Releases: hashicorp/terraform-provider-aws
Releases · hashicorp/terraform-provider-aws
v5.47.0
NOTES:
- provider: Updates to Go 1.22. This is the last Go release that will run on macOS 10.15 Catalina (#36996)
- resource/aws_bedrockagent_knowledge_base: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#36783)
FEATURES:
- New Data Source:
aws_identitystore_groups
(#36993) - New Resource:
aws_bcmdataexports_export
(#36847) - New Resource:
aws_bedrockagent_agent
(#36851) - New Resource:
aws_bedrockagent_agent_action_group
(#36935) - New Resource:
aws_bedrockagent_agent_alias
(#36905) - New Resource:
aws_bedrockagent_knowledge_base
(#36783) - New Resource:
aws_globalaccelerator_cross_account_attachment
(#35991) - New Resource:
aws_verifiedpermissions_policy
(#35413)
ENHANCEMENTS:
- data-source/aws_eip: Add
arn
attribute (#35991) - resource/aws_api_gateway_rest_api: Correctly set
root_resource_id
on resource Read (#37040) - resource/aws_appmesh_mesh: Add
spec.service_discovery
argument (#37042) - resource/aws_cloudformation_stack_set: Adds guidance on permissions when using delegated administrator account (#37069)
- resource/aws_db_instance: Add
dedicated_log_volume
argument (#36503) - resource/aws_eip: Add
arn
attribute (#35991) - resource/aws_elasticache_replication_group: Add
transit_encryption_mode
argument (#30403) - resource/aws_elasticache_replication_group: Changes to the
transit_encryption_enabled
argument can now be done in-place for engine versions >7.0.5
(#30403) - resource/aws_kinesis_firehose_delivery_stream: Add
snowflake_configuration
argument (#36646) - resource/aws_memorydb_user: Support IAM authentication mode (#32027)
- resource/aws_sagemaker_app_image_config: Add
code_editor_app_image_config
andjupyter_lab_image_config.jupyter_lab_image_config
arguments (#37059) - resource/aws_sagemaker_app_image_config: Change
kernel_gateway_image_config.kernel_spec
MaxItems to 5 (#37059) - resource/aws_transfer_server: Add
sftp_authentication_methods
argument (#37015)
BUG FIXES:
- resource/aws_batch_job_definition: Fix issues where changes causing a new
revision
do not trigger changes in dependent resources and/or cause an error, "Provider produced inconsistent final plan" (#37111) - resource/aws_ce_cost_category: Allow up to 3 levels of
and
,not
andor
operand nesting for therule
argument (#30862) - resource/aws_elasticache_replication_group: Fix excessive delay on read (#30403)
- resource/aws_servicecatalog_portfolio: Fixes error where deletion fails if resource was deleted out of band. (#37066)
- resource/aws_servicecatalog_provisioned_product: Fixes error where tag values are not applied to products when tag values don't change. (#37066)
v5.46.0
NOTES:
- provider: When using YAML or JSON documents, such as in
template_body
ofaws_cloudformation_stack
, CRLF was previously treated as different from LF but these are now treated as equivalent in many situations (#14270)
FEATURES:
- New Resource:
aws_eip_domain_name
(#36963)
ENHANCEMENTS:
- data-source/aws_alb: Add
client_keep_alive
argument (#36969) - data-source/aws_eip: Add
ptr_record
attribute (#36963) - data-source/aws_iam_policy: Add
attachment_count
attribute (#36759) - data-source/aws_lb: Add
client_keep_alive
argument (#36969) - data-source/aws_organizations_organization: Add
master_account_name
attribute (#36797) - data-source/aws_vpc_dhcp_options: Add
ipv6_address_preferred_lease_time
attribute (#36934) - resource/aws_alb: Add
client_keep_alive
argument (#36969) - resource/aws_autoscaling_group: Add
alarm_specification
to theinstance_refresh.preferences
configuration block (#36954) - resource/aws_cloudformation_stack_set: Add retry when creating to potentially help with eventual consistency problems (#36982)
- resource/aws_cloudfront_origin_access_control: Add
lambda
andmediapackagev2
as valid values fororigin_access_control_origin_type
(#34362) - resource/aws_cloudwatch_event_rule: Add
force_destroy
attribute (#34905) - resource/aws_codebuild_project: Add GitLab and GitLab Self Managed support to the
report_build_status
andbuild_status_config
