v4.20.0

NOTES:

• google_privateca_certificate_authority resources now cannot be destroyed unless deletion_protection = false is set in state for the resource. (#4241)

FEATURES:

• New Data Source: google_compute_disk (#4255)

IMPROVEMENTS:

• apigee: consumer_accept_list and service_attachment to google_apigee_instance. (#4260)
• compute: added subsetting field to google_compute_region_backend_service (#4246)
• privateca: added deletion_protection for google_privateca_certificate_authority. (#4241)
• privateca: added new output fields on google_privateca_certificate including issuer_certificate_authority, pem_certificate_chain and certificate_description.x509_description (#4242)
• redis: added multi read replica field read_replicas_mode and secondary_ip_range in google_redis_instance (#4259)

BUG FIXES:

• compute: fixed a crash when compute.instance is not found (#4262)
• provider: removed printing credentials to the console if malformed JSON is given (#4266)
• sql: fixed bug where encryption_key_name was not being propagated to the API. (#4261)

v4.19.0

IMPROVEMENTS:

• cloudbuild: made CLOUD_LOGGING_ONLY available as a cloud build logging option. (#4224)
• compute: added redirect_options field for google_compute_security_policy rules (#4217)
• compute: added FIXED_STANDARD and STANDARD as valid values to the field network_interface.0.access_configs.0.network_tier of google_compute_instance_template resource (#4233)
• compute: added FIXED_STANDARD and STANDARD as valid values to the field network_interface.0.access_configs.0.network_tier of google_compute_instance resource (#4233)
• compute: added passing exceed_redirect_options field for google_compute_security_policy rules (#4238)
• container: added gke_backup_agent_config in addons_config to google_container_cluster (beta) (#4231)
• filestore: added kms_key_name field to google_filestore_instance resource to support CMEK (#11493)
• logging: made google_logging_*_bucket_config deletable (#4234)
• notebooks: updated container_images on google_notebooks_runtime to default to the value returned by the API if not set (#4216)
• provider: modified request retry logic to retry all per-minute quota limits returned with a 403 error code. Previously, only read requests were retried. This will generally affect Google Compute Engine resources. (#4223)

BUG FIXES:

• bigquery: fixed a bug where encryption_configuration.kms_key_name stored the version rather than the key name. (#4221)
• compute: fixed url_mask required mis-annotation in google_compute_region_network_endpoint_group, making it optional (#4227)
• spanner: fixed escaping of database names with Postgres dialect in google_spanner_database (#4228)

v4.18.0

FEATURES:

• New Resource: google_privateca_certificate_template_iam_binding (#4201)
• New Resource: google_privateca_certificate_template_iam_member (#4201)
• New Resource: google_privateca_certificate_template_iam_policy (#4201)

IMPROVEMENTS:

• bigtable: added gc_rules to google_bigtable_gc_policy resource. (#4212)
• dialogflow: added support for location based dialogflow resources (#4206)
• metastore: added support for encryption_config during service creation. (#4204)
• privateca: support update on CertificateAuthority and Certificate (#4207)

BUG FIXES:

• Update mutex on google_apigee_instance_attachment to lock on org_id. (#4203)
• vpcaccess: fixed an issue where google_vpc_access_connector would be repeatedly recreated when network was not specified (#4205)

v4.17.0

FEATURES:

• New Data Source: google_access_approval_folder_service_account (#4179)
• New Data Source: google_access_approval_organization_service_account (#4179)
• New Data Source: google_access_approval_project_service_account (#4179)
• New Resource: google_access_context_manager_access_policy_iam_binding (#4180)
• New Resource: google_access_context_manager_access_policy_iam_member (#4180)
• New Resource: google_access_context_manager_access_policy_iam_policy (#4180)
• New Resource: google_endpoints_service_consumers_iam_binding (#4160)
• New Resource: google_endpoints_service_consumers_iam_member (#4160)
• New Resource: google_endpoints_service_consumers_iam_policy (#4160)
• New Resource: google_iam_deny_policy (#4194)

IMPROVEMENTS:

• access approval: added active_key_version, ancestor_has_active_key_version, and invalid_key_version fields to google_folder_access_approval_settings, google_organization_access_approval_settings, and google_project_access_approval_settings resources (#4179)
• access context manager: added support for scoped policies in google_access_context_manager_access_policy (#4180)
• apigee: added deployment_type and api_proxy_type to google_apigee_environment (#4177)
• bigtable: updated the examples to show users can create all 3 different flavors of AppProfile (#4172)
• cloudbuild: added approval_config to google_cloudbuild_trigger (#4162)
• composer: added support for airflow-1 and airflow-2 aliases in image version argument (#4185)
• dataflow: added skip_wait_on_job_termination attribute to google_dataflow_job and google_dataflow_flex_template_job resources (issue #10559) (#4196)
• dataproc: added presto_config to dataproc_job (#4171)
• healthcare: added support V3 parser version for Healthcare HL7 stores. (#4189)
• healthcare: added support for ANALYTICS_V2 and LOSSLESS BigQueryDestination schema types to google_healthcare_fhir_store (#4186)
• os-config: added field migInstancesAllowed to resource os_config_patch_deployment (#4195)
• privateca: added support for IAM conditions to CaPool (#4170)
• pubsub: added enable_exactly_once_delivery to google_pubsub_subscription (#4166)
• spanner: added support for setting database_dialect on google_spanner_database (#4158)

BUG FIXES:

• redis: fixed an issue where older redis instances had a dangerous diff on the field read_replicas_mode, adding a default of READ_REPLICAS_DISABLED. Now, if the field is not set in config, the value of the field will keep the old value from state. (#4184)
• tags: fixed issue where tags could not be applied sequentially to the same parent in google_tags_tag_binding (#4191)

v4.16.0

FEATURES:

• New Data Source: google_dataproc_metastore_service (#4155)
• New Resource: google_firebaserules_release (#4132)
• New Resource: google_firebaserules_ruleset (#4132)

IMPROVEMENTS:

• bigtable: added support for autoscaling_config to google_bigtable_instance (#4150)
• composer: Added support for composer-1 and composer-2 aliases in image version argument (#4131)
• compute: added support for attaching a edge_security_policy to google_compute_backend_bucket (#4154)
• compute: added support for field type to google_compute_security_policy (#4154)
• eventarc: added gke and workflows destination for eventarc trigger resource. (#4152)
• networkservices: added included_cookie_names to cache key policy configuration (#4147)
• spanner: added support for setting database_dialect on google_spanner_database (#4158)
• storagetransfer: added repeat_interval field to google_storage_transfer_job resource (#4144)

BUG FIXES:

• apikeys: fixed a bug where google_apikeys_key.key_string was not being set. (#4139)
• container: fixed a bug where google_container_cluster.authenticator_groups_config could not be set in tandem with enable_autopilot (#4140)
• iam: fixed an issue where special identifiers allAuthenticatedUsers and allUsers were flattened to lower case in IAM members. (#4156)
• logging: fixed bug where google_logging_project_bucket_config would erroneously write to state after it errored out and wasn't actually created. (#4141)
• monitoring: fixed a permadiff when google_monitoring_uptime_check_config.http_check.path does not begin with "/" (#4135)
• osconfig: fixed a bug where recurring_schedule.time_of_day can not be set to 12am exact time in google_os_config_patch_deployment resource (#4127)
• sql: fixed bug where permadiff of encryption_key_name would show on google_sql_database_instance for replica instances. (#4130)
• storage: fixed a bug where google_storage_bucket data source would retry for 20 min when bucket was not found. (#4129)
• storage: fixed bug where google_storage_transfer_job that was deleted outside of Terraform would not be recreated on apply. (#4138)

v4.15.0

FEATURES:

• New Resource: google_logging_log_view (#4125)

IMPROVEMENTS:

• apigee: added billing_type attribute to google_apigee_organization resource. (#4126)
• networkservices: added disable_http2 property to google_network_services_edge_cache_service resource (#4119)
• networkservices: updated google_network_services_edge_cache_origin resource to read and write the timeout property, including a new read_timeout field. (#4122)
• networkservices: updated google_network_services_edge_cache_origin to retry_conditions to include FORBIDDEN (#4122)

BUG FIXES:

• dataproc: fixed a crash when logging_config only contains nil entry in google_dataproc_workflow_template (#4124)
• sql: fixed crash when one of settings.database_flags is nil. (#4123)

v4.14.0

FEATURES:

• New Resource: google_bigqueryreservation_assignment (#4098)
• New Resource: google_apikeys_key (#4114)

IMPROVEMENTS:

• artifactregistry: added maven config for google_artifact_registry_repository (#4112)
• cloudbuild: added support for manual builds, git source for webhook/pubsub triggered builds and filter field (#4100)
• container: added support for gvnic to google_container_node_pool (#4111)
• dataproc: added preemptibility field to the preemptible_worker_config of google_dataproc_cluster (#4107)
• serviceusage: supported force behavior for deleting consumer quota override (#4094)

BUG FIXES:

• dataproc: fixed a crash when logging_config only contains nil entry in google_dataproc_job (#4108)

v4.13.0

FEATURES:

• New Resource: google_apigee_endpoint_attachment (#4074)
• New Resource: google_cloudfunctions2_function (#4093)
• New Resource: google_region_backend_service_iam_* (#4088)
• New Datasource: google_dns_record_set (#4085)
• New Datasource: google_privateca_certificate_authority (#4087)

IMPROVEMENTS:

• compute: added support for keepalive_interval to google_compute_router.bgp (#4089)
• compute: added update support for google_compute_reservation.share_settings (#4092)
• storagetransfer: added attribute subject_id to data source google_storage_transfer_project_service_account (#4073)

BUG FIXES:

• composer: allow region to be undefined in configuration for google_composer_environment (#4083)
• container: fixed a bug where vertical_pod_autoscaling would cause autopilot clusters to recreate (#4076)

v4.12.0

NOTE:

• updated to go 1.16.14 (#4066)

FEATURES:

• New Resource: dns_response_policy* (#4046)
• New Resource: dns_response_policy_rule* (#4046)

DEPRECATIONS:

• datafusion: deprecated service_account in google_datafusion_instance. Use tenant_project_id instead to extract the tenant project ID (beta) (#4045)

IMPROVEMENTS:

• bigquery: added support for authorized datasets to google_bigquery_dataset.access and google_bigquery_dataset_access (#4047)
• bigtable: added multi_cluster_routing_cluster_ids fields to google_bigtable_app_profile (#4051)
• compute: added field serverless_deployment to google_compute_region_network_endpoint_group (beta only) for API Gateway resources (#4041)
• compute: updated instance attribute for google_compute_network_endpoint to be optional, as Hybrid connectivity NEGs use network endpoints with just IP and Port. (#4068)
• compute: added NON_GCP_PRIVATE_IP_PORT value for network_endpoint_type in the google_compute_network_endpoint_group resource (#4068)
• compute: added provisioning_model field to google_compute_instance_template resource to support Spot VM(beta) (#4033)
• compute: added provisioning_model field to google_compute_instance resource to support Spot VM(beta) (#4033)
• container: Add support for GKE Compact Placement (#4043)
• datafusion: added support for tenant_project_id and gcs_bucket in google_datafusion_instance resource. (#4045)
• provider: added retries for ReadRequest errors incorrectly coded as 403 errors, particularly in Google Compute Engine (#4064)

BUG FIXES:

• apigee: fixed a bug where multiple google_apigee_instance could not be used on the same google_apigee_organization (#4059)
• compute: corrected an issue in google_compute_security_policy where only alpha values for certain enums were accepted (#4049)
• compute: fixed permadiff in google_compute_instance.scheduling.provisioning_model (#4044)
• compute: fixed permadiff in google_compute_instance_template.scheduling.provisioning_model (#4052)

v4.11.0

IMPROVEMENTS:

• cloudfunctions: Added SecretManager integration support to google_cloudfunctions_function. (#4040)
• compute: Added field serverless_deployment to google_compute_network_endpoint_group (#4041)
• dataproc: increased the default timeout for google_dataproc_cluster from 20m to 45m (#4027)
• sql: added field clone.allocated_ip_range to support address range picker for clone in resource google_sql_database_instance (#4037)
• storagetransfer: added support for POSIX data source and data sink to google_storage_transfer_job via transfer_spec.posix_data_source and transfer_spec.posix_data_sink fields (#4029)

BUG FIXES:

• cloudrun: updated containers.ports.container_port to be optional instead of required on google_cloud_run_service (#4030)
• compute: marked project field optional in google_compute_instance_template data source (#4031)