v4.69.1

4.69.1 (June 12, 2023)

NOTE:

• Added a new user guide to the provider documentation (#5768)

v4.69.0

FEATURES:

• New Data Source: google_vmwareengine_network (#5725)
• New Resource: google_access_context_manager_service_perimeter_egress_policy (#5723)
• New Resource: google_access_context_manager_service_perimeter_ingress_policy (#5723)
• New Resource: google_certificate_manager_certificate_issuance_config (#5712)
• New Resource: google_dataplex_datascan (#5707)
• New Resource: google_dataplex_datascan_iam_* (#5731)
• New Resource: google_vmwareengine_network (#5725)

IMPROVEMENTS:

• billing: added lookup_projects to google_billing_account datasource that skips reading the list of associated projects (#5721)
• dlp: added info_type_transformations block in the record_transformations field to google_data_loss_prevention_deidentify_template resource. (#5729)
• dlp: added redact_config, fixed_size_bucketing_config, bucketing_config, time_part_config and date_shift_config fields to google_data_loss_prevention_deidentify_template resource (#5711)
• dlp: added stored_info_type_id field to google_data_loss_prevention_stored_info_type resource (#5708)
• dlp: added template_id field to google_data_loss_prevention_deidentify_template and google_data_loss_prevention_inspect_template (#5726)
• dlp: changed actions field from required to optional in google_data_loss_prevention_job_trigger resource (#5716)
• gkehub: added field fleet_observability to google_gke_hub_feature (#5715)
• kms: removed validation for purpose in google_kms_crypto_key to allow newly added values for the field (#5713)
• networkservices: added necessary fields to google_network_services_gateway to make it compatible with secure web proxy (#5701)
• pubsub: allowed schema_settings of google_pubsub_topic to change without deleting and recreating the resource (#5724)
• vertexai: increased google_vertex_ai_metadata_store creation timeout to 40 minutes (#5728)

BUG FIXES:

• networkservices: fixed a bug where modifying non-updatable fields scope in google_network_services_gateway would fail with API errors; now updating them will recreate the resource (#5701)
• tags: fixed providing projects/<project_id to parent causing recreation on google_tags_tag_key (#5718)

v4.68.0

FEATURES:

• New Resource: google_container_analysis_note_iam_* (#5676)

IMPROVEMENTS:

• dlp: added included_fields and excluded_fields fields to google_data_loss_prevention_job_trigger (#5687)
• dns: added regionalL7ilb enum support to the routing_policy.load_balancer_type field in google_dns_record_set (#5678)
• workstations: added idle_timeout and running_timeout fields in google_workstations_workstation_config (#5673)
• workstations: added update support for persistent_directories.reclaim_policy and persistent_directories.source_snapshot fields in google_workstations_workstation_config (#5695)

BUG FIXES:

• accesscontextmanager: fixed incorrect validations for spec and status in google_access_context_manager_service_perimeter (#5675)
• alloydb: increased timeouts for google_alloydb_instance from 20m to 40m (#5681)
• apigee: fixed bug where updating config_bundle in google_apigee_sharedflow that's attached to google_apigee_sharedflow_deployment causes an error (#5683)
• compute: increased timeout for compute_security_policy from 4m to 8m (#5680)
• dataproc: fixed crash when reading google_dataproc_cluster.virtual_cluster_config (#5689)

v4.67.0

FEATURES:

• New Data Source: google_*_iam_policy (#5661)
• New Data Source: google_vertex_ai_index (#5649)

IMPROVEMENTS:

• cloudrun: added template.spec.volumes.empty_dir and template.spec.containers.name fields to google_cloud_run_service (#5654)
• compute: added guest_os_features and licenses fields to google_compute_disk and google_compute_region_disk (#5659)
• datastream: added mysql_source_config.max_concurrent_backfill_tasks field to google_datastream_stream (#5648)
• firebase: added additional import formats for google_firebase_webapp (#5647)
• notebooks: added update support for google_notebooks_instance.metadata field (#5655)
• privateca: added encoding_format field to google_privateca_ca_pool (#5662)

BUG FIXES:

• apigee: increased google_apigee_organization timeout defaults to 45m from 20m (#5652)
• cloudresourcemanager: added retries to handle internal error: type: "googleapis.com" subject: "160009" (#5685)
• cloudrun: fixed a permadiff for metadata.annotation in google_cloud_run_service (#5651)
• container: fixed a crash scenario in google_container_node_pool (#5671)
• gkeonprem: changed hostname (under ip_block) from required to optional for google_gkeonprem_vmware_cluster (#5670)
• serviceusage: added retries to handle internal error: type: "googleapis.com" subject: "160009" when activating services (#5685)

v4.66.0

NOTE:

• Upgraded to Go 1.19.9 (#5623)

FEATURES:

• New Resource: google_network_security_server_tls_policy (#5619)

IMPROVEMENTS:

• bigquery: added ICEBERG as an enum for external_data_configuration.source_format field in google_bigquery_table (#5622)
• cloudfunctions: added status attribute to the google_cloudfunctions_function resource and data source (#5625)
• compute: added storage_location field in google_compute_image resource (#5644)
• compute: added support for additional machine types in google_compute_region_commitment (#5633)
• dataflow: added multiple fields to google_dataflow_flex_template_job (#5635)
• monitoring: added forecast_options field to google_monitoring_alert_policy resource (#5642)
• monitoring: added notification_channel_strategy field to google_monitoring_alert_policy resource (#5624)
• sql: added advanced_machine_features field in google_sql_database_instance (#5639)
• storagetransfer: added field path to transfer_spec.aws_s3_data_source in google_storage_transfer_job (#5641)
• workstations: added support for source_snapshot in google_workstations_workstation_config (#5636)

BUG FIXES:

• artifactregistry: fixed new repositories ignoring the provider region if location is unset in google_artifact_registry_repository. (#5637)
• compute: fixed permadiff on log_config.sample_rate of google_compute_backend_service (#5631)
• container: fixed permadiff on gateway_api_config.channel of google_container_cluster (#5626)
• dataflow: fixed inconsistent final plan when labels are added to google_dataflow_job (#5634)
• provider: fixed an issue where mtls transports were not used consistently(initial implementation in v4.65.0, reverted in v4.65.1) (#5645)
• storage: fixed inconsistent final plan when labels are added to google_storage_bucket (#5634)

v4.65.2

BUG FIXES:

• provider: fixed an issue where google_client_config datasource return null for all attributes when region or zone is unset in provider config

v4.65.1

BUG FIXES:

• provider: fixed an issue where google_client_config datasource return null for access_token

v4.65.0

FEATURES:

• New Data Source: google_datastream_static_ips (#5587)
• New Resource: google_compute_disk_async_replication (#5588)
• New Resource: google_firestore_field (#5603)
• New Resource: google_gkeonprem_bare_metal_cluster (#5594)
• New Resource: google_gkeonprem_bare_metal_node_pool (#5602)
• New Resource: google_network_security_tls_inspection_policy (#5615)

IMPROVEMENTS:

• bigquery: added general field load.parquet_options to google_bigquery_job (#5592)
• cloudbuild: added allow_failure and allow_exit_codes to build.step in google_cloudbuild_trigger resource (#5593)
• cloudbuild: added git_file_source.repository and source_to_build.repository fields to google_cloudbuild_trigger resource (beta) (#5597)
• cloudrunv2: added template.containers.depends_on and template.volumes.empty_dir to google_cloud_run_v2_service. (#5613)
• cloudrunv2: added template.template.volumes.empty_dir to google_cloud_run_v2_job. (#5613)
• compute: added enumeration values SEV_SNP_CAPABLE, SUSPEND_RESUME_COMPATIBLE, TDX_CAPABLE for the guest_os_features of google_compute_image (#5604)
• compute: added support for stack_type to google_compute_network_peering (#5601)
• container: added gcs_fuse_csi_driver_config to google_container_cluster resource. (#5616)
• dlp: added publish_to_stackdriver field to google_data_loss_prevention_job_trigger resource (#5610)
• network_security: added tls_inspection_policy field to google_network_security_gateway_security_policy (#5615)

BUG FIXES:

• certificatemanager: fixed an issue where self_managed.pem_certificate and self_managed.pem_certificate can't be updated on google_certificate_manager_certificate (#5606)
• compute: fixed crash on terraform destroy -refresh=false for instance group managers with wait_for_instances = "true" if the instance group manager was not found (#5614)
• container: fixed node auto-provisioning not working when auto_provisioning_defaults.management is not provided on google_container_cluster (#5605)
• provider: fixed an issue where mtls transports were not used consistently (#5618)

v4.64.0

FEATURES:

• New Data Source: google_alloydb_locations (#5507)
• New Data Source: google_sql_tiers (#5548)
• New Resource: google_access_context_manager_egress_policy (#5525)
• New Resource: google_database_migration_service_connection_profile (#5527)
• New Resource: google_gkeonprem_vmware_cluster (#5533)
• New Resource: google_gkeonprem_vmware_node_pool (#5579)
• New Resource: google_network_security_address_group (#5539)
• New Resource: google_network_security_authorization_policy (#5582)
• New Resource: google_network_services_grpc_route (#5572)
• New Resource: google_network_services_service_binding (#5536)
• New Resource: google_networksecurity_client_tls_policy (#5561)
• New Resource: google_networkservices_endpoint_policy (#5542)
• New Resource: google_networkservices_tls_route (#5524)
• New Resource: google_workstations_workstation_config_iam (#5512)
• New Resource: google_workstations_workstation_iam (#5512)

IMPROVEMENTS:

• alloydb: added encryption_config and encryption_info fields in google_alloydb_cluster, to allow CMEK encryption of the cluster's data. (#5551)
• alloydb: added support for CMEK in google_alloydb_backup resource (#5549)
• alloydb: added the encryption_config field inside the automated_backup_policy block ingoogle_alloydb_cluster, to allow CMEK encryption of automated backups. (#5551)
• certificatemanager: added location field to certificatemanager certificate resource (#5554)
• cloudrun: added field port to http_get to resource google_cloud_run_service (#5510)
• cloudrunv2: added field port to http_get to resource google_cloud_run_v2_service (#5510)
• cloudrunv2: added field startupCpuBoost to resource google_cloud_run_v2_service (#5521)
• cloudrunv2: added support for session_affinity to google_cloud_run_v2_service (#5518)
• compute: added allow_psc_global_access to google_compute_forwarding_rule resource (#5523)
• compute: added dest_fqdns, dest_region_codes, dest_threat_intelligences, src_fqdns, src_region_codes, and src_threat_intelligences to google_compute_firewall_policy_rule resource. (#5523)
• compute: added source_ip_ranges and base_forwarding_rule to google_compute_forwarding_rule resource (#5523)
• compute: added bypass_cache_on_request_headers to cdn_policy in google_compute_backend_service resource (#5563)
• compute: added dest_address_groups and src_address_groups fields to google_compute_firewall_policy_rule and google_compute_network_firewall_policy_rule (#5530)
• compute: added new field async_primary_disk to google_compute_disk and google_compute_region_disk (#5553)
• compute: added new field disk_consistency_group_policy to google_compute_resource_policy (#5553)
• compute: added support for IPv6 prefix exchange in google_compute_router_peer (#5531)
• compute: made network_firewall_policy_enforcement_order field mutable in google_compute_network. (#5516)
• dlp: added exclude_by_hotword exclusion rule to google_data_loss_prevention_inspect_template resource (#5555)
• dlp: added image_transformations field to google_data_loss_prevention_deidentify_template resource (#5556)
• dlp: added inspectConfig field to google_data_loss_prevention_job_trigger resource (#5535)
• dlp: added replace_dictionary_config field to info_type_transformations in google_data_loss_prevention_deidentify_template resource (#5556)
• dlp: added surrogate_type custom type to google_data_loss_prevention_inspect_template resource (#5555)
• dlp: added version field for multiple info_type blocks to google_data_loss_prevention_inspect_template resource (#5555)
• sql: Added support for Postgres in google_sql_source_representation_instance (#5557)
• vertexai: added region field to google_vertex_ai_endpoint (#5514)
• workflows: added crypto_key_name field to google_workflows_workflow resource (#5509)
• workstations: supported in-place update for host and container in google_workstations_workstation_config (#5585)

BUG FIXES:

• cloudplatform: added validation for role_id on google_organization_iam_custom_role (#5569)
• compute: fixed an import bug for google_compute_router_interface that happened when project was not set in the provider configuration or via environment variable (#5508)
• dns: fixed bug in google_dns_keys data source where list attributes could not be used at plan-time (#5546)
• firebase: specified required argument bundle_id in google_firebase_apple_app (#5577)
• workstations: fixed an issue where modifying persistent_directories and encryption_key would fail with API errors; now updating them will recreate the resource (#5585)
• workstations: fixed an issue where unsetting the container working directory in google_workstations_workstations_config was not propagated to the underlying resource (#5585)

v4.63.1

BUG FIXES:

• bigtable: fixed plan failure because of an unused zone being unavailable