NOTES:
- resource/aws_route53_zone_association: The addition of cross-account zone association support required the use of new
ListHostedZonesByVPC
API call and adding the VPC Region to the resource ID for new resources. Restrictive IAM permissions for Terraform and cross-region imports may require updates. (#14215)
FEATURES
- New Data Source:
aws_ec2_spot_price
(#12504) - New Resource:
aws_route53_vpc_association_authorization
(#14215)
ENHANCEMENTS
- data-source/aws_ecr_repository: Allow
registry_id
as an argument (#14368) - data-source/aws_ecr_repository: Add
image_scanning_configuration
andimage_tag_mutability
attributes (#14368) - data-source/aws_ecr_repository: Add
encryption_configuration
attribute (#14520) - resource/aws_api_gateway_method_settings: Plan-time validation added to
settings
unauthorized_cache_control_header_strategy
andlogging_level
arguments (#12651) - resource/aws_ecr_repository: Add
encryption_configuration
attribute (#14520) - resource/aws_lb: Add
subnet_mapping
configuration blockprivate_ipv4_address
argument (#11404) - resource/aws_rds_global_cluster: Add
force_destroy
andsource_db_cluster_identifier
arguments (#14487) - resource/aws_rds_global_cluster: Add
global_cluster_members
attribute (#14487) - resource/aws_route53_zone_association: Cross-account zone associations can now be created in conjunction with the new
aws_route53_vpc_association_authorization
resource (#14215) - resource/aws_ssm_parameter: Add
data_type
argument (supportaws:ec2:image
parameters) (#13326)
BUG FIXES
- data-source/aws_availability_zones: Prevent unexpected plan output every apply with
group_names
attribute (#14412) - data-source/aws_s3_bucket: Ensure provider
s3_force_path_style
configuration is passed through for getting S3 Bucket location with non-AWS implementations (#14481) - resource/aws_api_gateway_method_settings: Allow
settings
cache_ttl_in_seconds
argument to be set to 0 (#12651) - resource/aws_elastictranscoder_preset: Prevent empty configuration block panics (#14092)
- resource/aws_lambda_event_source_mapping: Allow
maximum_retry_attempts
argument to be set to 0 (#12479) - resource/aws_rds_cluster: Add an
InvalidDBClusterStateFault
retryable error condition for clusters part of a global cluster (#14420) - resource/aws_rds_cluster: Increase retry timeout for deletion to 2 minutes (#14420)
- resource/aws_rds_cluster: Prevent error when both
global_cluster_identifier
andreplication_source_identifier
are configured on creation (#14490) - resource/aws_s3_bucket: Ensure provider
s3_force_path_style
configuration is passed through for getting S3 Bucket location with non-AWS implementations (#14481) - resource/aws_secretsmanager_secret: Allow retries for IAM eventual consistency errors (#14459)
- resource/aws_security_group: Ensure
name_prefix
argument with hex digitsa
throughf
is properly imported (#14475) - resource/aws_spot_fleet_request: Allow
target_capacity
argument to be updated to 0 (#12759) - resource/aws_spot_fleet_request: Wait for modify operation completion (default timeout of 10 minutes) (#12759)
- resource/aws_vpc_dhcp_options_association: Properly trigger resource recreation when VPC is deleted outside Terraform (#14367)