arguments (#36942) - resource/aws_default_vpc_dhcp_options: Add
ipv6_address_preferred_lease_time
as Computed attribute (#36934) - resource/aws_dms_replication_task: Add
resource_identifier
argument (#36901) - resource/aws_eip: Add
ptr_record
attribute (#36963) - resource/aws_elasticache_serverless_cache: Add
minimum
attribute incache_usage_limits.data_storage
andcache_usage_limits.ecpu_per_second
(#36766) - resource/aws_fsx_openzfs_file_system: Add
endpoint_ip_address
attribute (#36767) - resource/aws_iam_policy: Add
attachment_count
attribute (#36759) - resource/aws_imagebuilder_image: Add
execution_role
andworkflow
arguments (#36953) - resource/aws_lb: Add
client_keep_alive
argument (#36969) - resource/aws_mwaa_environment: Add
database_vpc_endpoint_service
andwebserver_vpc_endpoint_service
attributes (#36903) - resource/aws_organizations_organization: Add
master_account_name
attribute (#36797) - resource/aws_transfer_connector: Add
security_policy_name
argument (#36893) - resource/aws_vpc_dhcp_options: Add
ipv6_address_preferred_lease_time
attribute (#36934) - resource/aws_vpc_ipam_pool: Add
cascade
argument (#36898)
BUG FIXES:
- data-source/aws_iam_policy_document: When using multiple principals, sort them to avoid differences based only on order (#25967)
- resource/aws_appconfig_deployment: Fix
ConflictException
errors on resource Create (#36980) - resource/aws_ce_anomaly_monitor: Change
monitor_dimension
to ForceNew (#36773) - resource/aws_ce_anomaly_subscription: Change
account_id
to ForceNew (#36773) - resource/aws_cloudformation_stack: CRLF line endings in
template_body
no longer cause erroneous diffs (#14270) - resource/aws_db_proxy: Fix
interface conversion: interface {} is nil, not map[string]interface {}
panic whenauth
is empty ({}
) (#36967) - resource/aws_dms_replication_config: Adds validation to
replication_settings
to disallowLogging.CloudWatchLogGroup
andLogging.CloudWatchLogStream
. (#36936) - resource/aws_dms_replication_config: Suppresses differences in partial
replication_settings
JSON documents. (#36936) - resource/aws_dms_replication_task: Adds validation to
replication_task_settings
to disallowLogging.CloudWatchLogGroup
andLogging.CloudWatchLogStream
. (#36936) - resource/aws_dms_replication_task: Allows leaving
replication_task_settings
unset to use default settings. (#36936) - resource/aws_dms_replication_task: Suppresses differences in partial
replication_task_settings
JSON documents. (#36936) - resource/aws_fsx_windows_file_system: Fix error
BadRequest: AuditLogDestination must not be provided when auditing is disabled
when updatingaudit_log_configuration.0.file_access_audit_log_level
andaudit_log_configuration.0.file_share_access_audit_log_level
to"DISABLED"
(#36928) - resource/aws_glue_job: Mark
number_of_workers
andworker_type
as optional/computed, preventing persistent differences whenmax_capacity
is set. (#36770) - resource/aws_iam_user_login_profile: Fix forced re-creation when
password_reset_required
istrue
and initial password reset is completed (#36926) - resource/aws_lightsail_distribution: Fix to properly set
certificate_name
on create and update (#36888) - resource/aws_vpc_dhcp_options: Fix
NotFound
error handling on delete (#36933)
v5.45.0
NOTES:
- resource/aws_redshift_cluster: The
logging
argument is now deprecated. Use theaws_redshift_logging
resource instead. (#36862) - resource/aws_redshift_cluster: The
snapshot_copy
argument is now deprecated. Use theaws_redshift_snapshot_copy
resource instead. (#36810)
FEATURES:
ENHANCEMENTS:
- data-source/aws_sagemaker_prebuilt_ecr_image: Add
registry_id
foraf-south-1
AWS Region (#36803) - resource/aws_api_gateway_documentation_part: Add
documentation_part_id
attribute (#36445) - resource/aws_wafregional_web_acl_association: Add configurable timeouts (#36445)
- resource/aws_wafregional_web_acl_association: Add plan-time validation of
resource_arn
(#36445)
BUG FIXES:
- provider: Change the default AWS SDK for Go v2 API client
MaxBackoff
value to 300 seconds so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 (#36855) - resource/aws_datasync_location_object_storage: Allow update to
