github hashicorp/terraform-provider-aws v4.9.0
on GitHub

latest releases: v5.75.1, v5.75.0, v5.74.0...
2 years ago

OTES:

  • resource/aws_s3_bucket: The acceleration_status, acl, cors_rule, grant, lifecycle_rule, logging, object_lock_configuration.rule, policy, replication_configuration, request_payer, server_side_encryption_configuration, versioning, and website parameters are now Optional. Please refer to the documentation for details on drift detection and potential conflicts when configuring these parameters with the standalone aws_s3_bucket_* resources. (#23985)

FEATURES:

  • New Data Source: aws_eks_addon_version (#23157)
  • New Data Source: aws_lambda_function_url (#24053)
  • New Data Source: aws_memorydb_acl (#23891)
  • New Data Source: aws_memorydb_cluster (#23991)
  • New Data Source: aws_memorydb_snapshot (#23990)
  • New Data Source: aws_memorydb_user (#23890)
  • New Data Source: aws_opensearch_domain (#23902)
  • New Data Source: aws_ssm_maintenance_windows (#24011)
  • New Resource: aws_db_instance_automated_backups_replication (#23759)
  • New Resource: aws_dynamodb_contributor_insights (#23947)
  • New Resource: aws_iot_indexing_configuration (#9929)
  • New Resource: aws_iot_logging_options (#13392)
  • New Resource: aws_iot_provisioning_template (#12108)
  • New Resource: aws_lambda_function_url (#24053)
  • New Resource: aws_opensearch_domain (#23902)
  • New Resource: aws_opensearch_domain_policy (#23902)
  • New Resource: aws_opensearch_domain_saml_options (#23902)
  • New Resource: aws_rds_cluster_activity_stream (#22097)

ENHANCEMENTS:

  • data-source/aws_imagebuilder_distribution_configuration: Add account_id attribute to the launch_template_configuration attribute of the distribution configuration block (#23924)
  • data-source/aws_route: Add core_network_arn argument (#24024)
  • data-source/aws_route_table: Add 'routes.core_network_arn' attribute' (#24024)
  • provider: Add support for reading custom CA bundle setting from shared config files (#24064)
  • resource/aws_cloudformation_stack_set: Add operation_preferences argument (#23908)
  • resource/aws_default_route_table: Add core_network_arn argument to the route configuration block (#24024)
  • resource/aws_dlm_lifecycle_policy: Add policy_details.schedule.create_rule.cron_expression, policy_details.schedule.retain_rule.interval, policy_details.schedule.retain_rule.interval_unit, policy_details.policy_type, policy_details.schedule.deprecate_rule, policy_details.parameters, policy_details.schedule.variable_tags, policy_details.schedule.fast_restore_rule, policy_details.schedule.share_rule, policy_details.resource_locations, policy_details.schedule.create_rule.location, policy_details.action and policy_details.event_source arguments (#23880)
  • resource/aws_dlm_lifecycle_policy: Add plan time validations for policy_details.resource_types and description arguments (#23880)
  • resource/aws_dlm_lifecycle_policy: Make policy_details.resource_types, policy_details.schedule, policy_details.target_tags, policy_details.schedule.retain_rule and policy_details.schedule.create_rule.interval arguments optional (#23880)
  • resource/aws_elasticache_cluster: Add auto_minor_version_upgrade argument (#23996)
  • resource/aws_fms_policy: Retry when InternalErrorException errors are returned from the AWS API (#23952)
  • resource/aws_fsx_ontap_file_system: Support updating storage_capacity, throughput_capacity, and disk_iops_configuration. (#24002)
  • resource/aws_imagebuilder_distribution_configuration: Add account_id argument to the launch_template_configuration attribute of the distribution configuration block (#23924)
  • resource/aws_iot_authorizer: Add enable_caching_for_http argument (#23993)
  • resource/aws_lambda_permission: Add principal_org_id argument. (#24001)
  • resource/aws_mq_broker: Add validation to broker_name and security_groups arguments (#18088)
  • resource/aws_organizations_account: Add close_on_deletion argument to close account on deletion (#23930)
  • resource/aws_route: Add core_network_arn argument (#24024)
  • resource/aws_route_table: Add core_network_arn argument to the route configuration block (#24024)
  • resource/aws_s3_bucket: Speed up resource deletion, especially when the S3 buckets contains a large number of objects and force_destroy is true (#24020)
  • resource/aws_s3_bucket: Update acceleration_status parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_accelerate_configuration resource. (#23816)
  • resource/aws_s3_bucket: Update acl and grant parameters to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring these parameters with the standalone aws_s3_bucket_acl resource. (#23798)
  • resource/aws_s3_bucket: Update cors_rule parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_cors_configuration resource. (#23817)
  • resource/aws_s3_bucket: Update lifecycle_rule parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_lifecycle_configuration resource. (#23818)
  • resource/aws_s3_bucket: Update logging parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_logging resource. (#23819)
  • resource/aws_s3_bucket: Update object_lock_configuration.rule parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_object_lock_configuration resource. (#23984)
  • resource/aws_s3_bucket: Update policy parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_policy resource. (#23843)
  • resource/aws_s3_bucket: Update replication_configuration parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_replication_configuration resource. (#23842)
  • resource/aws_s3_bucket: Update request_payer parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_request_payment_configuration resource. (#23844)
  • resource/aws_s3_bucket: Update server_side_encryption_configuration parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_server_side_encryption_configuration resource. (#23822)
  • resource/aws_s3_bucket: Update versioning parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_versioning resource. (#23820)
  • resource/aws_s3_bucket: Update website parameter to be configurable. Please refer to the documentation for details on drift detection and potential conflicts when configuring this parameter with the standalone aws_s3_bucket_website_configuration resource. (#23821)
  • resource/aws_storagegateway_gateway: Add maintenance_start_time argument (#15355)
  • resource/aws_storagegateway_nfs_file_share: Add bucket_region and vpc_endpoint_dns_name arguments to support PrivateLink endpoints (#24038)
  • resource/aws_vpc_ipam: add cascade argument (#23973)
  • resource/aws_vpn_connection: Add core_network_arn and core_network_attachment_arn attributes (#24024)
  • resource/aws_xray_group: Add insights_configuration argument (#24028)

BUG FIXES:

