v5.0.0

KNOWN ISSUES:

• Updating some resources post-upgrade results in an error like "The update_mask in the Update{{Resource}}Request must be set". This should be resolved in 5.1.0, see hashicorp/terraform-provider-google#16091 for details.

Terraform Google Provider 5.0.0 Upgrade Guide

NOTES:

• provider: some provider default values are now shown at plan-time (#6188)

LABELS REWORK:

• provider: default labels configured on the provider through the new default_labels field are now supported. The default labels configured on the provider will be applied to all of the resources with standard labels field.
• provider: resources with labels - three label-related fields are now in all of the resources with standard labels field. labels field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-only terraform_labels field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-only effective_labels field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.
• provider: resources with annotations - two annotation-related fields are now in all of the resources with standard annotations field. The annotations field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-only effective_annotations field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.
• provider: datasources with labels - three fields labels, terraform_labels, and effective_labels are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent to effective_labels on the resource.
• provider: datasources with annotations - both annotations and effective_annotations are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent to effective_annotations on the resource.

BREAKING CHANGES:

• provider: added provider-level validation so these fields are not set as empty strings in a user's config: credentials, access_token, impersonate_service_account, project, billing_project, region, zone (#6358)
• provider: fixed many import functions throughout the provider that matched a subset of the provided input when possible. Now, the GCP resource id supplied to "terraform import" must match exactly. (#6364)
• provider: made data sources return errors on 404s when applicable instead of silently failing (#6241)
• provider: made empty strings in the provider configuration block no longer be ignored when configuring the provider (#6358)
• accesscontextmanager: changed multiple array fields to sets where appropriate to prevent duplicates and fix diffs caused by server side reordering. (#6217)
• bigquery: added more input validations for google_bigquery_table schema (#5975)
• bigquery: made routine_type required for google_bigquery_routine (#6080)
• cloudfunction2: made location required on google_cloudfunctions2_function (#6260)
• cloudiot: removed deprecated datasource google_cloudiot_registry_iam_policy (#6206)
• cloudiot: removed deprecated resource google_cloudiot_device (#6206)
• cloudiot: removed deprecated resource google_cloudiot_registry (#6206)
• cloudiot: removed deprecated resource google_cloudiot_registry_iam_* (#6206)
• cloudrunv2: removed deprecated field liveness_probe.tcp_socket from google_cloud_run_v2_service resource. (#6029)
• cloudrunv2: removed deprecated fields startup_probe and liveness_probe from google_cloud_run_v2_job resource. (#6029)
• cloudrunv2: retyped volumes.cloud_sql_instance.instances to SET from ARRAY for google_cloud_run_v2_service (#6261)
• compute: made google_compute_node_group require one of initial_size or autoscaling_policy fields configured upon resource creation (#6384)
• compute: made size in google_compute_node_group an output only field. (#6384)
• compute: removed default value for rule.rate_limit_options.encorce_on_key on resource google_compute_security_policy (#6174)
• compute: retyped consumer_accept_lists to a SET from an ARRAY type for google_compute_service_attachment (#6369)
• container: added deletion_protection to google_container_cluster which is enabled to true by default. When enabled, this field prevents Terraform from deleting the resource. (#6391)
• container: changed management.auto_repair and management.auto_upgrade defaults to true in google_container_node_pool (#6329)
• container: changed networking_mode default to VPC_NATIVE for newly created google_container_cluster resources (#6402)
• container: removed enable_binary_authorization in google_container_cluster (#6285)
• container: removed default for logging_variant in google_container_node_pool (#6329)
• container: removed default value in network_policy.provider in google_container_cluster (#6323)
• container: removed the behaviour that google_container_cluster will delete the cluster if it's created in an error state. Instead, it will mark the cluster as tainted, allowing manual inspection and intervention. To proceed with deletion, run another terraform apply. (#6301)
• container: reworked the taint field in google_container_cluster and google_container_node_pool to only manage a subset of taint keys based on those already in state. Most existing resources are unaffected, unless they use sandbox_config- see upgrade guide for details. (#6351)
• dataplex: removed data_profile_result and data_quality_result from google_dataplex_scan (#6070)
• firebase: changed deletion_policy default to DELETE for google_firebase_web_app. (#6018)
• firebase: removed google_firebase_project_location (#6223)
• gameservices: removed Terraform support for gameservices (#6112)
• logging: changed the default value of unique_writer_identity from false to true in google_logging_project_sink. (#6210)
• logging: made growth_factor, num_finite_buckets, and scale required for google_logging_metric (#6173)
• looker: removed LOOKER_MODELER as a possible value in google_looker_instance.platform_edition (#6349)
• monitoring: fixed perma-diffs in google_monitoring_dashboard.dashboard_json by suppressing values returned by the API that are not in configuration (#6392)
• monitoring: made labels immutable in google_monitoring_metric_descriptor (#6372)
• privateca: removed deprecated fields config_values, pem_certificates from google_privateca_certificate (#6097)
• secretmanager: removed automatic field in `google_secret_m...