agent_arns
(#36819) - resource/aws_devopsguru_notification_channel: Fix persistent diff when
filters.message_types
orfilters.severities
contains multiple elements (#36804) - resource/aws_securityhub_configuration_policy: Mark
configuration_policy.enabled_standard_arns
as Optional, fixingInvalidInputException: Invalid semantics: Enabled standards and security control configurations must be configured when Security Hub is enabled
errors (#36740)
v5.44.0
FEATURES:
- New Data Source:
aws_devopsguru_notification_channel
(#36656) - New Data Source:
aws_devopsguru_resource_collection
(#36657) - New Data Source:
aws_ecr_lifecycle_policy_document
(#6133) - New Function:
trim_iam_role_path
(#36723) - New Resource:
aws_devopsguru_service_integration
(#36694)
ENHANCEMENTS:
- data-source/aws_servicecatalogappregistry_application: Add
application_tag
attribute (#36647) - data/aws_glue_data_catalog_encryption_settings: Add
data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role
attribute (#35978) - resource/aws_appstream_fleet: Add
desired_sessions
argument to thecompute_capacity
block. (#34266) - resource/aws_appstream_fleet: Add
max_sessions_per_instance
argument. (#34266) - resource/aws_batch_job_definition: Add update functions instead of ForceNew. Add
deregister_on_new_revision
to allow keeping prior versions ACTIVE when a new revision is published. (#35149) - resource/aws_db_instance: Adds warning when setting
character_set_name
whenreplicate_source_db
,restore_to_point_in_time
, orsnapshot_identifier
is set (#36518) - resource/aws_emr_cluster: Add
unhealthy_node_replacement
argument (#36523) - resource/aws_glue_data_catalog_encryption_settings: Add
data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role
argument (#35978) - resource/aws_servicecatalogappregistry_application: Add
application_tag
attribute (#36647) - resource/aws_transfer_server: Add
s3_storage_options
configuration block (#36664) - resource/aws_wafv2_web_acl: Add
address_fields
andphone_number_fields
tostatement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_acfp_rule_set.request_inspection
(#36685)
BUG FIXES:
- Correctly handles user agents passed using
TF_APPEND_USER_AGENT
which contain/
,(
,)
, or space. (#36738) - resource/aws_batch_scheduling_policy: Fixes error where tags could not be updated (#36517)
- resource/aws_cloudfront_key_value_store: Serialize CloudFront KeyValueStore access (#36734)
- resource/aws_cloudfrontkeyvaluestore_key: Serialize CloudFront KeyValueStore access (#36734)
- resource/aws_cognito_user_pool: Correct plan-time validation of
email_verification_message
,email_verification_subject
,admin_create_user_config.invite_message_template.email_message
,admin_create_user_config.invite_message_template.email_subject
,admin_create_user_config.invite_message_template.sms_message
,sms_authentication_message
,sms_verification_message
,verification_message_template.email_message
,verification_message_template.email_message_by_link
,verification_message_template.email_subject
,verification_message_template.email_subject_by_link
, andverification_message_template.sms_message
to count UTF-8 characters properly (#36661) - resource/aws_ecr_lifecycle_policy: Add missing
tagPatternList
change detection in policy JSON (#35231) - resource/aws_ecs_service: Correctly set
alarms.rollback
on resource Create and Update (#36691) - resource/aws_iam_user: When
force_destroy
is used and there are inline or attached policies, allow resource to be destroyed (#36640) - resource/aws_imagebuilder_distribution_configuration: Fix validation regex for
ami_distribution_configuration.name
(#36659) - resource/aws_redshift_cluster: Fix error preventing modification of a configured
snapshot_copy
block (#36655) - resource/aws_route53_record: Fix to correctly interpret alias names with wildcards (#36699)
v5.43.0
FEATURES:
- New Data Source:
aws_resourceexplorer2_search
(#36560) - New Data Source:
aws_servicecatalogappregistry_application
(#36596) - New Resource:
aws_cloudfrontkeyvaluestore_key