  • data-source/aws_elasticache_cluster: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#23979)
  • resource/aws_backup_report_plan: Wait for asynchronous lifecycle operations to complete (#23967)
  • resource/aws_cloudformation_stack_set: Consider QUEUED a valid pending state for resource creation (#22160)
  • resource/aws_dynamodb_table_item: Allow item names to still succeed if they include non-letters (#14075)
  • resource/aws_elasticache_cluster: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#23979)
  • resource/aws_elasticache_parameter_group: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#23979)
  • resource/aws_elasticache_replication_group: Allow disabling auto_minor_version_upgrade (#23996)
  • resource/aws_elasticache_replication_group: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#23979)
  • resource/aws_elasticache_replication_group: Waits for available state before updating tags (#24021)
  • resource/aws_elasticache_subnet_group: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#23979)
  • resource/aws_elasticache_user: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#23979)
  • resource/aws_elasticache_user_group: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#23979)
  • resource/aws_elasticsearch_domain_saml_option: Fix difference caused by subject_key default not matching AWS default; old and new defaults are equivalent (#20892)
  • resource/aws_lb: Fix attribute key not recognized issue preventing creation in ISO-B regions (#23972)
  • resource/aws_redshift_cluster: Correctly use number_of_nodes argument value when restoring from snapshot (#13203)
  • resource/aws_route: Ensure that resource ID is set in case of wait-for-creation time out (#24024)
  • resource/aws_s3_bucket_lifecycle_configuration: Prevent MalformedXML errors when handling diffs in rule.filter (#23893)

4.8.0 (March 25, 2022)

FEATURES:

  • New Data Source: aws_mskconnect_connector (#23792)
  • New Resource: aws_mskconnect_connector (#23765)

ENHANCEMENTS:

  • data-source/aws_eips: Set public_ips for VPC as well as EC2 Classic (#23859)
  • data-source/aws_elasticache_cluster: Add log_delivery_configuration attribute (#20068)
  • data-source/aws_elasticache_replication_group: Add log_delivery_configuration attribute (#20068)
  • data-source/aws_elasticsearch_domain: Add cold_storage_options attribute to the cluster_config configuration block (#19713)
  • data-source/aws_lambda_function: Add ephemeral_storage attribute (#23873)
  • resource/aws_elasticache_cluster: Add log_delivery_configuration argument (#20068)
  • resource/aws_elasticache_replication_group: Add log_delivery_configuration argument (#20068)
  • resource/aws_elasticsearch_domain: Add cold_storage_options argument to the cluster_config configuration block (#19713)
  • resource/aws_elasticsearch_domain: Add configurable Create and Delete timeouts (#19713)
  • resource/aws_lambda_function: Add ephemeral_storage argument (#23873)
  • resource/aws_lambda_function: Add error handling for ResourceConflictException errors on create and update (#23879)
  • resource/aws_mskconnect_custom_plugin: Implement resource Delete (#23544)
  • resource/aws_mwaa_environment: Add schedulers argument (#21941)
  • resource/aws_network_firewall_policy: Allow use of managed rule group arns for network firewall managed rule groups. (#22355)

BUG FIXES:

  • resource/aws_autoscaling_group: Fix issue where group was not recreated if initial_lifecycle_hook changed (#20708)
  • resource/aws_cloudfront_distribution: Fix default value of origin_path in origin block (#20709)
  • resource/aws_cloudwatch_event_target: Fix setting path_parameter_values. (#23862)

4.7.0 (March 24, 2022)

FEATURES:

  • New Data Source: aws_cloudwatch_event_bus (#23792)
  • New Data Source: aws_imagebuilder_image_pipelines (#23741)
  • New Data Source: aws_memorydb_parameter_group (#23814)
  • New Data Source: aws_route53_traffic_policy_document (#23602)
  • New Resource: aws_cognito_user_in_group (#23765)
  • New Resource: aws_keyspaces_keyspace (#23770)
  • New Resource: aws_route53_traffic_policy (#23602)
  • New Resource: aws_route53_traffic_policy_instance (#23602)

ENHANCEMENTS:

  • data-source/aws_imagebuilder_distribution_configuration: Add organization_arns and organizational_unit_arns attributes to the distribution.ami_distribution_configuration.launch_permission configuration block (#22104)
  • data-source/aws_msk_cluster: Add zookeeper_connect_string_tls attribute (#23804)
  • data-source/aws_ssm_document: Support TEXT document_format (#23757)
  • resource/aws_api_gateway_stage: Add canary_settings argument. (#23754)
  • resource/aws_athena_workgroup: Add acl_configuration and expected_bucket_owner arguments to the configuration.result_configuration block (#23748)
  • resource/aws_autoscaling_group: Add instance_reuse_policy argument to support Warm Pool scale-in (#23769)
  • resource/aws_autoscaling_group: Update documentation to include Warm Pool hibernation (#23772)
  • resource/aws_cloudformation_stack_set_instance: Add operation_preferences argument (#23666)
  • resource/aws_cloudwatch_log_subscription_filter: Add plan time validations for name, destination_arn, filter_pattern, role_arn, distribution. (#23760)
  • resource/aws_glue_schema: Update documentation to include Protobuf data format support (#23815)
  • resource/aws_imagebuilder_distribution_configuration: Add organization_arns and organizational_unit_arns arguments to the distribution.ami_distribution_configuration.launch_permission configuration block (#22104)
  • resource/aws_instance: Add user_data_replace_on_change attribute (#23604)
  • resource/aws_ssm_maintenance_window_task: Add arn and window_task_id attributes. (#23756)
  • resource/aws_ssm_maintenance_window_task: Add cutoff_behavior argument. (#23756)

BUG FIXES:

  • data-source/aws_ssm_document: Dont generate arn for AWS managed docs. (#23757)
  • resource/aws_ecs_service: Ensure that load_balancer and service_registries can be updated in-place (#23786)
  • resource/aws_launch_template: Fix network_interfaces.device_index and network_interfaces.network_card_index of 0 not being set (#23767)
  • resource/aws_ssm_maintenance_window_task: Allow creating a window taks without targets. (#23756)

4.6.0 (March 18, 2022)

FEATURES:

  • New Data Source: aws_networkmanager_connection (#13251)
  • New Data Source: aws_networkmanager_connections (#13251)
  • New Data Source: aws_networkmanager_device (#13251)
  • New Data Source: aws_networkmanager_devices (#13251)
  • New Data Source: aws_networkmanager_global_network (#13251)
  • New Data Source: aws_networkmanager_global_networks (#13251)
  • New Data Source: aws_networkmanager_link (#13251)
  • New Data Source: aws_networkmanager_links (#13251)
  • New Data Source: aws_networkmanager_site (#13251)
  • New Data Source: aws_networkmanager_sites (#13251)
  • New Resource: aws_gamelift_game_server_group (#23606)
  • New Resource: aws_networkmanager_connection (#13251)
  • New Resource: aws_networkmanager_customer_gateway_association (#13251)
  • New Resource: aws_networkmanager_device (#13251)
  • New Resource: aws_networkmanager_global_network (#13251)
  • New Resource: aws_networkmanager_link (#13251)
  • New Resource: aws_networkmanager_link_association (#13251)
  • New Resource: aws_networkmanager_site (#13251)
  • New Resource: aws_networkmanager_transit_gateway_connect_peer_association (#13251)
  • New Resource: aws_networkmanager_transit_gateway_registration (#13251)
  • New Resource: aws_vpc_endpoint_security_group_association (#13737)

ENHANCEMENTS:

  • data-source/aws_ec2_transit_gateway_connect_peer: Add arn attribute (#13251)
  • data-source/aws_imagebuilder_image: Add container_recipe_arn attribute (#23647)
  • data-source/aws_launch_template: Add capacity_reservation_resource_group_arn attribute to the capacity_reservation_specification.capacity_reservation_target configuration block (#23365)
  • data-source/aws_launch_template: Add capacity_reservation_specification, cpu_options, elastic_inference_accelerator and license_specification attributes (#23365)
  • data-source/aws_launch_template: Add ipv4_prefixes, ipv4_prefix_count, ipv6_prefixes and ipv6_prefix_count attributes to the network_interfaces configuration block (#23365)
  • data-source/aws_launch_template: Add private_dns_name_options attribute (#23365)
  • data_source/aws_redshift_cluster: Add availability_zone_relocation_enabled attribute. (#20812)
  • resource/aws_appconfig_configuration_profile: Add type argument to support AWS AppConfig Feature Flags (#23719)
  • resource/aws_athena_database: Add acl_configuration and expected_bucket_owner arguments (#23745)
  • resource/aws_athena_database: Add comment argument to support database descriptions (#23745)
  • resource/aws_athena_database: Do not recreate the resource if bucket changes (#23745)
  • resource/aws_cloud9_environment_ec2: Add connection_type and image_id arguments (#19195)
  • resource/aws_cloudformation_stack_set:_instance: Add call_as argument (#23339)
  • resource/aws_dms_replication_task: Add optional start_replication_task and status argument (#23692)
  • resource/aws_ec2_transit_gateway_connect_peer: Add arn attribute (#13251)
  • resource/aws_ecs_service: enable_ecs_managed_tags, load_balancer, propagate_tags and service_registries can now be updated in-place (#23600)
  • resource/aws_imagebuilder_image: Add container_recipe_arn argument (#23647)
  • resource/aws_iot_certificate: Add ca_pem argument, enabling the use of existing IoT certificates (#23126)
  • resource/aws_iot_topic_rule: Add cloudwatch_logs and error_action.cloudwatch_logs arguments (#23440)
  • resource/aws_launch_configuration: Add ephemeral_block_device.no_device argument (#23152)
  • resource/aws_launch_template: Add capacity_reservation_resource_group_arn argument to the capacity_reservation_specification.capacity_reservation_target configuration block (#23365)
  • resource/aws_launch_template: Add ipv4_prefixes, ipv4_prefix_count, ipv6_prefixes and ipv6_prefix_count arguments to the network_interfaces configuration block (#23365)
  • resource/aws_launch_template: Add private_dns_name_options argument (#23365)
  • resource/aws_msk_configuration: Correctly set latest_revision as Computed when server_properties changes (#23662)
  • resource/aws_quicksight_user: Allow custom values for namespace (#23607)
  • resource/aws_rds_cluster: Add db_cluster_instance_class, allocated_storage, storage_type, and iops arguments to support Multi-AZ deployments for MySQL & PostgreSQL (#23684)
  • resource/aws_rds_global_cluster: Add configurable timeouts (#23560)
  • resource/aws_rds_instance: Add source_db_instance_automated_backup_arn option within restore_to_point_in_time attribute (#23086)
  • resource/aws_redshift_cluster: Add availability_zone_relocation_enabled attribute and allow availability_zone to be changed in-place. (#20812)
  • resource/aws_transfer_server: Add pre_authentication_login_banner and post_authentication_login_banner arguments (#23631)
  • resource/aws_vpc_endpoint: The security_group_ids attribute can now be empty when the resource is created. In this case the VPC's default security is associated with the VPC endpoint (#13737)

BUG FIXES:

  • resource/aws_amplify_app: Allow repository to be updated in-place (#23517)
  • resource/aws_api_gateway_stage: Fixed issue with providing cache_cluster_size without cache_cluster_enabled resulted in waiter error (#23091)
  • resource/aws_athena_database: Remove from state on resource Read if deleted outside of Terraform (#23745)
  • resource/aws_cloudformation_stack_set: Use call_as attribute when reading stack sets, fixing an error raised when using a delegated admistrator account (#23339)
  • resource/aws_cloudsearch_domain: Set correct defaults for index_field.facet, index_field.highlight, index_field.return, index_field.search and index_field.sort, preventing spurious resource diffs (#23687)
  • resource/aws_db_instance: Fix issues where configured update timeout was not respected, and update would fail if instance were in the process of being configured. (#23560)
  • resource/aws_rds_event_subscription: Fix issue where enabled was sometimes not updated (#23560)
  • resource/aws_rds_global_cluster: Fix ability to perform cluster version upgrades, including of clusters in distinct regions, such as previously got error: "Invalid database cluster identifier" (#23560)
  • resource/aws_route53domains_registered_domain: Redirect all Route 53 Domains AWS API calls to the us-east-1 Region (#23672)
  • resource/aws_s3_bucket_acl: Fix resource import for S3 bucket names consisting of uppercase letters, underscores, and a maximum of 255 characters (#23678)
  • resource/aws_s3_bucket_lifecycle_configuration: Support empty string filtering (default behavior of the aws_s3_bucket.lifecycle_rule parameter in provider versions prior to v4.0) (#23746)
  • resource/aws_s3_bucket_replication_configuration: Change rule configuration block to list instead of set (#23703)
  • resource/aws_s3_bucket_replication_configuration: Set rule.id as Computed to prevent drift when the value is not configured (#23703)
  • resource/aws_s3_bucket_versioning: Add missing support for Disabled bucket versioning (#23723)

4.5.0 (March 11, 2022)

ENHANCEMENTS:

  • resource/aws_account_alternate_contact: Add configurable timeouts (#23516)
  • resource/aws_s3_bucket: Add error handling for NotImplemented errors when reading object_lock_enabled and object_lock_configuration into terraform state. (#13366)
  • resource/aws_s3_bucket: Add top-level object_lock_enabled parameter (#23556)
  • resource/aws_s3_bucket_replication_configuration: Add token field to specify
    x-amz-bucket-object-lock-token for enabling replication on object lock enabled
    buckets or enabling object lock on an existing bucket. (#23624)
  • resource/aws_servicecatalog_budget_resource_association: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_constraint: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_organizations_access: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_portfolio: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_portfolio_share: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_principal_portfolio_association: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_product: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_product_portfolio_association: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_provisioned_product: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_provisioning_artifact: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_service_action: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_tag_option: Add configurable timeouts (#23518)
  • resource/aws_servicecatalog_tag_option_resource_association: Add configurable timeouts (#23518)
  • resource/aws_synthetics_canary: Add optional environment_variables to run_config. (#23574)

BUG FIXES:

  • resource/aws_account_alternate_contact: Improve eventual consistency handling to avoid "no resource found" on updates (#23516)
  • resource/aws_image_builder_image_recipe: Fix regression in 4.3.0 whereby Windows-based images wouldn't build because of the newly introduced systems_manager_agent.uninstall_after_build argument. (#23580)
  • resource/aws_kms_external_key: Increase tags eventual consistency timeout from 5 minutes to 10 minutes (#23593)
  • resource/aws_kms_key: Increase description and tags eventual consistency timeouts from 5 minutes to 10 minutes (#23593)
  • resource/aws_kms_replica_external_key: Increase tags eventual consistency timeout from 5 minutes to 10 minutes (#23593)
  • resource/aws_kms_replica_key: Increase tags eventual consistency timeout from 5 minutes to 10 minutes (#23593)
  • resource/aws_s3_bucket_lifecycle_configuration: Correctly configure rule.filter.object_size_greater_than and rule.filter.object_size_less_than in API requests and terraform state (#23441)
  • resource/aws_s3_bucket_lifecycle_configuration: Prevent drift when rule.noncurrent_version_expiration.newer_noncurrent_versions or rule.noncurrent_version_transition.newer_noncurrent_versions is not specified (#23441)
  • resource/aws_s3_bucket_replication_configuration: Correctly configure empty rule.filter configuration block in API requests (#23586)
  • resource/aws_s3_bucket_replication_configuration: Ensure both key and value arguments of the rule.filter.tag configuration block are correctly populated in the outgoing API request and terraform state. (#23579)
  • resource/aws_s3_bucket_replication_configuration: Prevent inconsistent final plan when rule.filter.prefix is an empty string (#23586)

4.4.0 (March 04, 2022)

FEATURES:

  • New Data Source: aws_connect_queue (#22768)
  • New Data Source: aws_ec2_serial_console_access (#23443)
  • New Data Source: aws_ec2_transit_gateway_connect (#22181)
  • New Data Source: aws_ec2_transit_gateway_connect_peer (#22181)
  • New Resource: aws_apprunner_vpc_connector (#23173)
  • New Resource: aws_connect_routing_profile (#22813)
  • New Resource: aws_connect_user_hierarchy_structure (#22836)
  • New Resource: aws_ec2_network_insights_path (#23330)
  • New Resource: aws_ec2_serial_console_access (#23443)
  • New Resource: aws_ec2_transit_gateway_connect (#22181)
  • New Resource: aws_ec2_transit_gateway_connect_peer (#22181)
  • New Resource: aws_grafana_license_association (#23401)
  • New Resource: aws_route53domains_registered_domain (#12711)

ENHANCEMENTS:

  • data-source/aws_ec2_transit_gateway: Add transit_gateway_cidr_blocks attribute (#22181)
  • data-source/aws_eks_node_group: Add taints attribute (#23452)
  • resource/aws_apprunner_service: Add network_configuration argument (#23173)
  • resource/aws_cloudwatch_metric_alarm: Additional allowed values for extended_statistic and metric_query.metric.stat arguments (#22942)
  • resource/aws_ec2_transit_gateway: Add custom timeouts block (#22181)
  • resource/aws_ec2_transit_gateway: Add transit_gateway_cidr_blocks argument (#22181)
  • resource/aws_eks_cluster: Retry when ResourceInUseException errors are returned from the AWS API during resource deletion (#23366)
  • resource/aws_glue_job: Add support for streaming jobs by removing the default value for the timeout argument and marking it as Computed (#23275)
  • resource/aws_lambda_function: Add support for dotnet6 runtime value (#23426)
  • resource/aws_lambda_layer_version: Add support for dotnet6 compatible_runtimes value (#23426)
  • resource/aws_route: nat_gateway_id target no longer conflicts with destination_ipv6_cidr_block (#23427)

BUG FIXES:

  • resource/aws_dms_endpoint: Fix bug where KMS key was ignored for DynamoDB, OpenSearch, Kafka, Kinesis, Oracle, PostgreSQL, and S3 engines. (#23444)
  • resource/aws_networkfirewall_rule_group: Allow any character in source and destination rule_group.rules_source.stateful_rule.header arguments as per the AWS API docs (#22727)
  • resource/aws_opsworks_application: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_custom_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_ecs_cluster_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_ganglia_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_haproxy_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_instance: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_java_app_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_memcached_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_mysql_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_nodejs_app_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_php_app_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_rails_app_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_rds_db_instance: Correctly remove from state in certain deletion situations (#23397)
  • resource/aws_opsworks_stack: Fix error reported on successful deletion, lack of eventual consistency wait (#23397)
  • resource/aws_opsworks_static_web_layer: Fix error reported on successful deletion (#23397)
  • resource/aws_opsworks_user_profile: Fix error reported on successful deletion (#23397)
  • resource/aws_route53_resolver_firewall_domain_list: Remove limit for number of domains. (#23485)
  • resource/aws_synthetics_canary: Retry canary creation if it fails because of IAM propagation. (#23394)

4.3.0 (February 28, 2022)

NOTES:

  • resource/aws_internet_gateway: Set vpc_id as Computed to prevent drift when the aws_internet_gateway_attachment resource is used (#16386)
  • resource/aws_s3_bucket_lifecycle_configuration: The prefix argument of the rule configuration block has been deprecated. Use the filter configuration block instead. (#23325)

FEATURES:

  • New Data Source: aws_ec2_transit_gateway_multicast_domain (#22756)
  • New Data Source: aws_ec2_transit_gateway_vpc_attachments (#12409)
  • New Resource: aws_ec2_transit_gateway_multicast_domain (#22756)
  • New Resource: aws_ec2_transit_gateway_multicast_domain_association (#22756)
  • New Resource: aws_ec2_transit_gateway_multicast_group_member (#22756)
  • New Resource: aws_ec2_transit_gateway_multicast_group_source (#22756)
  • New Resource: aws_internet_gateway_attachment (#16386)
  • New Resource: aws_opsworks_ecs_cluster_layer (#12495)
  • New Resource: aws_vpc_endpoint_policy (#17039)

ENHANCEMENTS:

  • data-source/aws_ec2_transit_gateway: Add multicast_support attribute (#22756)
  • provider: Improves error message when Profile and static credential environment variables are set. (#23388)
  • provider: Makes region an optional parameter to allow sourcing from shared config files and IMDS (#23384)
  • provider: Retrieves region from IMDS when credentials retrieved from IMDS. (#23388)
  • resource/aws_connect_queue: The quick_connect_ids argument can now be updated in-place (#22821)
  • resource/aws_connect_security_profile: add permissions attribute to read (#22761)
  • resource/aws_ec2_fleet: Add context argument (#23304)
  • resource/aws_ec2_transit_gateway: Add multicast_support argument (#22756)
  • resource/aws_imagebuilder_image_pipeline: Add schedule.timezone argument (#23322)
  • resource/aws_imagebuilder_image_recipe: Add systems_manager_agent.uninstall_after_build argument (#23293)
  • resource/aws_instance: Prevent double base64 encoding of user_data and user_data_base64 on update (#23362)
  • resource/aws_s3_bucket: Add error handling for NotImplemented error when reading logging into terraform state (#23398)
  • resource/aws_s3_bucket_object_lock_configuration: Mark token argument as sensitive (#23368)
  • resource/aws_servicecatalog_provisioned_product: Add outputs attribute (#23270)

