/aws_ecs_service: Remove Terraform default for availability_zone_rebalancing and change the attribute to Optional and Computed. This allow ECS to default to ENABLED for new resources compatible with AvailabilityZoneRebalancing and maintain an existing service's availability_zone_rebalancing value during update when not configured. If an existing service never had an availability_zone_rebalancing value configured and is updated, ECS will treat this as DISABLED (#​43241)
  • resource/aws_efs_mount_target: Add ip_address_type and ipv6_address arguments to support IPv6 connectivity (#​44079)
  • resource/aws_fsx_openzfs_file_system: Remove maximum items limit on the user_and_group_quotas argument (#​44120)
  • resource/aws_fsx_openzfs_volume: Remove maximum items limit on the user_and_group_quotas argument (#​44118)
  • resource/aws_instance: Add placement_group_id argument (#​38527)
  • resource/aws_instance: Add resource identity support (#​44068)
  • resource/aws_lambda_function: Add source_kms_key_arn argument (#​44080)
  • resource/aws_launch_template: Add placement.group_id argument (#​44097)
  • resource/aws_ssm_association: Add resource identity support (#​44075)
  • resource/aws_ssm_document: Add resource identity support (#​44075)
  • resource/aws_ssm_maintenance_window: Add resource identity support (#​44075)
  • resource/aws_ssm_maintenance_window_target: Add resource identity support (#​44075)
  • resource/aws_ssm_maintenance_window_task: Add resource identity support (#​44075)
  • resource/aws_ssm_patch_baseline: Add resource identity support (#​44075)
  • resource/aws_synthetics_canary: Add run_config.ephemeral_storage argument. (#​44105)

BUG FIXES:

  • resource/aws_s3tables_table_policy: Remove plan-time validation of name and namespace (#​44072)
  • resource/aws_servicecatalog_provisioned_product: Set provisioning_parameters and provisioning_artifact_id to the values from the last successful deployment when update fails (#​43956)
  • resource/aws_wafv2_web_acl: Fix performance of update when the WebACL has a large number of rules (#​42740)

v6.11.0

Compare Source

FEATURES:

  • New Resource: aws_timestreaminfluxdb_db_cluster (#​42382)
  • New Resource: aws_workspacesweb_browser_settings_association (#​43735)
  • New Resource: aws_workspacesweb_data_protection_settings_association (#​43773)
  • New Resource: aws_workspacesweb_identity_provider (#​43729)
  • New Resource: aws_workspacesweb_ip_access_settings_association (#​43774)
  • New Resource: aws_workspacesweb_network_settings_association (#​43775)
  • New Resource: aws_workspacesweb_portal (#​43444)
  • New Resource: aws_workspacesweb_session_logger (#​43863)
  • New Resource: aws_workspacesweb_session_logger_association (#​43866)
  • New Resource: aws_workspacesweb_trust_store (#​43408)
  • New Resource: aws_workspacesweb_trust_store_association (#​43778)
  • New Resource: aws_workspacesweb_user_access_logging_settings_association (#​43776)
  • New Resource: aws_workspacesweb_user_settings_association (#​43777)

ENHANCEMENTS:

  • data-source/aws_ec2_client_vpn_endpoint: Add endpoint_ip_address_type and traffic_ip_address_type attributes (#​44059)
  • data-source/aws_network_interface: Add attachment.network_card_index attribute (#​42188)
  • data-source/aws_sesv2_email_identity: Add verification_status attribute (#​44045)
  • data-source/aws_signer_signing_profile: Add signing_material and signing_parameters attributes (#​43921)
  • data-source/aws_vpc_ipam: Add metered_account attribute (#​43967)
  • resource/aws_datazone_domain: Add domain_version and service_role arguments to support V2 domains (#​44042)
  • resource/aws_dlm_lifecycle_policy: Add copy_tags, create_interval, exclusions, extend_deletion, policy_language, resource_type and retain_interval attributes to policy_details configuration block (#​41055)
  • resource/aws_dlm_lifecycle_policy: Add default_policy argument (#​41055)
  • resource/aws_dlm_lifecycle_policy: Add policy_details.create_rule.scripts argument (#​41055)
  • resource/aws_dlm_lifecycle_policy: Add policy_details.schedule.cross_region_copy_rule.target_region argument (#​33796)
  • resource/aws_dlm_lifecycle_policy: Make policy_details.schedule.cross_region_copy_rule.target optional (#​33796)
  • resource/aws_dlm_lifecycle_policy:Add policy_details.schedule.archive_rule argument (#​41055)
  • resource/aws_dynamodb_contributor_insights: Add mode argument in support of CloudWatch contributor insights modes (#​43914)
  • resource/aws_ec2_client_vpn_endpoint: Add endpoint_ip_address_type and traffic_ip_address_type arguments to support IPv6 connectivity in Client VPN (#​44059)
  • resource/aws_ec2_client_vpn_endpoint: Make client_cidr_block optional (#​44059)
  • resource/aws_ecr_lifecycle_policy: Add resource identity support (#​44041)
  • resource/aws_ecr_repository: Add resource identity support (#​44041)
  • resource/aws_ecr_repository_policy: Add resource identity support (#​44041)
  • resource/aws_ecs_service: Add sigint_rollback argument (#​43986)
  • resource/aws_ecs_service: Change deployment_configuration to Optional and Computed (#​43986)
  • resource/aws_eks_cluster: Allow remote_network_config to be updated in-place, enabling support for EKS hybrid nodes on existing clusters (#​42928)
  • resource/aws_elasticache_global_replication_group: Change engine to Optional and Computed (#​42636)
  • resource/aws_inspector2_filter: Support code_repository_project_name, code_repository_provider_type, ecr_image_in_use_count, and ecr_image_last_in_use_at in filter_criteria (#​43950)
  • resource/aws_iot_thing_principal_attachment: Add thing_principal_type argument (#​43916)
  • resource/aws_kms_alias: Add resource identity support (#​44025)
  • resource/aws_kms_external_key: Add key_spec argument (#​44011)
  • resource/aws_kms_external_key: Change key_usage to Optional and Computed (#​44011)
  • resource/aws_kms_key: Add resource identity support (#​44025)
  • resource/aws_lb: Add secondary_ips_auto_assigned_per_subnet argument for Network Load Balancers (#​43699)
  • resource/aws_mwaa_environment: Add worker_replacement_strategy argument (#​43946)
  • resource/aws_network_interface: Add attachment.network_card_index argument (#​42188)
  • resource/aws_network_interface_attachment: Add network_card_index argument (#​42188)
  • resource/aws_route53_resolver_rule: Add resource identity support (#​44048)
  • resource/aws_route53_resolver_rule_association: Add resource identity support (#​44048)
  • resource/aws_route: Add resource identity support (#​43910)
  • resource/aws_route_table: Add resource identity support (#​43990)
  • resource/aws_s3_bucket_acl: Add resource identity support (#​44043)
  • resource/aws_s3_bucket_cors_configuration: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_logging: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_notification: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_ownership_controls: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_policy: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_public_access_block: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_server_side_encryption_configuration: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_versioning: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_website_configuration: Add resource identity support (#​43976)
  • resource/aws_s3tables_table_bucket: Add force_destroy argument (#​43922)
  • resource/aws_secretsmanager_secret_version: Add resource identity support (#​44031)
  • resource/aws_sesv2_email_identity: Add verification_status attribute (#​44045)
  • resource/aws_signer_signing_profile: Add signing_parameters argument (#​43921)
  • resource/aws_synthetics_canary: Add vpc_config.ipv6_allowed_for_dual_stack argument (#​43989)
  • resource/aws_vpc_ipam: Add metered_account argument (#​43967)

BUG FIXES:

  • data-source/aws_glue_catalog_table: Add partition_keys.parameters attribute (#​26702)
  • resource/aws_cognito_user_pool: Fixed to accept an empty email_mfa_configuration block (#​43926)
  • resource/aws_db_instance: Fixes the behavior when modifying database_insights_mode when using custom KMS key (#​44050)
  • resource/aws_dx_hosted_connection: Fix DescribeHostedConnections failed for connection dxcon-xxxx doesn't exist by pointing to the correct connection ID when doing the describe. (#​43499)
  • resource/aws_glue_catalog_table: Add partition_keys.parameters argument, fixing Invalid address to set: []string{"partition_keys", "0", "parameters"} errors (#​26702)
  • resource/aws_imagebuilder_image_recipe: Increase upper limit of block_device_mapping.ebs.iops from 10000 to 100000 (#​43981)
  • resource/aws_nat_gateway: Fix inconsistent final plan for secondary_private_ip_addresses (#​43708)
  • resource/aws_spot_instance_request: Change network_interface.network_card_index to Computed (#​38336)
  • resource/aws_timestreaminfluxdb_db_instance: Fix tag-only update errors (#​42382)
  • resource/aws_wafv2_web_acl: Add missing flattening of name in response_inspection.header blocks for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet to avoid persistent plan diffs (#​44032)

v6.10.0

Compare Source

NOTES:

  • resource/aws_instance: The network_interface block has been deprecated. Use primary_network_interface for the primary network interface and aws_network_interface_attachment resources for other network interfaces. (#​43953)
  • resource/aws_spot_instance_request: The network_interface block has been deprecated. Use primary_network_interface for the primary network interface and aws_network_interface_attachment resources for other network interfaces. (#​43953)

ENHANCEMENTS:

  • data-source/aws_ecr_repository: Add image_tag_mutability_exclusion_filter attribute (#​43886)
  • data-source/aws_ecr_repository_creation_template: Add image_tag_mutability_exclusion_filter attribute (#​43886)
  • resource/aws_cloudwatch_event_target: Add resource identity support (#​43984)
  • resource/aws_ecr_repository_creation_template: Add image_tag_mutability_exclusion_filter configuration block (#​43886)
  • resource/aws_glue_job: Support G.12X, G.16X, R.1X, R.2X, R.4X, and R.8X as valid values for worker_type (#​43988)
  • resource/aws_lambda_permission: Add resource identity support (#​43954)
  • resource/aws_lightsail_static_ip_attachment: Support resource import (#​43874)
  • resource/aws_s3_bucket_cors_configuration: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_logging: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_notification: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_ownership_controls: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_policy: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_public_access_block: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_server_side_encryption_configuration: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_versioning: Add resource identity support (#​43976)
  • resource/aws_s3_bucket_website_configuration: Add resource identity support (#​43976)
  • resource/aws_secretsmanager_secret: Add resource identity support (#​43872)
  • resource/aws_secretsmanager_secret_policy: Add resource identity support (#​43872)
  • resource/aws_secretsmanager_secret_rotation: Add resource identity support (#​43872)
  • resource/aws_sqs_queue: Add resource identity support (#​43918)
  • resource/aws_sqs_queue_policy: Add resource identity support (#​43918)
  • resource/aws_sqs_queue_redrive_allow_policy: Add resource identity support (#​43918)
  • resource/aws_sqs_queue_redrive_policy: Add resource identity support (#​43918)

BUG FIXES:

  • resource/aws_batch_compute_environment: Allow in-place updates of compute environments that have the SPOT_PRICE_CAPACITY_OPTIMIZED strategy (#​40148)
  • resource/aws_imagebuilder_lifecycle_policy: Fix Provider produced inconsistent result after apply error when policy_detail.exclusion_rules.amis.is_public is omitted (#​43925)
  • resource/aws_instance: Adds primary_network_interface to allow importing resources with custom primary network interface. (#​43953)
  • resource/aws_rds_cluster: Fixes the behavior when enabling database_insights_mode="advanced" without changing performance insights retention window (#​43919)
  • resource/aws_rds_cluster: Fixes the behavior when modifying database_insights_mode when using custom KMS key (#​43942)
  • resource/aws_spot_instance_request: Adds primary_network_interface to allow importing resources with custom primary network interface. (#​43953)

v6.9.0

Compare Source

FEATURES:

  • New Resource: aws_appsync_api (#​43787)
  • New Resource: aws_appsync_channel_namespace (#​43787)