(#36534) - New Resource:
aws_devopsguru_notification_channel
(#36557) - New Resource:
aws_ec2_instance_metadata_defaults
(#36589) - New Resource:
aws_lakeformation_resource_lf_tag
(#36537) - New Resource:
aws_m2_application
(#35399) - New Resource:
aws_m2_deployment
(#35408) - New Resource:
aws_m2_environment
(#35311) - New Resource:
aws_redshiftserverless_custom_domain_association
(#35865) - New Resource:
aws_servicecatalogappregistry_application
(#36277)
ENHANCEMENTS:
- data-source/aws_cloudfront_function: Add
key_value_store_associations
attribute (#36585) - data-source/aws_db_snapshot: Add
original_snapshot_create_time
attribute (#36544) - resource/aws_cloudfront_function: Add
key_value_store_associations
argument (#36585) - resource/aws_ec2_host: Add user configurable timeouts (#36538)
- resource/aws_glacier_vault_lock: Allow
policy
to have leading whitespace (#36597) - resource/aws_iam_group_policy: Allow
policy
to have leading whitespace (#36597) - resource/aws_iam_policy: Allow
policy
to have leading whitespace (#36597) - resource/aws_iam_role: Allow
assume_role_policy
andinline_policy.*.policy
to have leading whitespace (#36597) - resource/aws_iam_role_policy: Allow
policy
to have leading whitespace (#36597) - resource/aws_iam_user_policy: Allow
policy
to have leading whitespace (#36597) - resource/aws_kinesisanalyticsv2_application: Add support for
FLINK-1_18
runtime_environment
value (#36562) - resource/aws_media_store_container_policy: Allow
policy
to have leading whitespace (#36597) - resource/aws_ssoadmin_permission_set_inline_policy: Allow
inline_policy
to have leading whitespace (#36597) - resource/aws_transfer_access: Allow
policy
to have leading whitespace (#36597) - resource/aws_transfer_user: Allow
policy
to have leading whitespace (#36597) - resource/aws_vpc_ipam: Add
tier
argument (#36504)
BUG FIXES:
- data-source/aws_cur_report_definition: Direct all API calls to the
us-east-1
endpoint as this is the only Region in which AWS Cost and Usage Reports is available (#36540) - resource/aws_applicationinsights_application: Make
ACTIVE
a valid create target status (#36615) - resource/aws_autoscaling_group: Don't attempt to remove scale-in protection from instances that don't have the feature enabled (#36586)
- resource/aws_cur_report_definition: Direct all API calls to the
us-east-1
endpoint as this is the only Region in which AWS Cost and Usage Reports is available (#36540) - resource/aws_elasticsearch_domain_policy: Handle delayed domain status propagation, preventing a
ValidationException
. (#36592) - resource/aws_iam_instance_profile: Detect when the associated
role
no longer exists (#34099) - resource/aws_instance: Replace an instance when an
instance_type
change also requires an architecture change, such as x86_64 to arm64 (#36590) - resource/aws_opensearch_domain_policy: Handle delayed domain status propagation, preventing a
ValidationException
. (#36592) - resource/aws_quicksight_dashboard: Fix failure when updating a dashboard takes a while (#34227)
- resource/aws_quicksight_template: Fix "Invalid address to set" errors (#34227)
- resource/aws_quicksight_template: Fix "a number is required" errors when state contains an empty string (#34227)
- resource/aws_redshift_cluster: Fix
InvalidParameterCombination
errors when updating onlyskip_final_snapshot
(#36635) - resource/aws_route53_zone: Prevent re-creation when
name
casing changes (#36563) - resource/aws_secretsmanager_secret_version: Fix to handle versions deleted out-of-band without raising an
InvalidRequestException
(#36609) - resource/aws_ssm_parameter: force create a new SSM parameter when
data_type
is updated. (#35960)
v5.42.0
FEATURES:
- New Data Source:
aws_redshift_producer_data_shares
(#36481) - New Resource:
aws_devopsguru_event_sources_config
(#36485) - New Resource:
aws_devopsguru_resource_collection
(#36489) - New Resource:
aws_dynamodb_table_export
(#30399)
ENHANCEMENTS:
- data-source/aws_vpc_peering_connection: Add
ipv6_cidr_block_set
andpeer_ipv6_cidr_block_set
attributes (#36391) - resource/aws_datasync_location_hdfs: Add
