v4.47.0

NOTES:

• sql: fixed an issue where google_sql_database was abandoned by default as of version 4.45.0. Users who have upgraded to 4.45.0 or 4.46.0 will see a diff when running their next terraform apply after upgrading this version, indicating the deletion_policy field's value has changed from "ABANDON" to "DELETE". This will create a no-op call against the API, but can otherwise be safely applied. (#4972)

FEATURES:

• New Resource: google_alloydb_backup (#4959)
• New Resource: google_filestore_backup (#4963)

IMPROVEMENTS:

• bigtable: added deletion_protection field to google_bigtable_table (#4975)
• compute: Made google_compute_subnetwork.ipv6_access_type field updatable in-place (#4965)
• container: added auto_provisioning_defaults.cluster_autoscaling.upgrade_settings in google_container_cluster (#4958)
• container: added gateway_api_config block to google_container_cluster resource for supporting the gke gateway api controller (#4976)
• datacatalog: added update support for fields in google_data_catalog_tag_template (#4968)
• iam: added plan-time validation for IAM members (#4960)
• logging: added bucket_name field to google_logging_metric (#4964)
• logging: made metric_descriptor field optional for google_logging_metric (#4971)

BUG FIXES:

• composer: fixed a crash when updating ip_allocation_policy of google_composer_environment (#4956)
• sql: fixed an issue where google_sql_database was abandoned by default as of version 4.45.0. Users who have upgraded to 4.45.0 or 4.46.0 will see a diff when running their next terraform apply after upgrading this version, indicating the deletion_policy field's value has changed from "ABANDON" to "DELETE". This will create a no-op call against the API, but can otherwise be safely applied. (#4972)

v4.46.0

FEATURES:

• New Data Source: google_firebase_android_app (#4955)
• New Resource: google_cloud_run_v2_job (#4937)
• New Resource: google_cloud_run_v2_service (#4942)
• New Resource: google_gke_backup_backup_plan (#4948)
• New Resource: google_firebase_storage_bucket (#4951)

IMPROVEMENTS:

• network_services: added origin_override_action and origin_redirect to google_network_services_edge_cache_origin (#4936)
• bigquerydatatransfer: recreate google_bigquery_data_transfer_config for Cloud Storage transfers when immutable params data_path_template and destination_table_name_template are changed (#4929)
• compute: added fields to resource google_compute_security_policy to support Cloud Armor bot management (#4938)
• container: added support for concurrent node pool mutations on a cluster. Previously, node pool mutations were restricted to run synchronously clientside. NOTE: While this feature is supported in Terraform from this release onwards, only a limited number of GCP projects will support this behavior initially. The provider will automatically process mutations concurrently as the feature rolls out generally. (#4947)
• metastore: added general field network_config to google_dataproc_metastore_service (#4952)
• storage: added support for autoclass in google_storage_bucket resource (#4953)

BUG FIXES:

• alloydb: made machine_config.cpu_count updatable on google_alloydb_instance (#4930)
• composer: fixed a crash when updating ip_allocation_policy of google_composer_environment (#4956)
• container: fixed GKE permadiff/thrashing when update_settings. max_surge or update_settings. max_unavailable values are updating on google_container_node_pool (#4945)
• datastream: fixed google_datastream_private_connection ignoring failures during creation (#4939)
• firebase: fixed permadiff on the field deletion_policy of google_firebase_apple_app (#4954)
• kms: fixed issues with deleting crypto key versions in states other than ENABLED (#4943)

v4.45.0

FEATURES:

• New Data Source: google_logging_project_cmek_settings (#4902)
• New Resource: google_iam_workforce_pool_provider (#4922)
• New Resource: google_vertex_ai_tensorboard (#4896)
• New Resource: google_data_fusion_instance_iam_binding (#4926)
• New Resource: google_data_fusion_instance_iam_member (#4926)
• New Resource: google_data_fusion_instance_iam_policy (#4926)
• New Resource: google_eventarc_google_channel_config (#4905)
• New Resource: google_vertex_ai_index (#4923)
• New Resource: google_vertex_ai_featurestore_entitytype_iam_binding (#4920)
• New Resource: google_vertex_ai_featurestore_entitytype_iam_member (#4920)
• New Resource: google_vertex_ai_featurestore_entitytype_iam_policy (#4920)

IMPROVEMENTS:

• anthos-fleet-management: added option mesh: control_plane to resource google_gke_hub_feature_membership. (#4927)
• bigquerydatatransfer: made google_bigquery_data_transfer_config recreate for Cloud Storage transfers when immutable params data_path_template and destination_table_name_template are changed (#4929)
• bigtable: added support for abandoning GC policy (#4897)
• cloudsql: added connector_enforcement field to google_sql_database_instance resource (#4894)
• compute: added default_route_action.cors_policy field to google_compute_region_url_map resource (#4895)
• compute: added default_route_action.fault_injection_policy field to google_compute_region_url_map resource (#4895)
• compute: added default_route_action.timeout field to google_compute_region_url_map resource (#4895)
• compute: added default_route_action.url_rewrite field to google_compute_region_url_map resource (#4895)
• compute: added include_http_headers field to the cdn_policy field of google_compute_backend_service resource (#4912)
• compute: added field list_managed_instances_results to google_compute_instance_group_manager and google_compute_region_instance_group_manager (#4903)
• compute: added subnetwork and private_ip_address arguments to resource_compute_router_interface (#4914)
• container: added resource_labels field to node_config resource (#4913)
• container: added field enable_private_nodes in network_config to google_container_node_pool (#4921)
• container: added field gcp_public_cidrs_access_enabled and private_endpoint_subnetwork to google_container_cluster (#4921)
• container: added update support for enable_private_endpoint and enable_private_nodes in google_container_cluster (#4921)
• datafusion: added api_endpoint and p4_service_account attributes to google_data_fusion_instance (#4926)
• datafusion: added zone, display_name, crypto_key_config, event_publish_config, and enable_rbac args to google_data_fusion_instance (#4926)
• logging: added cmek_settings field to google_logging_project_bucket_config resource (#4902)
• sql: added 'deny_maintenance_period' field for 'google_sql_database_instance' within which 'end_date', 'start_date' and 'time' fields are present. (#4915)
• sql: added field deletion_policy to resource google_sql_database (#4916)

BUG FIXES:

• alloydb: fixed permdiff on display_name of google_alloydb_instance (#4925)
• compute: fixed a failure in updating most_disruptive_allowed_action on google_compute_per_instance_config and google_compute_region_per_instance_config (#4898)
• compute: fixed the error when metadata and machine_type are updated while metadata_startup_script was already provided on google_compute_instance (#4901)
• container: fixed the inability to update authenticator_groups_config on google_container_cluster (#4918)
• container: fixed the data source google_container_cluster to return an error if it does not exist (#4900)
• sql: fixed googe_sql_database_instance to include backup_configuration in initial create request (#4911)
• storage: fixed permdiff when website, website.main_page_suffix, website.not_found_page are removed on google_storage_bucket (#4899)

v4.44.1

NOTES: No changes, only released to keep this provider in sync with the google provider

v4.44.0

FEATURES:

• New Data Source: google_cloud_asset_resources_search_all (#4891)
• New Resource: google_alloydb_instance (#4857)
• New Resource: google_beyondcorp_app_connector (#4866)
• New Resource: google_beyondcorp_app_gateway (#4866)
• New Resource: google_compute_network_firewall_policy_association (#4868)
• New Resource: google_compute_network_firewall_policy_rule (#4880)
• New Resource: google_compute_network_firewall_policy (#4851)
• New Resource: google_compute_region_network_firewall_policy_association (#4868)
• New Resource: google_compute_region_network_firewall_policy_rule (#4880)
• New Resource: google_compute_region_network_firewall_policy (#4851)
• New Resource: google_eventarc_channel (#4876)
• New Resource: google_firebase_apple_app (#4887)
• New Resource: google_firebase_hosting_channel (#4890)
• New Resource: google_firebase_hosting_site (#4846)
• New Resource: google_identity_platform_project_default_config (#4853)
• New Resource: google_kms_crypto_key_versions (#4831)
• New Resource: google_storage_transfer_agent_pool (#4835)

IMPROVEMENTS:

• bigquery: supported authorized routines on resource bigquery_dataset and bigquery_dataset_access (#4855)
• clouddeploy: added execution_configs.execution_timeout in target resource. (#4849)
• clouddeploy: added support for Cloud Run Targets (#4849)
• clouddeploy: added support for Deployment Verification standard strategy (#4849)
• cloudidentity: made security label settable by making labels updatable in google_cloud_identity_groups (#4834)
• cloudrun: added field liveness_probe.grpc and startup_probe.grpc to resource google_cloud_run_service (#4863)
• cloudsql: added connector_enforcement field to google_sql_database_instance resource (#4894)
• compute: added optional redundant_interface argument to google_compute_router_interface resource (#4881)
• compute: added default_route_action.request_mirror_policy field to google_compute_region_url_map resource (#4879)
• compute: added default_route_action.retry_policy field to google_compute_region_url_map resource (#4879)
• compute: added default_route_action.weighted_backend_services field to google_compute_region_url_map resource (#4879)
• compute: added preconfigured_waf_config block to google_compute_security_policy resource (#4852)
• compute: modified machine_type field in compute instance resource to accept short name. (#4849)
• container: added node_config.logging_variant to google_container_node_pool. (#4889)
• container: added node_pool_defaults.node_config_defaults.logging_variant, node_pool.node_config.logging_variant, and node_config.logging_variant to google_container_cluster. (#4889)
• container: added support for Shielded Instance configuration for node auto-provisioning to google_container_cluster (#4833)
• container: added management attribute to the google_container_cluster resource (#4862)
• container: added field blue_green_settings to google_container_node_pool (#4860)
• container: added field strategy to google_container_node_pool (#4860)
• container: added support for additional values APISERVER, CONTROLLER_MANAGER, and SCHEDULER in google_container_cluster.monitoring_config (#4854)
• datafusion: added enable_rbac field to google_data_fusion_instance resource (#4864)
• dlp: added fields rows_limit, rows_limit_percent, and sample_method to big_query_options in google_data_loss_prevention_job_trigger (#4856)
• dlp: added pubsub action to google_data_loss_prevention_job_trigger (#4832)
• dns: added gke_clusters field to google_dns_managed_zone resource (#4888)
• dns: added gke_clusters field to google_dns_response_policy resource (#4888)
• eventarc: added field channel to google_eventarc_trigger (#4876)
• gkehub: added mesh field and management subfield to resource feature_membership (#4867)
• networkservices: added aws_v4_authentication field to google_network_services_edge_cache_origin to support S3-compatible Origins (#4875)
• networkservices: added signed_token_options and add_signatures field to google_network_services_edge_cache_service and validation_shared_keys to google_network_services_edge_cache_keyset to support dual-token authentication (#4884)
• sql: added query_plan_per_minute field to insights_config in google_sql_database_instance resource (#4840)
• vertexai: added fields to vertex_ai_featurestore_entitytype to support feature value monitoring (#4859)

BUG FIXES:

• apigee: fixed permadiff on consumer_accept_list for google_apigee_instance (#4883)
• appengine: fixed permadiff on serviceaccount for 'google_app_engine_flexible_app_version' (#4858)
• bigtable: updated ForceNew logic for kms_key_name (#4873)
• bigtable: updated the error handling logic to remove the resource on resource not found error only (#4841)
• billingbudget: fixed a bug where budget_filter.credit_types_treatment in google_billing_budget resource was not updating. (#4836)
• cloudbuild: fixed a failure when BITBUCKET is provided for repo_type on google_cloudbuild_trigger (#4878)
• cloudids: fixed endpoint_forwarding_rule and endpoint_ip attributes for google_cloud_ids_endpoint (#4843)
• compute: fixed perma-diff on google_compute_disk for new amd64 images (#4847)
• compute: made target_https_proxy possible to set ssl_certificates and certificate_map in google_compute_target_https_proxy at the same time (#4839)
• container: fixed a bug where cluster_autoscaling.auto_provisioning_defaults.service_account can not be set when enable_autopilot = true for google_container_cluster ([#4877](https://github.com/has...

v4.43.1

BUG FIXES:

• provider: fixed a crash during provider authentication for certain environments (#4892)

v4.43.0

FEATURES:

• New Resource: google_kms_crypto_key_version(#4831)

v4.42.1

BUG FIXES:

• storage: fixed a crash in google_storage_bucket when upgrading provider to version 4.42.0 with lifecycle_rule.condition.age unset (#4828)

v4.42.0

FEATURES:

• New Data Source: google_compute_addresses (#4802)
• New Data Source: google_compute_region_network_endpoint_group (#4811)
• New Resource: google_alloydb_cluster (#4780)
• New Resource: google_dataform_repository (beta) (#4801)
• New Resource: google_firebase_android_app (#4814)
• New Resource: google_iam_workforce_pool (#4818)
• New Resource: google_monitoring_generic_service (#4789)
• New Resource: google_scc_source_iam_binding (#4806)
• New Resource: google_scc_source_iam_member (#4806)
• New Resource: google_scc_source_iam_policy (#4806)
• New Resource: google_vertex_ai_endpoint (#4815)
• New Resource: google_vertex_ai_featurestore_iam_binding (#4825)
• New Resource: google_vertex_ai_featurestore_iam_member (#4825)
• New Resource: google_vertex_ai_featurestore_iam_policy (#4825)

IMPROVEMENTS:

• appengine: added member field to google_app_engine_default_service_account datasource (#4779)
• bigquery: added max_time_travel_hours field in google_bigquery_dataset resource (#4803)
• bigquery: added member field to google_bigquery_default_service_account datasource (#4779)
• cloudbuild: added script field to google_cloudbuild_trigger resource (#4807)
• cloudplatform: validated project_id for google_project data-source (#4810)
• cloudrun: added field liveness_probe to resource google_cloud_run_service (#4788)
• cloudrun: added field startup_probe to resource google_cloud_run_service (#4773)
• compute: added source_disk field to google_compute_disk and google_compute_region_disk resource (#4783)
• compute: added general field rules to google_compute_router_nat (#4797)
• container: added disk_size and disk_type fields to google_container_cluster.cluster_autoscaling.auto_provisioning_defaults (#4786)
• container: added support for in-place update of node_config.0.tags for google_container_node_pool resource (#4781)
• datastream: added private_connectivity field to google_datastream_connection_profile (#4808)
• dns: added enable_geo_fencing to routing_policy block of google_dns_record_set resource (#4816)
• dns: added health_checked_targets to wrr and geo blocks of google_dns_record_set resource (#4816)
• dns: added primary_backup to routing_policy block of google_dns_record_set resource (#4816)
• firebase: added app_urls field to google_firebase_web_app (#4798)
• firebase: added deletion support and new field deletion_policy for google_firebase_web_app (#4796)
• privateca: added a new field skip_grace_period to skip the grace period when deleting a CertificateAuthority. (#4784)
• serviceaccount: added member field to google_service_account resource and datasource (#4779)
• sql: added time_zone field in google_sql_database_instance (#4774)
• storage: added member field to google_storage_project_service_account and google_storage_transfer_project_service_account datasource (#4779)

BUG FIXES:

• compute: made vm_count in google_compute_resource_policy optional (#4792)
• container: fixed inability to update datapath_provider on google_container_cluster by making field changes trigger resource recreation (#4824)
• pubsub: ensured topics are recreated when their schemas change. (#4791)
• redis: updated persistence_config.rdb_snapshot_period to optional in the google_redis_instance resource. (#4821)

v4.41.0

KNOWN ISSUES:

• container: This release introduced a new field, node_config.0.guest_accelerator.0.gpu_sharing_config, to an https://www.terraform.io/language/attr-as-blocks field (node_config.0.guest_accelerator). As detailed on the linked page, this may cause issues for modules and/or formats other than HCL.

BREAKING CHANGES:

• sql: updated google_sql_user.sql_server_user_details to be read only. Any configuration attempting to set this field is invalid and will cause the provider to fail during plan time. (#4764)

FEATURES:

• New Resource: google_cloud_ids_endpoint (#4765)
• New Resource: google_bigquery_analytics_hub_listing_iam_binding (#4771)
• New Resource: google_bigquery_analytics_hub_listing_iam_member (#4771)
• New Resource: google_bigquery_analytics_hub_listing_iam_policy (#4771)
• New Resource: google_bigquery_analytics_hub_listing (#4771)

IMPROVEMENTS:

• appengine: added support for service_account field to google_app_engine_standard_app_version resource (#4757)
• bigquery: added avro_options field to google_bigquery_table resource (#4768)
• cloudrun: added field startup_probe to resource google_cloud_run_service (#4773)
• container: added node_config.0.guest_accelerator.0.gpu_sharing_config field to google_container_node_pool resource (#4758)
• datafusion: added crypto_key_config field to google_data_fusion_instance resource (#4761)
• filestore: removed constraint that forced multiple google_filestore_instance creations to occur serially (#4770)

BUG FIXES:

• kms: fixed apply failure when google_kms_crypto_key is removed after its versions were destroyed earlier (#4769)
• monitoring: fixed a bug causing a perma-diff in google_monitoring_alert_policy when cross_series_reducer was set to "REDUCE_NONE" (#4763)