v4.84.0

DEPRECATIONS:

• alloydb: deprecated network field in favor of network_config on google_alloydb_cluster. (#6297)
• identityplayform: deprecated google_identity_platform_project_default_config resource. Use google_identity_platform_config resource instead (#6293)

FEATURES:

• New Data Source: google_certificate_manager_certificate_map (#6316)
• New Resource: google_artifact_registry_vpcsc_config (#6265)
• New Resource: google_dialogflow_cx_security_settings (#6300)
• New Resource: google_gke_backup_restore_plan (#6278)
• New Resource: google_scc_project_custom_module (#6315)
• New Resource: google_tpu_v2_vm (#6264)
• New Resource: google_edgenetwork_network (#6305)
• New Resource: google_edgenetwork_subnet (#6305)

IMPROVEMENTS:

• alloydb: added network_config field to support named IP ranges on google_alloydb_cluster. (#6297)
• cloudrunv2: added fields network_interfaces to resource google_cloud_run_v2_job to support Direct VPC egress. (#6287)
• cloudrunv2: added fields network_interfaces to resource google_cloud_run_v2_service to support Direct VPC egress. (#6287)
• compute: updated the autoscaling_policy.mode to accept ONLY_SCALE_OUT on google_compute_autoscaler (#6304)
• compute: added server_tls_policy argument to google_compute_target_https_proxy resource (#6269)
• compute: added member attribute to google_compute_default_service_account datasource (#6311)
• compute: added output field internal_ipv6_prefix to google_compute_subnetwork resource (#6306)
• container: added node_config.fast_socket field to google_container_node_pool (#6289)
• containeraws: added support for auto_repair in google_container_aws_node_pool (#6282)
• containerazure: added support for auto_repair in google_container_azure_node_pool (#6282)
• filestore: added support for the "ZONAL" value to tier in google_filestore_instance (#6303)
• firestore: added delete_protection_state field to google_firestore_database resource. (#6295)
• identityplatform: added sign-in field to google_identity_platform_config resource (#6293)
• networkconnectivity: added support for linked_vpc_network in google_network_connectivity_spoke (#6282)
• networkservices: increased default timeout for google_network_services_edge_cache_origin to 120m from 60m (#6275)
• networkservices: increased default timeout for google_network_services_edge_cache_service to 60m from 30m (#6281)
• secretmanager: added is_secret_data_base64 field to google_secret_manager_secret_version resource (#6273)
• workstations: added env field to google_workstations_workstation resource (#6258)

BUG FIXES:

• bigquery: updated documentation for google_bigquery_table.time_partitioning.expiration_ms (#6290)
• bigtable: added a read timeout to google_bigtable_instance (#6276)
• bigtable: improved regional reliability when instance overlaps a downed region in the resource google_bigtable_instance (#6313)
• eventarc: resolved permadiff on google_eventarc_trigger.event_data_content_type by defaulting to the value returned by the API if not set in the configuration. (#6282)
• identityplatform: fixed a potential perma-diff for sign_in in google_identity_platform_config resource (#6317)
• monitoring: fixed scaling issues when deploying terraform changes with many google_monitoring_monitored_project (#6259)
• monitoring: fixed validation of service_id on google_monitoring_custom_service and slo_id on google_monitoring_slo (#6266)
• osconfig: fixed no more than one setting is allowed under patch_config.windows_update on google_os_config_patch_deployment (#6314)
• provider: addressed a bug where configuring the provider with unknown values did not behave as expected (#6312)
• provider: fixed the provider so it resumes ignoring empty strings set in the provider block (#6268)
• secretmanager: replaced the panic block with an error in import function of google_secret_manager_secret_version resource (#6296)
• secretmanager: fixed an issue in google_secretmanager_secret where replacing replication.automatic with replication.auto would destroy and recreate the resource (#6325)

v4.83.0

DEPRECATIONS:

• secretmanager: deprecated automatic field on google_secret_manager_secret. Use auto instead. (#6237)

FEATURES:

• New Resource: google_biglake_table (#6205)
• New Resource: google_data_pipeline_pipeline (#6236)
• New Resource: google_dialogflow_cx_test_case (#6249)
• New Resource: google_storage_insights_report_config (#6253)
• New Resource: google_apigee_target_server (#6215)

IMPROVEMENTS:

• bigquery: added allow_non_incremental_definition to google_bigquery_table resource (#6248)
• bigquery: added table_constraints field to google_bigquery_table resource (#6250)
• compute: added internal IPV6 support for google_compute_address and google_compute_instance resources (#6232)
• containerattached: added binary_authorization field to google_container_attached_cluster resource (#6256)
• containeraws: added update support for config.instance_type in container_aws_node_pool (#6282)
• firestore: added point_in_time_recovery_enablement field to google_firestore_database resource (#6239)
• firestore: added update_time and uid fields to google_firestore_database resource (#6257)
• gkehub2: added labels, namespace_labels fields to google_gke_hub_namespace resource (#6202)
• gkehub: added labels fields to google_gke_hub_membership_binding resource (#6216)
• gkehub: added labels fields to google_gke_hub_scope resource (#6243)
• gkeonprem: added upgrade_policy and binary_authorization fields in google_gkeonprem_bare_metal_cluster resource (beta) (#6224)
• gkeonprem: added upgrade_policy field in google_gkeonprem_vmware_cluster resource (beta) (#6224)
• secretmanager: added auto field to google_secret_manager_secret resource (#6237)
• secretmanager: added deletion_policy field to google_secret_manager_secret_version resource (#6252)
• storage: supported in-place update for autoclass field in google_storage_bucket resource (#6233)
• vertexai: added public_endpoint_enabled to google_vertex_ai_index_endpoint (#6208)
• workstations: added env field to google_workstations_workstation resource (beta) (#6258)

BUG FIXES:

• bigquerydatatransfer: fixed a bug when importing location of google_bigquery_data_transfer_config (#6203)
• container: fixed a bug where additional_pod_network_configs was not sent correctly in google_container_node_pool (#6211)
• container: fixed concurrent ops' quota-error to be retriable in google_container_node_pool (#6254)
• eventarc: resolved permadiff on event_content_type in eventarc_trigger, the field will now default to a value returned by the API when not set in configuration (#6282)
• pipeline: fixed issue where certain google_dataflow_job instances would crash the provider (#6255)
• provider: fixed a bug where user_project_override would not be not used correctly when provisioning resources implemented using the plugin framework. Currently there are no resources implemented this way, so no-one should have been impacted. (#6230)
• pubsub: fixed issue where setting no_wrapper.write_metadata to false wasn't passed to the API for google_pubsub_subscription (#6219)
• serviceaccount: added retries for reads after google_service_account creation if 403 Forbidden is returned. (#6221)
• storage: fixed the failure in building a plan when a content value is expected on google_storage_bucket_object_content (#6204

v4.82.0

IMPROVEMENTS:

• compute: added in-place update support for field enable_proxy_protocol in google_compute_service_attachment resource (#6192)
• compute: added in-place update support for field reconcile_connections in google_compute_service_attachment resource (#6187)
• compute: added in-place update support for field allowPscGlobalAccess in google_compute_forwarding_rule resource (#6179)
• container: added additional options for field monitoring_config.enable_components in google_container_cluster resource (#6198)
• gkehub: added labels field to google_gke_hub_scope_rbac_role_binding resource (#6200)
• logging: added in-place update support for field unique_writer_identity in google_logging_project_sink resource (#6193)
• networkconnectivity: added psc_connections.error.details field to google_network_connectivity_service_connection_policy resource (#6197)
• secretmanager: added in-place update support for field replication.user_managed.replicas.customer_managed_encryption in google_secret_manager_secret resource (#6177)

BUG FIXES:

• bigquery: made params.destination_table_name_template and params.data_path immutable as updating these fields if value of data_source_id is amazon_s3 in google_bigquery_data_transfer_config resource (#6195)
• compute: fixed a crash when empty is given to all_instances_config in google_compute_region_instance_group_manager resource (#6191)
• dns: fixed hash function for network_url in google_dns_managed_zone and google_dns_policy resources to make sure that the private DNS zone or DNS policy can be attatched to all of the networks in different projects, even though the network name is the same across of those projects (#6199)
• servicedirectory: made location immutable as updating this field in google_service_directory_namespace resource (#6182)

v4.81.0

FEATURES:

• New Resource: google_biglake_catalog (#6152)
• New Resource: google_redis_cluster (#6158)
• New Resource: google_biglake_database (#6161)
• New Resource: google_compute_network_attachment (#6159)
• New Resource: google_gke_hub_membership_binding (#6170)
• New Resource: google_gke_hub_namespace (#6170)
• New Resource: google_gke_hub_scope (#6170)
• New Resource: google_gke_hub_scope_iam_member (#6170)
• New Resource: google_gke_hub_scope_iam_policy (#6170)
• New Resource: google_gke_hub_membership_binding (#6170)
• New Resource: google_gke_hub_scope_rbac_role_binding (#6170)

IMPROVEMENTS:

• compute: made the field distribution_policy_target_shape of google_compute_region_instance_group_manager not cause recreation of the resource. (#6156)
• container: added enable_fqdn_network_policy field to google_container_cluster (#6157)
• container: added node_config.confidential_compute field to google_container_node_pool resource (#6166)
• datastream: allowed password of google_datastream_connection_profile to be mutable. (#6140)
• dialogflowcx: added response_type, channel, payload, conversation_success, output_audio_text, live_agent_handoff, play_audo, telephony_transfer_call, reprompt_event_handlers, set_parameter_actions, and conditional_cases fields to google_dialogflow_cx_page resource (#6168)
• dialogflowcx: added response_type, channel, payload, conversation_success, output_audio_text, live_agent_handoff, play_audo, telephony_transfer_call, set_parameter_actions, and conditional_cases fields to google_dialogflow_cx_flow resource (#6168)
• iam: added web_sso_config.additional_scopes field to google_iam_workforce_pool_provider resource. (#6145)
• iamworkforcepool: added jwksJson field to WorkforcePoolProvider resource (#6153)
• monitoring: added synthetic_monitor to google_monitoring_uptime_check_config resource (#6148)
• provider: improved error message when resource creation fails to to invalid API response (#6149)

BUG FIXES:

• cloudrunv2: changed template.volumes.secret.items.mode field in google_cloud_run_v2_job resource to a non-required field. (#6154)
• cloudrunv2: changed template.volumes.secret.items.mode field in google_cloud_run_v2_service resource to a non-required field. (#6154)
• filestore: fixed a bug causing permadiff on reserved_ip_range field in google_filestore_instance (#6143)
• identityplatform: fixed a permadiff on authorized_domains in google_identity_platform_config resource (#6137)

v4.80.0

DEPRECATIONS:

• dataplex: deprecated the following google_dataplex_datascan fields: dataProfileResult and dataQualityResult (#6090)
• firebase: deprecated google_firebase_project_location in favor of google_firebase_storage_bucket and google_firestore_database (#6087)

FEATURES:

• New Data Source: google_sql_database_instance_latest_recovery_time (#6109)
• New Resource: google_certificate_manager_trust_config (#6118)
• New Resource: google_compute_region_security_policy_rule (#6086)
• New Resource: google_gke_hub_membership_rbac_role_binding (#6103)
• New Resource: google_iam_deny_policy (ga only) (#6125)
• New Resource: dataform_repository_workflow_config (beta) (#6102)
• New Resource: google_bigquery_bi_reservation (#6088)

IMPROVEMENTS:

• alloydb: added restore_backup_source and restore_continuous_backup_source fields to support restore feature in google_alloydb_cluster resource. (#6129)
• artifactregistry: added cleanup_policies and cleanup_policy_dry_run fields to resource google_artifact_registry_repository (#6117)
• compute: added security_policy field to google_compute_target_instance resource (#6122)
• compute: added support for security_policy field to google_compute_target_pool (#6124)
• compute: added support for user_defined_fields to google_compute_region_security_policy (#6086)
• compute: added support for specifying regional disks for google_compute_instance boot_disk.source (#6132)
• container: added additional_pod_ranges_config field to google_container_cluster resource (#6133)
• dataplex: added fields data_profile_spec.post_scan_actions, data_profile_spec.include_fields and data_profile_spec.exclude_fields (#6104)
• dns: added support for removing the networks block from the configuration in resource google_dns_response_policy (#6111)
• firebase: added api_key_id field to google_firebase_web_app, google_firebase_android_app, and google_firebase_apple_app. (#6127)
• gkeonprem: automatically set ignore_errors to true in google_gkeonprem_bare_metal_admin_cluster delete calls (#6095)
• sql: added psc_config , psc_service_attachment_link, and dns_name fields to google_sql_database_instance (#6119)
• workstations: added enable_nested_virtualization field to google_workstations_workstation_config resource (#6123)

BUG FIXES:

• bigquery: added support to unset policy tags in table schema (#6106)
• bigtable: fixed permadiff in google_bigtable_gc_policy.gc_rules when max_age is specified using increments larger than hours (#6131)
• bigtable: fixed permadiff in google_bigtable_gc_policy.gc_rules when mode is specified (#6131)
• container: updated resource_container_cluster to ignore dns_config diff when enable_autopilot = true (#6108)
• containeraws: allowed config.labels to be updatable in google_container_aws_node_pool (#6120)
• containerazure: added diff suppression for case changes of enum values in google_container_azure_cluster (#6096)

v4.79.0

FEATURES:

• New Resource: google_backup_dr_management_server (#6054)
• New Resource: google_compute_region_security_policy_rule (#6086)

IMPROVEMENTS:

• cloudbuild: added git_file_source.bitbucket_server_config and source_to_build.bitbucket_server_config fields to google_cloudbuild_trigger resource (#6051)
• cloudrunv2: added the following output only fields to google_cloud_run_v2_job and google_cloud_run_v2_service resources: create_time, update_time, delete_time, expire_time, creator and last_modifier (#6067)
• composer: added config.private_environment_config.connection_type field to google_composer_environment resource (#6043)
• compute: added disk.provisioned_iops field to google_compute_instance_template and google_compute_region_instance_template resources (#6071)
• compute: added advanced_options_config.user_ip_request_headers field to google_compute_security_policy resource (#6048)
• compute: added user_defined_fields field to google_compute_region_security_policy resource (#6086)
• databasemigrationservice: added edition field to google_database_migration_service_connection_profile resource (#6074)
• dns: allowed globalL7ilb value for the routing_policy.load_balancer_type field in google_dns_record_set resource (#6084)
• gkeonprem: added control_plane_node.vsphere_config.storage_policy_name and vcenter.storage_policy_name fields to google_gkeonprem_vmware_cluster resource (#6072)
• healthcare: added default_search_handling_strict field to google_healthcare_fhir_store resource (#6078)
• metastore: added scaling_config field to google_dataproc_metastore_service resource (#6052)
• secretmanager: added version_aliases field to google_secret_manager_secret resource (#6058)

BUG FIXES:

• alloydb: fixed a permadiff on google_alloydb_cluster when backup_window, enabled or location fields are unset (#6036)
• containeraws: fixed permadiffs on google_container_aws_cluster and google_container_aws_node_pool resources (#6060)
• dataplex: fixed a bug when importing google_dataplex_datascan after running a job (#6047)
• dns: changed private_visibility_config.networks from required to requiring at least one of private_visibility_config.networks or private_visibility_config.gke_clusters in google_dns_managed_zone resource (#6035)

v4.78.0

FEATURES:

• New Resource: google_billing_project_info (#6015)
• New Resource: google_dataform_repository_release_config (#6009)
• New Resource: google_network_connectivity_service_connection_policy (#6000)

IMPROVEMENTS:

• alloydb: added continuous_backup_config and continuous_backup_info fields to cluster resource (#5996)
• bigquery: added external_data_configuration.file_set_spec_type to google_bigquery_table (#6017)
• bigquery: added max_staleness to google_bigquery_table (#6010)
• billingbudget: added resource_ancestors field to google_billing_budget resource (#6008)
• cloudfunctions2: added support for GCF Gen2 CMEK (#6004)
• cloudidentity: added field type to google_cloud_identity_group_memberships (#6013)
• compute: added subnetwork field to the resource google_compute_global_forwarding_rule (#6026)
• compute: added support for INTERNAL_MANAGED to the field load_balancing_scheme in the resource google_compute_backend_service (#6026)
• compute: added support for INTERNAL_MANAGED to the field load_balancing_scheme in the resource google_compute_global_forwarding_rule (#6026)
• compute: added support for ip_version to google_compute_forwarding_rule (#6006)
• container: marked master_ipv4_cidr_block as not required when private_endpoint_subnetwork is provided for google_container_cluster (#6025)
• container: added support for advanced_datapath_observability_config to google_container_cluster (#6027)
• eventarc: added field event_data_content_type to google_eventarc_trigger (#6032)
• healthcare: added send_previous_resource_on_delete field to notification_configs of google_healthcare_fhir_store (#5999)
• pubsub: added cloud_storage_config field to google_pubsub_subscription resource (#6024)
• secretmanager: added annotations field to google_secret_manager_secret resource (#6007)
• workstations: added private_cluster_config.allowed_projects arguments to google_workstations_workstation_cluster (#6021)

BUG FIXES:

• certificatemanager: added recreation behavior to the google_certificate_manager_certificate resource when its location changes (#6031)
• cloudfunctions2: fixed creation failure state inconsistency in google_cloudfunctions2_function (#6023)
• monitoring: updated evaluation_interval on condition_prometheus_query_language to be optional (#6028)

v4.77.0

NOTES:

• vpcaccess: reverted the ability to update the number of instances for resource google_vpc_access_connector (#5957)

FEATURES:

• New Resource: google_document_ai_warehouse_document_schema (#5965)
• New Resource: google_document_ai_warehouse_location (#5965)

IMPROVEMENTS:

• alloydb: added continuous_backup_config and continuous_backup_info fields to cluster resource (#5996)
• cloudbuild: removed the validation function for the values of machine_type field on the google_cloudbuild_trigger resource (#5985)
• compute: added future_limit in quota exceeded error details for compute resources. (#5982)
• compute: added enable_strong_affinity field to google_compute_region_backend_service (beta) (#5962)
• compute: added ipv6_endpoint_type and ip_version to google_compute_address (#5986)
• compute: added network_interface.ipv6_access_config.external_ipv6_prefix_length to google_compute_instance (#5986)
• compute: added network_interface.ipv6_access_config.name to google_compute_instance (#5986)
• compute: added a new type GLOBAL_MANAGED_PROXY for the field purpose in the resource google_compute_subnetwork (#5981)
• compute: added protocol type: UNSPECIFIED in google_compute_backend_service as per release note (#5967)
• compute: added local_ssd_recovery_timeout field to google_compute_instance resource (#5968)
• compute: added local_ssd_recovery_timeout field to google_compute_instance_template resource (#5968)
• compute: added local_ssd_recovery_timeout field to google_compute_regional_instance_template resource (#5968)
• compute: made network_interface.ipv6_access_config.external_ipv6 configurable in google_compute_instance (#5986)
• container: added enable_k8s_beta_apis.enabled_apis field to google_container_cluster (#5961)
• container: added node_config.host_maintenance_policy field to google_container_cluster and google_container_node_pool (#5983)
• container: added placement_policy.policy_name field to google_container_node_pool resource (#5994)
• container: unsuppressed private_cluster_config when master_global_access_config is set in google_container_cluster (#5995)
• container: allowed enabled_private_endpoint to be settable on creation for PSC-based clusters (#5989)
• gkeonprem: added taint on failed resource creation for google_gkeonprem_bare_metal_admin_cluster (#5990)
• gkeonprem: increased timeout for resources google_gkeonprem_bare_metal_cluster and google_gkeonprem_bare_metal_admin_cluster (#5990)
• identityplayform: added support for blocking_functions quota and authorized_domains in google_identity_platform_config (#5964)
• monitoring: added update support for period in google_monitoring_uptime_check_config (#5959)
• pubsub: added no_wrapper field to google_pubsub_subscription resource (#5972)
• workstations: added accelerators field to google_workstations_workstation_config resource (#5991)

BUG FIXES:

• bigquery: fixed a bug in update support for several fields in google_bigquery_data_transfer_config (#5987)
• cloudfunctions2: fixed an issue where google_cloudfunctions2_function.build_config.source.storage_source.generation created a diff when not set in config (#5992)
• firebasedatabase: fixed empty database_url output attribute (#5988)
• monitoring: fixed an issue in google_monitoring_monitored_project where project numbers were not accepted for name (#5955)
• vpcaccess: reverted new behaviour introduced by resource google_vpc_access_connector in 4.75.0. min_throughput and max_throughput fields lost their default value, and customers could not make deployment due to that change. (#5957)

v4.76.0

FEATURES:

• New Resource: google_dataplex_task (#5914)
• New Resource: google_iap_web_region_backend_service_iam_binding (#5944)
• New Resource: google_iap_web_region_backend_service_iam_member (#5944)
• New Resource: google_iap_web_region_backend_service_iam_policy (#5944)

IMPROVEMENTS:

• compute: added security_policy field to google_compute_region_backend_service resource (#5924)
• cloudrun: added status.traffic output fields to google_cloud_run_service resource (#5943)
• cloudrunv2: added field custom_audiences to resource google_cloud_run_v2_service (#5935)
• composer: added support for updating resilience_mode in google_composer_environment (#5921)
• compute: added reconcile_connections for google_compute_service_attachment. (#5945)
• container : added gcs_fuse_csi_driver_config field to addons_config in google_container_cluster resource. (#5946)
• container: added allow_net_admin field to google_container_cluster resource (#5940)
• container: added multi-NIC network for google_container_cluster and google_container_node_pool. (#5949)
• container: allowed user to set up to 20 maintenance exclusions for google_container_cluster resource (#5947)
• healthcare: added last_updated_partition_config field to google_healthcare_fhir_store resource (#5937)
• monitoring: added condition_prometheus_query_language field to google_monitoring_alert_policy resource (#5952)
• networkservices: made scope field optional in google_network_services_gateway resource (#5939)
• spanner: added enable_drop_protection to google_spanner_database resource(#5942)

BUG FIXES:

• alloydb: fixed permadiffs when setting 0 as start time (midnight) for automated_backup_policy in google_alloydb_cluster resource (#5913)
• artifactregistry: fixed reading back maven_config state in google_artifact_registry_repository (#5936)
• cloudtasks: suppressed time-unit permadiffs on google_cloud_tasks_queue min and max backoff settings (#5920)
• cloudrun: fixed the bug where default system labels set in service.spec.template.metadata.labels were treated as a diff. (#5953)
• compute: fixed wrongly triggered recreation on changes of enforce_on_key_configs on google_compute_security_policy (#5928)
• monitoring: fixed an issue in google_monitoring_monitored_project where project numbers were not accepted for name (#5955)