ENHANCEMENTS:

  • data-source/aws_eks_cluster: Add deletion_protection attribute (#​43779)
  • resource/aws_cloudwatch_event_rule: Add resource identity support (#​43758)
  • resource/aws_cloudwatch_metric_alarm: Add resource identity support (#​43759)
  • resource/aws_dynamodb_table: Add replica.deletion_protection_enabled argument (#​43240)
  • resource/aws_eks_cluster: Add deletion_protection argument (#​43779)
  • resource/aws_lambda_function: Add resource identity support (#​43821)
  • resource/aws_sns_topic_data_protection_policy: Add resource identity support (#​43830)
  • resource/aws_sns_topic_policy: Add resource identity support (#​43830)
  • resource/aws_sns_topic_subscription: Add resource identity support (#​43830)
  • resource/aws_subnet: Add resource identity support (#​43833)

BUG FIXES:

  • data-source/aws_lambda_function: Fix missing value for reserved_concurrent_executions attribute when a published version exists. This functionality requires the lambda:GetFunctionConcurrency IAM permission (#​43753)
  • data-source/aws_networkfirewall_firewall_policy: Add missing schema definition for firewall_policy.stateful_engine_options.flow_timeouts (#​43852)
  • resource/aws_cognito_risk_configuration: Make account_takeover_risk_configuration.notify_configuration optional (#​33624)
  • resource/aws_ecs_service: Fix tagging failure after upgrading to v6 provider (#​43816)
  • resource/aws_ecs_service: Fix refreshing service_connect_configuration when deleted outside of Terraform (#​43871)
  • resource/aws_lambda_function: Fix missing value for reserved_concurrent_executions attribute when a published version exists. This functionality requires the lambda:GetFunctionConcurrency IAM permission (#​43753)
  • resource/aws_s3tables_table: Fix runtime error: invalid memory address or nil pointer dereference panics when GetTableMaintenanceConfiguration returns an error (#​43764)
  • resource/aws_sagemaker_user_profile: Fix incomplete regex for user_profile_name (#​43807)
  • resource/aws_servicequotas_service_quota: Add validation, during create, to check if new value is less than current value of quota (#​43545)
  • resource/aws_storagegateway_gateway: Handle InvalidGatewayRequestException: The specified gateway is not connected errors during Read by using the ListGateways API to return minimal information about a disconnected gateway. This functionality requires the storagegateway:ListGateways IAM permission (#​43819)
  • resource/aws_vpc_ipam_pool_cidr: Fix netmask_length not being saved and diffed correctly (#​43262)

v6.8.0

Compare Source

FEATURES:

  • New Resource: aws_networkfirewall_vpc_endpoint_association (#​43675)
  • New Resource: aws_quicksight_custom_permissions (#​43613)
  • New Resource: aws_quicksight_role_custom_permission (#​43613)
  • New Resource: aws_quicksight_user_custom_permission (#​43613)
  • New Resource: aws_wafv2_web_acl_rule_group_association (#​43561)

ENHANCEMENTS:

  • data-source/aws_quicksight_user: Add custom_permissions_name attribute (#​43613)
  • data-source/aws_wafv2_web_acl: Add resource_arn argument to enable finding web ACLs by resource ARN (#​43597)
  • data-source/aws_wafv2_web_acl: Add support for CLOUDFRONT scope web ACLs using resource_arn (#​43597)
  • resource/aws_bedrock_guardrail: Add input_action, output_action, input_enabled, and output_enabled attributes to sensitive_information_policy_config.pii_entities_config and sensitive_information_policy_config.regexes_config configuration blocks (#​43702)
  • resource/aws_cloudwatch_log_group: Add resource identity support (#​43719)
  • resource/aws_computeoptimizer_recommendation_preferences: Add AuroraDBClusterStorage as a valid resource_type (#​43677)
  • resource/aws_docdb_cluster: Add serverless_v2_scaling_configuration argument in support of Amazon DocumentDB serverless (#​43667)
  • resource/aws_ecr_repository: Add image_tag_mutability_exclusion_filter argument (#​43642)
  • resource/aws_ecr_repository: Support IMMUTABLE_WITH_EXCLUSION and MUTABLE_WITH_EXCLUSION as valid values for image_tag_mutability (#​43642)
  • resource/aws_inspector2_enabler: Support resource import (#​43673)
  • resource/aws_instance: Adds force_destroy argument that allows destruction even when disable_api_termination and disable_api_stop are true (#​43722)
  • resource/aws_ivs_channel: Add resource identity support (#​43704)
  • resource/aws_ivs_playback_key_pair: Add resource identity support (#​43704)
  • resource/aws_ivs_recording_configuration: Add resource identity support (#​43704)
  • resource/aws_ivschat_logging_configuration: Add resource identity support (#​43697)
  • resource/aws_ivschat_room: Add resource identity support (#​43697)
  • resource/aws_kinesis_firehose_delivery_stream: Add iceberg_configuration.append_only argument (#​43647)
  • resource/aws_lightsail_static_ip: Support resource import (#​43672)
  • resource/aws_opensearch_domain_policy: Support resource import (#​43674)
  • resource/aws_quicksight_user: Add plan-time validation of iam_arn (#​43613)
  • resource/aws_quicksight_user: Change user_name to Optional and Computed (#​43613)
  • resource/aws_quicksight_user: Support IAM_IDENTITY_CENTER as a valid value for identity_type (#​43613)
  • resource/aws_quicksight_user: Support RESTRICTED_AUTHOR and RESTRICTED_READER as valid values for user_role (#​43613)
  • resource/aws_security_group: Add parameterized resource identity support (#​43744)
  • resource/aws_sqs_queue: Increase upper limit of max_message_size from 256 KiB to 1024 KiB (#​43710)
  • resource/aws_ssm_parameter: Add resource identity support (#​43736)

BUG FIXES:

  • ephemeral-resource/aws_lambda_invocation: Fix plan inconsistency issue due to improperly assigned payload values (#​43676)
  • provider: Fix failure to detect resources deleted outside of Terraform as missing for numerous resource types (#​43659)
  • resource/aws_batch_compute_environment: Fix inconsistent final plan error when compute_resource.launch_template.version is unknown during an update (#​43337)
  • resource/aws_bedrockagent_flow: Prevent created_at becoming null on Update (#​43654)
  • resource/aws_ec2_managed_prefix_list: Fix PrefixListVersionMismatch: The prefix list has the incorrect version number errors when updating entry description (#​43661)
  • resource/aws_fsx_lustre_file_system: Fix validation of SSD read cache size for file systems using the Intelligent-Tiering storage class (#​43605)
  • resource/aws_instance: Prevent destruction of resource when disable_api_termination is true (#​43722)
  • resource/aws_kms_key: Restore pre-v6.3.0 retry delay behavior when waiting for continuous target state occurrences. This fixes certain tag update timeouts (#​43716)
  • resource/aws_s3tables_table_bucket: Fix crash on maintenance_configuration read failure (#​43707)
  • resource/aws_sagemaker_image: Fix image_name regular expression validation (#​43751)
  • resource/aws_timestreaminfluxdb_db_instance: Don't mark network_type as ForceNew if the value is not configured. This fixes a problem with terraform apply -refresh=false after upgrade from v5.90.0 and below (#​43534)
  • resource/aws_wafv2_regex_pattern_set: Remove maximum items limit on the regular_expression argument (#​43693)

v6.7.0

Compare Source

FEATURES:

  • New Resource: aws_quicksight_ip_restriction (#​43596)
  • New Resource: aws_quicksight_key_registration (#​43587)

ENHANCEMENTS:

  • data-source/aws_codebuild_fleet: Add instance_type attribute in compute_configuration block (#​43449)
  • data-source/aws_ebs_volume: Add volume_initialization_rate attribute (#​43565)
  • data-source/aws_ecs_service: Support load_balancer attribute (#​43582)
  • data-source/aws_s3_access_point: Add tags attribute. This functionality requires the s3:ListTagsForResource IAM permission with S3 Access Points for general purpose buckets and the s3express:ListTagsForResource IAM permission with S3 Access Points for directory buckets (#​43630)
  • data-source/aws_verifiedpermissions_policy_store: Add deletion_protection attribute (#​43452)
  • resource/aws_athena_workgroup: Add configuration.identity_center_configuration argument (#​38717)
  • resource/aws_cleanrooms_collaboration: Add analytics_engine argument (#​43614)
  • resource/aws_codebuild_fleet: Add instance_type argument in compute_configuration block to support custom instance types (#​43449)
  • resource/aws_ebs_volume: Add volume_initialization_rate argument (#​43565)
  • resource/aws_s3_access_point: Add tags argument and tags_all attribute. This functionality requires the s3:ListTagsForResource, s3:TagResource, and s3:UntagResource IAM permissions with S3 Access Points for general purpose buckets and the s3express:ListTagsForResource, s3express:TagResource, and s3express:UntagResource IAM permissions with S3 Access Points for directory buckets (#​43630)
  • resource/aws_verifiedpermissions_policy_store: Add deletion_protection argument (#​43452)

BUG FIXES:

  • resource/aws_bedrockagent_flow: Fix missing required field, CreateFlowInput.Definition.Nodes[0].Configuration[prompt].SourceConfiguration[resource].PromptArn errors on Create (#​43595)
  • resource/aws_s3_bucket: Accept NoSuchTagSetError responses from S3-compatible services (#​43589)
  • resource/aws_s3_object: Accept NoSuchTagSetError responses from S3-compatible services (#​43589)
  • resource/aws_servicequotas_service_quota: Fix error when updating a pending service quota request (#​43606)
  • resource/aws_ssm_parameter: Fix Provider produced inconsistent final plan errors when changing from using value to using value_wo (#​42877)
  • resource/aws_ssm_parameter: Fix version not being updated when description changes (#​42595)

v6.6.0

Compare Source

FEATURES:

  • New Resource: aws_connect_phone_number_contact_flow_association (#​43557)
  • New Resource: aws_nat_gateway_eip_association (#​42591)

ENHANCEMENTS:

  • data-source/aws_cloudwatch_event_bus: Add log_config attribute (#​43453)
  • data-source/aws_ssm_patch_baseline: Add available_security_updates_compliance_status argument (#​43560)
  • feature/aws_bedrock_guardrail: Add cross_region_config, content_policy_config.tier_config, and topic_policy_config.tier_config arguments (#​43517)
  • resource/aws_athena_database: Add workgroup argument (#​36628)
  • resource/aws_batch_compute_environment: Add compute_resources.ec2_configuration.image_kubernetes_version argument (#​43454)
  • resource/aws_cloudwatch_event_bus: Add log_config argument (#​43453)
  • resource/aws_cognito_resource_server: Allow name to be updated in-place (#​41702)
  • resource/aws_cognito_user_pool: Allow name to be updated in-place (#​42639)
  • resource/aws_globalaccelerator_custom_routing_endpoint_group: Add resource identity support (#​43539)
  • resource/aws_globalaccelerator_custom_routing_listener: Add resource identity support (#​43539)
  • resource/aws_globalaccelerator_endpoint_group: Add resource identity support (#​43539)
  • resource/aws_globalaccelerator_listener: Add resource identity support (#​43539)
  • resource/aws_imagebuilder_container_recipe: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_distribution_configuration: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_image: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_image_pipeline: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_image_recipe: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_infrastructure_configuration: Add resource identity support (#​43540)
  • resource/aws_imagebuilder_workflow: Add resource identity support (#​43540)
  • resource/aws_inspector_assessment_target: Add resource identity support (#​43542)
  • resource/aws_inspector_assessment_template: Add resource identity support (#​43542)
  • resource/aws_inspector_resource_group: Add resource identity support (#​43542)
  • resource/aws_nat_gateway: Change secondary_allocation_ids to Optional and Computed (#​42591)
  • resource/aws_ssm_patch_baseline: Add available_security_updates_compliance_status argument (#​43560)
  • resource/aws_ssm_service_setting: Support short format (with /ssm/ prefix) for setting_id (#​43562)

