FEATURES:
- New Data Source:
aws_cloudfront_cache_policy
(#17336) - New Resource:
aws_cloudfront_cache_policy
(#17336) - New Resource:
aws_cloudfront_realtime_log_config
(#14974) - New Resource:
aws_config_conformance_pack
(#17313) - New Resource:
aws_sagemaker_model_package_group
(#17366) - New Resource:
aws_securityhub_organization_admin_account
(#17501) - New Resource:
aws_synthetics_canary
(#13140)
ENHANCEMENTS:
- data-source/aws_customer_gateway: Add
device_name
attribute (#14786) - data-source/aws_iam_policy_document: Support merging policy documents by adding
source_policy_documents
andoverride_policy_documents
arguments (#12055) - provider: Add terraform-provider-aws version to HTTP User-Agent header (#17486)
- resource/aws_budgets_budget: Add
arn
attribute (#13139) - resource/aws_budgets_budget: Add plan time validation for
budget_type
,time_unit
, andsubscriber_sns_topic_arns
arguments (#13139) - resource/aws_cloudfront_distribution: Add
cache_policy_id
attribute (#17336) - resource/aws_cloudfront_distribution: Add
realtime_log_config_arn
attribute todefault_cache_behavior
andordered_cache_behavior
configuration blocks (#14974) - resource/aws_cloudfront_public_key: Add import support (#17044)
- resource/aws_cloudwatch_log_destination: Add plan time validation to
role_arn
,name
andtarget_arn
. (#11687) - resource/aws_cloudwatch_log_group: Add plan time validation for
retention_in_days
argument (#14673) - resource/aws_codebuild_report_group: Add
delete_reports
argument (#17338) - resource/aws_codestarconnections_connection: Add
tags
argument (#16835) - resource/aws_customer_gateway: Add
device_name
argument (#14786) - resource/aws_dynamodb_table: Add plan-time validation for indexes on undefined attributes (#6364)
- resource/aws_ec2_capacity_reservation: Add
owner_id
attribute (#17129) - resource/aws_ec2_traffic_mirror_filter: Add
arn
attribute. (#13948) - resource/aws_ec2_traffic_mirror_filter_rule: Add arn attribute. (#13949)
- resource/aws_ec2_traffic_mirror_filter_rule: Add plan time validation to
destination_port_range.from_port
,
destination_port_range.to_port
,source_port_range.from_port
, andsource_port_range.to_port
. (#13949) - resource/aws_elastictranscoder_pipeline: Add plan time validations to
content_config.storage_class
,content_config_permissions.access
,content_config_permissions.grantee_type
,
notifications.completed
,notifications.error
,notifications.progressing
,notifications.warning
,
thumbnail_config.storage_class
,thumbnail_config_permissions.access
,thumbnail_config_permissions.grantee_type
(#13973) - resource/aws_fms_policy: Allow use of
resource_type
orresource_type_list
attributes (#17418) - resource/aws_imagebuilder_image_recipe: Add
gp3
as a valid value for thevolume_type
attribute (#17286) - resource/aws_lambda_event_source_mapping: Add
topics
attribute to support Amazon MSK as an event source (#14746) - resource/aws_lb_listener_certificate: Add import support (#16474)
- resource/aws_licensemanager_license_configuration: Add
arn
andowner_account_id
attributes (#17160) - resource/aws_ses_active_receipt_rule_set: Add
arn
attribute (#13962) - resource/aws_ses_active_receipt_rule_set: Add plan time validation for
rule_set_name
argument (#13962) - resource/aws_ses_configuration_set: Add
arn
attribute. (#13972) - resource/aws_ses_configuration_set: Add
delivery_options
argument (#11600) - resource/aws_ses_configuration_set: Add plan time validation to
name
. (#13972) - resource/aws_ses_event_destination: Add
arn
attribute (#13964) - resource/aws_ses_event_destination: Add plan time validation for
name
,cloudwatch_destination.default_value
,cloudwatch_destination.default_name
,kinesis_destination.role_arn
,kinesis_destination.stream_arn
, andsns_destination.topic_arn
attributes (#13964) - resource/aws_ses_receipt_rule: Add
arn
attribute (#13960) - resource/aws_ses_receipt_rule: Add plan time validations for
name
,tls_policy
,add_header_action.header_name
,add_header_action.header_value
,bounce_action.topic_arn
,lambda_action.function_arn
,lambda_action.topic_arn
,lambda_action.invocation_type
,s3_action,topic_arn
,sns_action.topic_arn
,stop_action.scope
,stop_action.topic_arn
,workmail_action.topic_arn
, andworkmail_action.organization_arn
attributes (#13960) - resource/aws_ses_template: Add
arn
attribute (#13963) - resource/aws_sns_topic_subscription: Add
redrive_policy
argument (#11770) - resource/aws_ssm_association: Add
apply_only_at_cron_interval
argument (#15038) - resource/aws_ssm_document: Add
version_name
argument (#14128) - resource/aws_ssm_maintenance_window_task: Add
task_invocation_parameters
run_command_parameters
blockcloudwatch_config
anddocument_version
arguments (#11774) - resource/aws_ssm_maintenance_window_task: Add plan time validation to
max_concurrency
,max_errors
,priority
,service_role_arn
,targets
,targets.notification_arn
,targets.service_role_arn
,task_type
,task_invocation_parameters.run_command_parameters.comment
,task_invocation_parameters.run_command_parameters.document_hash
,task_invocation_parameters.run_command_parameters.timeout_seconds
, andtask_invocation_parameters.run_command_parameters.notification_config.notification_events
arguments (#11774) - resource/aws_ssm_maintenance_window_task: Make
service_role_arn
optional (#12200) - resource/aws_ssm_patch_baseline: Add
approval_rule
blockapprove_until_date
argument (#13850) - resource/aws_ssm_patch_baseline: Add
approved_patches_enable_non_security
andrejected_patches_action
arguments (#11772) - resource/aws_ssm_patch_baseline: Add
source
configuration block (#11879) - resource/aws_ssm_patch_baseline: Adds
arn
attribute. (#11772) - resource/aws_ssm_patch_baseline: Adds plan time validation for
name
,description
,global_filter.key
,global_filter.values
,
approved_patches
,rejected_patches
,approval_rule.approve_after_days
,approval_rule.patch_filter.key
, andapproval_rule.patch_filter.values
. (#11772)
BUG FIXES:
- resource/aws_glue_catalog_database: Use Catalog Id when deleting Databases. (#17489)
- resource/aws_iam_instance_profile: Detach role when role doesn't exist + remove when deleted from state. (#16188)
- resource/aws_instance: Fix use of
throughput
andiops
forgp3
volumes at the same time (#17380) - resource/aws_lambda_event_source_mapping: Wait for create and update operations to complete (#14765)
- resource/aws_lambda_function: Prevent crash when using
Image
package type (#17082) - resource/aws_ssm_parameter: Use ARN value from API response rather than generating the value (#16618)
- resource/aws_wafv2_web_acl_association: Increase creation timeout value from 2 to 5 minutes to prevent WAFUnavailableEntityException (#17545)