kerberos_keytab_base64
andkerberos_krb5_conf_base64
arguments (#36072) - resource/aws_finspace_kx_dataview: Add
read_write
andsegment_configuration.on_demand
arguments (#36486) - resource/aws_rds_cluster: Add
enable_local_write_forwarding
argument to support Aurora MySQL local write forwarding (#34370)
BUG FIXES:
- provider: Change the default AWS SDK for Go v2 API client
RateLimiter
toratelimit.None
so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 (#36467) - resource/aws_appautoscaling_policy: Fix errors when importing an MSK storage autoscaling policy (#34934)
- resource/aws_appautoscaling_scheduled_action: Always send
start_time
andend_time
values on update when configured (#33713) - resource/aws_appautoscaling_scheduled_action: Read correct resource by using
scalable_dimension
as an additional filter (#34382) - resource/aws_datasync_location_azure_blob: Fix missing
container_url
attribute value and badsubdirectory
attribute value from state read/refresh (#36072) - resource/aws_datasync_location_efs: Fix missing
efs_file_system_arn
attribute value from state read/refresh (#36072) - resource/aws_datasync_location_hdfs: Mark
qop_configuration
as Computed (#36072) - resource/aws_datasync_location_nfs: Fix missing
server_hostname
attribute value from state read/refresh (#36072) - resource/aws_datasync_location_s3: Fix missing
s3_bucket_arn
attribute value from state read/refresh (#36072) - resource/aws_datasync_location_smb: Fix missing
server_hostname
attribute value from state read/refresh (#36072) - resource/aws_dms_replication_config: Fix persistent change in
replication_settings
(#35670) - resource/aws_dms_replication_task: Fix persistent change in
replication_task_settings
(#35670) - resource/aws_eks_access_entry: Always send
kubernetes_groups
anduser_name
values on update when configured (#36484) - resource/aws_glue_job: Adjust
number_of_workers
minimum value to1
(#36458) - resource/aws_lexv2models_slot: Fix custom_payload typo (#36488)
- resource/aws_route: Allow resource creation if a propagated route to the same destination exists (#36512)
- resource/aws_vpn_connection:
local_ipv6_network_cidr
,remote_ipv6_network_cidr
,tunnel1_inside_ipv6_cidr
, andtunnel2_inside_ipv6_cidr
no longer requiretransit_gateway_id
to be specified (#36405)
v5.41.0
FEATURES:
- New Data Source:
aws_apprunner_hosted_zone_id
(#36288) - New Data Source:
aws_medialive_input
(#36307) - New Resource:
aws_lakeformation_data_cells_filter
(#36264) - New Resource:
aws_securityhub_configuration_policy
(#35752) - New Resource:
aws_securityhub_configuration_policy_association
(#35752) - New Resource:
aws_securitylake_subscriber_notification
(#36323)
ENHANCEMENTS:
- data-source/aws_ec2_transit_gateway_peering_attachment: Add
state
attribute (#36304) - data-source/aws_lakeformation_permissions: Add
data_cells_filter
attribute (#36264) - data-source/aws_ram_resource_share:
name
is Optional (#36062) - resource/aws_cognito_user_pool: Add
pre_token_generation_config
configuration block (#35236) - resource/aws_ec2_transit_gateway_peering_attachment: Add
state
attribute (#36304) - resource/aws_ecs_cluster: Add default value (
DEFAULT
) forconfiguration.execute_command_configuration.logging
(#36341) - resource/aws_lakeformation_permissions: Add
data_cells_filter
attribute (#36264) - resource/aws_ram_resource_association: Add plan-time validation of
resource_arn
andresource_share_arn
(#36062) - resource/aws_route53domains_registered_domain: Add
billing_contact
andbilling_privacy
arguments (#36285) - resource/aws_securityhub_organization_configuration: Add
organization_configuration
configuration block to support central configuration (#35752) - resource/aws_securityhub_organization_configuration: Set
auto_enable
tofalse
,auto_enable_standards
toNONE
, andorganization_configuration.configuration_type
toLOCAL
on resource Delete (#35752)
BUG FIXES:
- data-source/aws_iam_policy_document: Fix
Failed to marshal state to json: unsupported attribute "override_json"
andFailed to marshal state to json: unsupported attribute "source_json"