BUG FIXES:

  • provider: Validates names of named profiles before use. (#23388)
  • resource/aws_dms_replication_task: Allow cdc_start_position to be computed (#23328)
  • resource/aws_ecs_cluster: Fix bug preventing describing clusters in ISO regions (#23341)

4.2.0 (February 18, 2022)

FEATURES:

  • New Data Source: aws_grafana_workspace (#22874)
  • New Data Source: aws_iam_openid_connect_provider (#23240)
  • New Data Source: aws_ssm_instances (#23162)
  • New Resource: aws_cloudtrail_event_data_store (#22490)
  • New Resource: aws_grafana_workspace (#22874)

ENHANCEMENTS:

  • provider: Add custom_ca_bundle argument (#23279)
  • provider: Add sts_region argument (#23212)
  • provider: Expands environment variables in file paths in provider configuration. (#23282)
  • provider: Updates list of valid AWS regions (#23282)
  • resource/aws_dms_endpoint: Add s3_settings.add_column_name, s3_settings.canned_acl_for_objects, s3_settings.cdc_inserts_and_updates, s3_settings.cdc_inserts_only, s3_settings.cdc_max_batch_interval, s3_settings.cdc_min_file_size, s3_settings.cdc_path, s3_settings.csv_no_sup_value, s3_settings.csv_null_value, s3_settings.data_page_size, s3_settings.date_partition_delimiter, s3_settings.date_partition_sequence, s3_settings.dict_page_size_limit, s3_settings.enable_statistics, s3_settings.encoding_type, s3_settings.ignore_headers_row, s3_settings.include_op_for_full_load, s3_settings.max_file_size, s3_settings.preserve_transactions, s3_settings.rfc_4180, s3_settings.row_group_length, s3_settings.timestamp_column_name, s3_settings.use_csv_no_sup_value arguments (#20913)
  • resource/aws_elasticache_replication_group: Add plan-time validation to description and replication_group_description to ensure non-empty strings (#23254)
  • resource/aws_fms_policy: Add delete_unused_fm_managed_resources argument (#21295)
  • resource/aws_fms_policy: Add tags argument and tags_all attribute to support resource tagging (#21299)
  • resource/aws_imagebuilder_image_recipe: Update plan time validation of block_device_mapping.ebs.kms_key_id, block_device_mapping.ebs.snapshot_id, block_device_mapping.ebs.volume_type, name, parent_image. (#23235)
  • resource/aws_instance: Allow updates to user_data and user_data_base64 without forcing resource replacement (#18043)
  • resource/aws_s3_bucket: Add error handling for MethodNotAllowed and XNotImplemented errors when reading website into terraform state. (#23278)
  • resource/aws_s3_bucket: Add error handling for NotImplemented errors when reading acceleration_status, policy, or request_payer into terraform state. (#23278)

BUG FIXES:

  • provider: Credentials with expiry, such as assuming a role, would not renew. (#23282)
  • provider: Setting a custom CA bundle caused the provider to fail. (#23282)
  • resource/aws_iam_instance_profile: Improve tag handling in ISO regions (#23283)
  • resource/aws_iam_openid_connect_provider: Improve tag handling in ISO regions (#23283)
  • resource/aws_iam_policy: Improve tag handling in ISO regions (#23283)
  • resource/aws_iam_saml_provider: Improve tag handling in ISO regions (#23283)
  • resource/aws_iam_server_certificate: Improve tag handling in ISO regions (#23283)
  • resource/aws_iam_service_linked_role: Improve tag handling in ISO regions (#23283)
  • resource/aws_iam_virtual_mfa_device: Improve tag handling in ISO regions (#23283)
  • resource/aws_s3_bucket_lifecycle_configuration: Ensure both key and value arguments of the filter tag configuration block are correctly populated in the outgoing API request and terraform state. (#23252)
  • resource/aws_s3_bucket_lifecycle_configuration: Prevent non-empty plans when filter is an empty configuration block (#23232)

4.1.0 (February 15, 2022)

FEATURES:

  • New Data Source: aws_backup_framework (#23193)
  • New Data Source: aws_backup_report_plan (#23146)
  • New Data Source: aws_imagebuilder_container_recipe (#23040)
  • New Data Source: aws_imagebuilder_container_recipes (#23134)
  • New Data Source: aws_service (#16640)
  • New Resource: aws_backup_framework (#23175)
  • New Resource: aws_backup_report_plan (#23098)
  • New Resource: aws_gamelift_script (#11560)
  • New Resource: aws_iam_service_specific_credential (#16185)
  • New Resource: aws_iam_signing_certificate (#23161)
  • New Resource: aws_iam_virtual_mfa_device (#23113)
  • New Resource: aws_imagebuilder_container_recipe (#22965)

ENHANCEMENTS:

  • data-source/aws_imagebuilder_image_pipeline: Add container_recipe_arn attribute (#23111)
  • data-source/aws_kms_public_key: Add public_key_pem attribute (#23130)
  • resource/aws_api_gateway_authorizer: Add arn attribute. (#23151)
  • resource/aws_autoscaling_group: Disable scale-in protection before draining instances (#23187)
  • resource/aws_cloudformation_stack_set: Add call_as argument (#22440)
  • resource/aws_elastic_transcoder_preset: Add plan time validations to audio.audio_packing_mode, audio.channels,
    audio.codec,audio.sample_rate, audio_codec_options.bit_depth, audio_codec_options.bit_order,
    audio_codec_options.profile, audio_codec_options.signed, audio_codec_options.signed,
    container, thumbnails.aspect_ratio, thumbnails.format, thumbnails.padding_policy, thumbnails.sizing_policy,
    type, video.aspect_ratio, video.codec, video.display_aspect_ratio, video.fixed_gop, video.frame_rate, video.max_frame_rate, video.padding_policy, video.sizing_policy, video_watermarks.horizontal_align,
    video_watermarks.id, video_watermarks.sizing_policy, video_watermarks.target, video_watermarks.vertical_align (#13974)
  • resource/aws_elastic_transcoder_preset: Allow audio.bit_rate to be computed. (#13974)
  • resource/aws_gamelift_build: Add object_version argument to storage_location block. (#22966)
  • resource/aws_gamelift_build: Add import support (#22966)
  • resource/aws_gamelift_fleet: Add certificate_configuration argument (#22967)
  • resource/aws_gamelift_fleet: Add import support (#22967)
  • resource/aws_gamelift_fleet: Add plan time validation to ec2_instance_type (#22967)
  • resource/aws_gamelift_fleet: Adds script_arn attribute. (#11560)
  • resource/aws_gamelift_fleet: Adds script_id argument. (#11560)
  • resource/aws_glue_catalog_database: Add support create_table_default_permission argument (#22964)
  • resource/aws_glue_trigger: Add event_batching_condition argument. (#22963)
  • resource/aws_iam_user_login_profile: Make pgp_key optional (#12384)
  • resource/aws_imagebuilder_image_pipeline: Add container_recipe_arn argument (#23111)
  • resource/aws_prometheus_workspace: Add tags argument and tags_all attribute to support resource tagging (#23202)
  • resource/aws_ssm_association: Add arn attribute (#17732)
  • resource/aws_ssm_association: Add wait_for_success_timeout_seconds argument (#17732)
  • resource/aws_ssm_association: Add plan time validation to association_name, document_version, schedule_expression, output_location.s3_bucket_name, output_location.s3_key_prefix, targets.key, targets.values, automation_target_parameter_name (#17732)