BUG FIXES:

  • resource/aws_appsync_api_cache: Fix "missing required field" error during update (#​43523)
  • resource/aws_cloudwatch_log_delivery_destination: Fix update failure when tags are set (#​43576)
  • resource/aws_ecs_service: Fix unspecified test_listener_rule incorrectly being set as empty string in load_balancer.advanced_configuration block (#​43558)

v6.5.0

Compare Source

NOTES:

  • resource/aws_cognito_log_delivery_configuration: Because we cannot easily test all this functionality, it is best effort and we ask for community help in testing (#​43396)
  • resource/aws_ecs_service: Acceptance tests cannot fully reproduce scenarios with deployments older than 3 months. Community feedback on this fix is appreciated, particularly for long-running ECS services with in-place updates (#​43502)

FEATURES:

  • New Data Source: aws_ecr_images (#​42577)
  • New Resource: aws_cognito_log_delivery_configuration (#​43396)
  • New Resource: aws_networkfirewall_firewall_transit_gateway_attachment_accepter (#​43430)
  • New Resource: aws_s3_bucket_metadata_configuration (#​41364)

ENHANCEMENTS:

  • data-source/aws_dms_endpoint: Add postgres_settings.authentication_method and postgres_settings.service_access_role_arn attributes (#​43440)
  • data-source/aws_networkfirewall_firewall: Add availability_zone_change_protection, availability_zone_mapping, firewall_status.sync_states.attachment.status_message, firewall_status.transit_gateway_attachment_sync_states, transit_gateway_id, and transit_gateway_owner_account_id attributes (#​43430)
  • resource/aws_alb_listener: Add resource identity support (#​43161)
  • resource/aws_alb_listener_rule: Add resource identity support (#​43155)
  • resource/aws_alb_target_group: Add resource identity support (#​43171)
  • resource/aws_dms_endpoint: Add oracle_settings configuration block for authentication method (#​43125)
  • resource/aws_dms_endpoint: Add postgres_settings.authentication_method and postgres_settings.service_access_role_arn arguments (#​43440)
  • resource/aws_dms_endpoint: Add plan-time validation of postgres_settings.database_mode, postgres_settings.map_long_varchar_as, and postgres_settings.plugin_name arguments (#​43440)
  • resource/aws_dms_replication_instance: Add dns_name_servers attribute and kerberos_authentication_settings configuration block for Kerberos authentication settings (#​43125)
  • resource/aws_dx_gateway_association: Add transit_gateway_attachment_id attribute. This functionality requires the ec2:DescribeTransitGatewayAttachments IAM permission (#​43436)
  • resource/aws_globalaccelerator_accelerator: Add resource identity support (#​43200)
  • resource/aws_globalaccelerator_custom_routing_accelerator: Add resource identity support (#​43423)
  • resource/aws_glue_registry: Add resource identity support (#​43450)
  • resource/aws_glue_schema: Add resource identity support (#​43450)
  • resource/aws_iam_openid_connect_provider: Add resource identity support (#​43503)
  • resource/aws_iam_policy: Add resource identity support (#​43503)
  • resource/aws_iam_saml_provider: Add resource identity support (#​43503)
  • resource/aws_iam_service_linked_role: Add resource identity support (#​43503)
  • resource/aws_inspector2_enabler: Support CODE_REPOSITORY as a valid value for resource_types (#​43525)
  • resource/aws_inspector2_organization_configuration: Add auto_enable.code_repository argument (#​43525)
  • resource/aws_lb_listener: Add resource identity support (#​43161)
  • resource/aws_lb_listener_rule: Add resource identity support (#​43155)
  • resource/aws_lb_target_group: Add resource identity support (#​43171)
  • resource/aws_lb_trust_store: Add resource identity support (#​43186)
  • resource/aws_networkfirewall_firewall: Add availability_zone_change_protection, availability_zone_mapping, and transit_gateway_id arguments and firewall_status.transit_gateway_attachment_sync_states and transit_gateway_owner_account_id attributes ([#​43430](https://redirect.githu

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Assets 2
Loading