errors when runningterraform show -json
orterraform state rm
(#36383) - data-source/aws_opensearch_domain : Add
auto_tune_options.use_off_peak_window
attribute. This fixes a regression introduced in v5.40.0 causingInvalid address to set
errors (#36298) - resource/aws_cognito_identity_pool: Fix handling of resources deleted out of band (#36100)
- resource/aws_cognito_identity_provider: Fix
InvalidParameterException: ActiveEncryptionCertificate is not a valid key for SAML identity provider details
errors on resource Update (#36311) - resource/aws_ec2_instance: Remove ForceNew from
ipv6_address_count
(#36308) - resource/aws_ecs_cluster: Fix
panic: interface conversion: interface {} is nil, not map[string]interface {}
whenconfiguration
,configuration.execute_command_configuration
, orconfiguration.execute_command_configuration.log_configuration
are empty (#36341) - resource/aws_ecs_service: Fix
panic: interface conversion: interface {} is nil, not map[string]interface {}
whenservice_connect_configuration.service.timeout
is empty (#36309) - resource/aws_ecs_service:
service_connect_configuration.service.tls.issuer_cert_authority.aws_pca_authority_arn
is Required (#36309) - resource/aws_elasticache_replication_group: Fix bugs causing errors like
InvalidReplicationGroupState: Cluster not in available state to perform tagging operations.
(#36310) - resource/aws_finspace_kx_cluster: Prevent
command_line_arguments
andinitialization_script
updates from overwriting one another (#36361) - resource/aws_network_acl_rule: Fix
InvalidNetworkAclID.NotFound
errors on resource Delete (#36326) - resource/aws_network_acl_rule: Prevent creation of duplicate Terraform resources (#36326)
- resource/aws_ram_principal_association: Prevent creation of duplicate Terraform resources (#36062)
- resource/aws_ram_principal_association: Remove from state on resource Read if
principal
is disassociated outside of Terraform (#36062) - resource/aws_ram_resource_association: Prevent creation of duplicate Terraform resources (#36062)
- resource/aws_route: Prevent creation of duplicate Terraform resources (#36326)
- resource/aws_route_table: Fix
couldn't find resource
errors on resource Delete (#36326) - resource/aws_vpn_connection: Correct plan-time validation of
tunnel1_inside_ipv6_cidr
andtunnel2_inside_ipv6_cidr
(#36236)
v5.40.0
FEATURES:
- New Function:
arn_build
(#34952) - New Function:
arn_parse
(#34952) - New Resource:
aws_account_region
(#35739) - New Resource:
aws_securitylake_subscriber
(#35981)
ENHANCEMENTS:
- data-source/aws_rds_engine_version: Add
has_major_target
andhas_minor_target
optional arguments andvalid_major_targets
andvalid_minor_targets
attributes (#36246) - resource/aws_batch_job_queue: added parameter
compute_environment_order
which conflicts withcompute_environments
but aligns with AWS API.compute_environments
has been deprecated. (#34750) - resource/aws_cloudfront_distribution: Remove the upper limit on
origin.custom_origin_config.origin_read_timeout
(#36088) - resource/aws_db_instance: Add
io2
as a valid value forstorage_type
(#36252) - resource/aws_elasticache_serverless_cache: Add plan-time validation of
cache_usage_limits.ecpu_per_second.maximum
(#35927) - resource/aws_iot_policy: Add tagging support (#36102)
- resource/aws_iot_role_alias: Add tagging support (#36255)
- resource/aws_opensearch_domain: Add
use_off_peak_window
argument to theauto_tune_options
configuration block (#36067) - resource/aws_rds_cluster: Add
io2
as a valid value forstorage_type
(#36252) - resource/aws_s3_bucket_object: Adds attribute
arn
. (#35710) - resource/aws_s3_object: Adds attribute
arn
. (#35710) - resource/aws_s3_object_copy: Adds attribute
arn
. (#35710) - resource/aws_wafv2_rule_group: Add
evaluation_window_sec
argument to therate_based_statement
configuration block (#36045) - resource/aws_wafv2_web_acl: Add
evaluation_window_sec
argument to therate_based_statement
configuration block (#36045)
BUG FIXES:
- data-source/aws_rds_engine_version: Fix bugs that could limit engine version to a default version even when not appropriate (#36246)