BUG FIXES:

  • data_source/aws_vpc_ipam_pool: error if no pool found (#23195)
  • provider: Support ap-northeast-3, ap-southeast-3 and us-iso-west-1 as valid AWS Regions (#23191)
  • provider: Use AWS HTTP client which allows IMDS authentication in container environments and custom RootCAs in ISO regions (#23191)
  • resource/aws_appmesh_route: Handle zero max_retries (#23035)
  • resource/aws_elastic_transcoder_preset: Allow video_codec_options to be empty. (#13974)
  • resource/aws_rds_cluster: Fix crash when configured engine_version string is shorter than the EngineVersion string returned from the AWS API (#23039)
  • resource/aws_s3_bucket_lifecycle_configuration: Correctly handle the days value of the rule transition configuration block when set to 0 (#23120)
  • resource/aws_s3_bucket_lifecycle_configuration: Fix extraneous diffs especially after import (#23144)
  • resource/aws_sagemaker_endpoint_configuration: Emptiness check for arguments, Allow not passing async_inference_config.kms_key_id. (#22960)
  • resource/aws_vpn_connection: Add support for ipsec.1-aes256 connection type (#23127)

4.0.0 (February 10, 2022)

BREAKING CHANGES:

  • data-source/aws_connect_hours_of_operation: The hours_of_operation_arn attribute is renamed to arn (#22375)
  • resource/aws_batch_compute_environment: No compute_resources configuration block can be specified when type is UNMANAGED (#22805)
  • resource/aws_cloudwatch_event_target: The ecs_target launch_type argument no longer has a default value (previously was EC2) (#22803)
  • resource/aws_cloudwatch_event_target: ecs_target.0.launch_type can no longer be set to ""; instead, remove or set to null (#22954)
  • resource/aws_connect_hours_of_operation: The hours_of_operation_arn attribute is renamed to arn (#22375)
  • resource/aws_default_network_acl: These arguments can no longer be set to "": egress.*.cidr_block, egress.*.ipv6_cidr_block, ingress.*.cidr_block, or ingress.*.ipv6_cidr_block (#22928)
  • resource/aws_default_route_table: These arguments can no longer be set to "": route.*.cidr_block, route.*.ipv6_cidr_block (#22931)
  • resource/aws_default_vpc: ipv6_cidr_block can no longer be set to ""; remove or set to null (#22948)
  • resource/aws_efs_mount_target: ip_address can no longer be set to ""; instead, remove or set to null (#22954)
  • resource/aws_elasticache_cluster: Either engine or replication_group_id must be specified (#20482)
  • resource/aws_elasticsearch_domain: ebs_options.0.volume_type can no longer be set to ""; instead, remove or set to null (#22954)
  • resource/aws_fsx_ontap_storage_virtual_machine: Remove deprecated active_directory_configuration.0.self_managed_active_directory_configuration.0.organizational_unit_distinguidshed_name, migrating value to active_directory_configuration.0.self_managed_active_directory_configuration.0.organizational_unit_distinguished_name (#22915)
  • resource/aws_instance: private_ip can no longer be set to ""; remove or set to null (#22948)
  • resource/aws_lb_target_group: For protocol = "TCP", stickiness can no longer be type set to lb_cookie even when enabled = false; instead use type source_ip (#22996)
  • resource/aws_network_acl: These arguments can no longer be set to "": egress.*.cidr_block, egress.*.ipv6_cidr_block, ingress.*.cidr_block, or ingress.*.ipv6_cidr_block (#22928)
  • resource/aws_route: Exactly one of these can be set: destination_cidr_block, destination_ipv6_cidr_block, destination_prefix_list_id. These arguments can no longer be set to "": destination_cidr_block, destination_ipv6_cidr_block. (#22931)
  • resource/aws_route_table: These arguments can no longer be set to "": route.*.cidr_block, route.*.ipv6_cidr_block (#22931)
  • resource/aws_s3_bucket: The acceleration_status argument has been deprecated and is now read-only. Use the aws_s3_bucket_accelerate_configuration resource instead. (#22610)
  • resource/aws_s3_bucket: The acl and grant arguments have been deprecated and are now read-only. Use the aws_s3_bucket_acl resource instead. (#22537)
  • resource/aws_s3_bucket: The cors_rule argument has been deprecated and is now read-only. Use the aws_s3_bucket_cors_configuration resource instead. (#22611)
  • resource/aws_s3_bucket: The lifecycle_rule argument has been deprecated and is now read-only. Use the aws_s3_bucket_lifecycle_configuration resource instead. (#22581)
  • resource/aws_s3_bucket: The logging argument has been deprecated and is now read-only. Use the aws_s3_bucket_logging resource instead. (#22599)
  • resource/aws_s3_bucket: The object_lock_configuration rule argument has been deprecated and is now read-only. Use the aws_s3_bucket_object_lock_configuration resource instead. (#22612)
  • resource/aws_s3_bucket: The policy argument has been deprecated and is now read-only. Use the aws_s3_bucket_policy resource instead. (#22538)
  • resource/aws_s3_bucket: The replication_configuration argument has been deprecated and is now read-only. Use the aws_s3_bucket_replication_configuration resource instead. (#22604)
  • resource/aws_s3_bucket: The request_payer argument has been deprecated and is now read-only. Use the aws_s3_bucket_request_payment_configuration resource instead. (#22613)
  • resource/aws_s3_bucket: The server_side_encryption_configuration argument has been deprecated and is now read-only. Use the aws_s3_bucket_server_side_encryption_configuration resource instead. (#22605)
  • resource/aws_s3_bucket: The versioning argument has been deprecated and is now read-only. Use the aws_s3_bucket_versioning resource instead. (#22606)
  • resource/aws_s3_bucket: The website, website_domain, and website_endpoint arguments have been deprecated and are now read-only. Use the aws_s3_bucket_website_configuration resource instead. (#22614)
  • resource/aws_vpc: ipv6_cidr_block can no longer be set to ""; remove or set to null (#22948)
  • resource/aws_vpc_ipv6_cidr_block_association: ipv6_cidr_block can no longer be set to ""; remove or set to null (#22948)

NOTES:

  • data-source/aws_cognito_user_pools: The type of the ids and arns attributes has changed from Set to List. If no volumes match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_db_event_categories: The type of the ids attribute has changed from Set to List. If no event categories match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_ebs_volumes: The type of the ids attribute has changed from Set to List. If no volumes match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_ec2_coip_pools: The type of the pool_ids attribute has changed from Set to List. If no COIP pools match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_ec2_local_gateway_route_tables: The type of the ids attribute has changed from Set to List. If no local gateway route tables match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_ec2_local_gateway_virtual_interface_groups: The type of the ids and local_gateway_virtual_interface_ids attributes has changed from Set to List. If no local gateway virtual interface groups match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_ec2_local_gateways: The type of the ids attribute has changed from Set to List. If no local gateways match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_ec2_transit_gateway_route_tables: The type of the ids attribute has changed from Set to List. If no transit gateway route tables match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_efs_access_points: The type of the ids and arns attributes has changed from Set to List. If no access points match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_elasticache_replication_group: The number_cache_clusters attribute has been deprecated. All configurations using number_cache_clusters should be updated to use the num_cache_clusters attribute instead (#22667)
  • data-source/aws_elasticache_replication_group: The replication_group_description attribute has been deprecated. All configurations using replication_group_description should be updated to use the description attribute instead (#22667)
  • data-source/aws_emr_release_labels: The type of the ids attribute has changed from Set to List. If no release labels match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_iam_policy_document: The source_json and override_json attributes have been deprecated. Use the source_policy_documents and override_policy_documents attributes respectively instead. (#22890)
  • data-source/aws_inspector_rules_packages: If no rules packages match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_instances: If no instances match the specified criteria an empty list is returned (previously an error was raised) (#5055)
  • data-source/aws_ip_ranges: If no ranges match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_network_acls: The type of the ids attribute has changed from Set to List. If no NACLs match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_network_interfaces: The type of the ids attribute has changed from Set to List. If no network interfaces match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_route_tables: The type of the ids attribute has changed from Set to List. If no route tables match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_s3_bucket_object: The data source is deprecated; use aws_s3_object instead (#22877)
  • data-source/aws_s3_bucket_objects: The data source is deprecated; use aws_s3_objects instead (#22877)
  • data-source/aws_security_groups: If no security groups match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_ssoadmin_instances: The type of the identity_store_ids and arns attributes has changed from Set to List. If no instances match the specified criteria an empty list is returned (previously an error was raised) (#21219)
  • data-source/aws_subnet_ids: The aws_subnet_ids data source has been deprecated and will be removed in a future version. Use the aws_subnets data source instead (#22743)
  • data-source/aws_vpcs: The type of the ids attributes has changed from Set to List. If no VPCs match the specified criteria an empty list is returned (previously an error was raised) (#22253)
  • provider: The assume_role.duration_seconds argument has been deprecated. All configurations using assume_role.duration_seconds should be updated to use the new assume_role.duration argument instead. (#23077)
  • resource/aws_acmpca_certificate_authority: The status attribute has been deprecated. Use the enabled attribute instead. (#22878)
  • resource/aws_autoscaling_attachment: The alb_target_group_arn argument has been deprecated. All configurations using alb_target_group_arn should be updated to use the new lb_target_group_arn argument instead (#22662)
  • resource/aws_autoscaling_group: The tags argument has been deprecated. All configurations using tags should be updated to use the tag argument instead (#22663)
  • resource/aws_budgets_budget: The cost_filters attribute has been deprecated. Use the cost_filter attribute instead. (#22888)
  • resource/aws_connect_hours_of_operation: Timeout support has been removed as it is not needed for this resource (#22375)
  • resource/aws_customer_gateway: ip_address can no longer be set to "" (#22926)
  • resource/aws_db_instance The name argument has been deprecated. All configurations using name should be updated to use the db_name argument instead (#22668)
  • resource/aws_default_subnet: If no default subnet exists in the specified Availability Zone one is now created. The force_destroy destroy argument has been added (defaults to false). Setting this argument to true deletes the default subnet on terraform destroy (#22253)
  • resource/aws_default_vpc: If no default VPC exists in the current AWS Region one is now created. The force_destroy destroy argument has been added (defaults to false). Setting this argument to true deletes the default VPC on terraform destroy (#22253)
  • resource/aws_ec2_client_vpn_endpoint: The status attribute has been deprecated (#22887)
  • resource/aws_ec2_client_vpn_endpoint: The type of the dns_servers argument has changed from Set to List (#22889)
  • resource/aws_ec2_client_vpn_network_association: The security_groups argument has been deprecated. Use the security_group_ids argument of the aws_ec2_client_vpn_endpoint resource instead (#22911)
  • resource/aws_ec2_client_vpn_network_association: The status attribute has been deprecated (#22887)
  • resource/aws_ec2_client_vpn_route: Add custom timeouts block (#22911)
  • resource/aws_ecs_cluster: The capacity_providers and default_capacity_provider_strategy arguments have been deprecated. Use the aws_ecs_cluster_capacity_providers resource instead. (#22783)
  • resource/aws_elasticache_replication_group: The cluster_mode argument has been deprecated. All configurations using cluster_mode should be updated to use the root-level num_node_groups and replicas_per_node_group arguments instead (#22666)
  • resource/aws_elasticache_replication_group: The number_cache_clusters argument has been deprecated. All configurations using number_cache_clusters should be updated to use the num_cache_clusters argument instead (#22666)
  • resource/aws_elasticache_replication_group: The replication_group_description argument has been deprecated. All configurations using replication_group_description should be updated to use the description argument instead (#22666)
  • resource/aws_route: The instance_id argument has been deprecated. All configurations using instance_id should be updated to use the network_interface_id argument instead (#22664)
  • resource/aws_route_table: The instance_id argument of the route configuration block has been deprecated. All configurations using route instance_id should be updated to use the route network_interface_id argument instead (#22664)
  • resource/aws_s3_bucket_object: The resource is deprecated; use aws_s3_object instead (#22877)

FEATURES:

  • New Data Source: aws_cloudfront_realtime_log_config (#22620)
  • New Data Source: aws_ec2_client_vpn_endpoint (#14218)
  • New Data Source: aws_eips (#7537)
  • New Data Source: aws_s3_object (#22850)
  • New Data Source: aws_s3_objects (#22850)
  • New Resource: aws_cognito_user (#19919)
  • New Resource: aws_dataexchange_revision (#22933)
  • New Resource: aws_network_acl_association (#18807)
  • New Resource: aws_s3_bucket_accelerate_configuration (#22617)
  • New Resource: aws_s3_bucket_acl (#22853)
  • New Resource: aws_s3_bucket_cors_configuration (#12141)
  • New Resource: aws_s3_bucket_lifecycle_configuration (#22579)
  • New Resource: aws_s3_bucket_logging (#22608)
  • New Resource: aws_s3_bucket_object_lock_configuration (#22644)
  • New Resource: aws_s3_bucket_request_payment_configuration (#22649)
  • New Resource: aws_s3_bucket_server_side_encryption_configuration (#22609)
  • New Resource: aws_s3_bucket_versioning (#5132)
  • New Resource: aws_s3_bucket_website_configuration (#22648)
  • New Resource: aws_s3_object (#22850)