- resource/aws_db_instance: Correctly sets
parameter_group_name
whenreplicate_source_db
is in different region. (#36080) - resource/aws_elastic_beanstalk_environment: Fix
InvalidParameterValue: Environment named ... is in an invalid state for this operation. Must be Ready
errors whentags
are updated along with other attributes (#36074) - resource/aws_elasticache_serverless_cache: Change
cache_usage_limits.data_storage.maximum
andcache_usage_limits.ecpu_per_second.maximum
to ForceNew (#35927) - resource/aws_medialive_channel: Fix handling of optional
encoder_settings.audio_descriptions
arguments (#36097) - resource/aws_rds_global_cluster: Fix bugs and delays that could occur when performing major or minor version upgrades (#36246)
- resource/aws_s3_bucket: Tags with empty values no longer remove all tags. (#35710)
- resource/aws_s3_bucket_object: Tags with empty values no longer remove all tags. (#35710)
- resource/aws_s3_object: Tags with empty values no longer remove all tags. (#35710)
- resource/aws_s3_object_copy: Tags with empty values no longer remove all tags. (#35710)
- resource/aws_vpclattice_listener_rule: Remove
action.forward.target_groups
maximum item limit (#36095)
v5.39.1
v5.39.0
FEATURES:
- New Data Source:
aws_redshift_data_shares
(#35937) - New Resource:
aws_apprunner_deployment
(#35758) - New Resource:
aws_config_retention_configuration
(#15136) - New Resource:
aws_securityhub_automation_rule
(#34781) - New Resource:
aws_shield_proactive_engagement
(#34667)
ENHANCEMENTS:
- aws_kinesis_firehose_delivery_stream: Add
custom_time_zone
andfile_extension
arguments to theextended_S3_configuration
configuration block (#35969) - resource/aws_appflow_flow: Allow
task.source_fields
to be anull
value (#35993) - resource/aws_codepipeline: Add
trigger
configuration block (#35475) - resource/aws_config_configuration_recorder: Add plan-time validation of
aws_config_organization_custom_rule.lambda_function_arn
(#15136) - resource/aws_instance: Add configurable
read
timeout (#35955) - resource/aws_instance: Apply default tags to volumes/block devices managed through an
aws_instance
, addebs_block_device.*.tags_all
androot_block_device.*.tags_all
attributes which include default tags (#33769) - resource/aws_mq_broker: Add
data_replication_mode
anddata_replication_primary_broker_arn
arguments, enabling support for cross-region data replication (#35990) - resource/aws_mwaa_environment: Add
endpoint_management
attribute (#35961) - resource/aws_redshiftserverless_namespace:
Add attributesadmin_password_secret_kms_key_id
andmanage_admin_password
(#35965) - resource/aws_shield_drt_access_log_bucket_association: Support resource import (#34667)
- resource/aws_shield_drt_access_role_arn_association: Support resource import (#34667)
- resource/aws_spot_instance_request: Add configurable
read
timeout (#35955) - resource/aws_wafv2_web_acl: Add
application_integration_url
attribute (#35974)
BUG FIXES:
- data/aws_redshiftserverless_namespace: Properly set
iam_roles
attribute on read (#35965) - resource/aws_appflow_flow: Fix perpetual diff when
task.task_type
is set toMap_all
(#35993) - resource/aws_config_configuration_recorder: Fix
panic: interface conversion: interface {} is nil, not map[string]interface {}
whenrecording_group.exclusion_by_resource_types
is empty (#15136) - resource/aws_config_rule: Change
name
to ForceNew (#15136) - resource/aws_config_rule: Fix
InvalidParameterValueException: PolicyText is required when Owner is CUSTOM_POLICY
errors on resource Update (#15136) - resource/aws_ecs_task_definition: Fix perpetual
container_definitions
diffs whenName
s are ordered differently (#36029) - resource/aws_msk_replicator: Fix incorrect
detect_and_copy_new_topics
attribute value from state read/refresh (#35966) - resource/aws_redshiftserverless_workgroup: Fix
max_capacity
removal (#36032) - resource/aws_redshiftserverless_workgroup: Fix updating both
base_capacity
andmax_capacity
(#36032) - resource/aws_shield_drt_access_log_bucket_association: Change
log_bucket
androle_arn_association_id
to ForceNew (#34667)