ENHANCEMENTS:

  • data-source/aws_ami: Add boot_mode attribute. (#22939)
  • data-source/aws_cloudwatch_log_group: Automatically trim :* suffix from arn attribute (#22043)
  • data-source/aws_ec2_client_vpn_endpoint: Add security_group_ids and vpc_id attributes (#22911)
  • data-source/aws_elasticache_replication_group: Add description, num_cache_clusters, num_node_groups, and replicas_per_node_group attributes (#22667)
  • data-source/aws_imagebuilder_distribution_configuration: Add container_distribution_configuration attribute to the distribution configuration block (#22838)
  • data-source/aws_imagebuilder_distribution_configuration: Add launch_template_configuration attribute to the distribution configuration block (#22884)
  • data-source/aws_imagebuilder_image_recipe: Add parameter attribute to the component configuration block (#22856)
  • provider: Add duration argument to the assume_role configuration block (#23077)
  • provider: Add ec2_metadata_service_endpoint, ec2_metadata_service_endpoint_mode, use_dualstack_endpoint, use_fips_endpoint arguments (#22804)
  • provider: Add environment variables TF_AWS_DYNAMODB_ENDPOINT, TF_AWS_IAM_ENDPOINT, TF_AWS_S3_ENDPOINT, and TF_AWS_STS_ENDPOINT. (#23052)
  • provider: Add support for shared_config_file parameter (#20587)
  • provider: Add support for shared_credentials_files parameter and deprecates shared_credentials_file (#23080)
  • provider: Adds s3_use_path_style parameter and deprecates s3_force_path_style. (#23055)
  • provider: Changes shared_config_file parameter to shared_config_files (#23080)
  • provider: Updates AWS authentication to use AWS SDK for Go v2 https://aws.github.io/aws-sdk-go-v2/docs/ (#20587)
  • resource/aws_ami: Add boot_mode and ebs_block_device.outpost_arn arguments. (#22939)
  • resource/aws_ami_copy: Add boot_mode and ebs_block_device.outpost_arn attributes (#22972)
  • resource/aws_ami_from_instance: Add boot_mode and ebs_block_device.outpost_arn attributes (#22972)
  • resource/aws_api_gateway_domain_name: Add ownership_verification_certificate_arn argument. (#21076)
  • resource/aws_apigatewayv2_domain_name: Add domain_name_configuration.ownership_verification_certificate_arn argument. (#21076)
  • resource/aws_autoscaling_attachment: Add lb_target_group_arn argument (#22662)
  • resource/aws_cloudwatch_event_target: Add plan time validation for input, input_path, run_command_targets.values, http_target.header_parameters, http_target.query_string_parameters, redshift_target.database, redshift_target.db_user, redshift_target.secrets_manager_arn, redshift_target.sql, redshift_target.statement_name, retry_policy.maximum_event_age_in_seconds, retry_policy.maximum_retry_attempts. (#22946)
  • resource/aws_db_instance: Add db_name argument (#22668)
  • resource/aws_ec2_client_vpn_authorization_rule: Configurable Create and Delete timeouts (#20688)
  • resource/aws_ec2_client_vpn_endpoint: Add client_connect_options argument (#22793)
  • resource/aws_ec2_client_vpn_endpoint: Add client_login_banner_options argument (#22793)
  • resource/aws_ec2_client_vpn_endpoint: Add security_group_ids and vpc_id arguments (#22911)
  • resource/aws_ec2_client_vpn_endpoint: Add session_timeout_hours argument (#22793)
  • resource/aws_ec2_client_vpn_endpoint: Add vpn_port argument (#22793)
  • resource/aws_ec2_client_vpn_network_association: Configurable Create and Delete timeouts (#20689)
  • resource/aws_elasticache_replication_group: Add description argument (#22666)
  • resource/aws_elasticache_replication_group: Add num_cache_clusters argument (#22666)
  • resource/aws_elasticache_replication_group: Add num_node_groups and replicas_per_node_group arguments (#22666)
  • resource/aws_fsx_lustre_file_system: Add log_configuration argument. (#22935)
  • resource/aws_fsx_ontap_file_system: Reduce the minimum valid value of the throughput_capacity argument to 128 (128 MB/s) (#22898)
  • resource/aws_glue_partition_index: Add support for custom timeouts. (#22941)
  • resource/aws_imagebuilder_distribution_configuration: Add launch_template_configuration argument to the distribution configuration block (#22842)
  • resource/aws_imagebuilder_image_recipe: Add parameter argument to the component configuration block (#22837)
  • resource/aws_mq_broker: auto_minor_version_upgrade and host_instance_type can be changed without recreating broker (#20661)
  • resource/aws_s3_bucket_cors_configuration: Retry when NoSuchCORSConfiguration errors are returned from the AWS API (#22977)
  • resource/aws_s3_bucket_versioning: Add eventual consistency handling to help ensure bucket versioning is stabilized. (#21076)
  • resource/aws_vpn_connection: Add the ability to revert changes to unconfigured tunnel options made outside of Terraform to their documented default values (#17031)
  • resource/aws_vpn_connection: Mark customer_gateway_configuration as Sensitive (#15806)
  • resource/aws_wafv2_web_acl: Support version on managed_rule_group_statement (#21732)

BUG FIXES:

  • data-source/aws_vpc_peering_connections: Return empty array instead of error when no connections found. (#17382)
  • resource/aws_cloudformation_stack: Retry resource Create and Update for IAM eventual consistency (#22840)
  • resource/aws_cloudwatch_event_target: Preserve order of http_target.path_parameter_values. (#22946)
  • resource/aws_db_instance: Fix error with reboot of replica (#22178)
  • resource/aws_ec2_client_vpn_authorization_rule: Don't raise an error when InvalidClientVpnEndpointId.NotFound is returned during refresh (#20688)
  • resource/aws_ec2_client_vpn_endpoint: connection_log_options.cloudwatch_log_stream argument is Computed, preventing spurious resource diffs (#22891)
  • resource/aws_ecs_capacity_provider: Fix tagging error preventing use in ISO partitions (#23030)
  • resource/aws_ecs_cluster: Fix tagging error preventing use in ISO partitions (#23030)
  • resource/aws_ecs_service: Fix tagging error preventing use in ISO partitions (#23030)
  • resource/aws_ecs_task_definition: Fix tagging error preventing use in ISO partitions (#23030)
  • resource/aws_ecs_task_set: Fix tagging error preventing use in ISO partitions (#23030)
  • resource/aws_route_table_association: Handle nil 'AssociationState' in ISO regions (#22806)
  • resource/aws_route_table_association: Retry resource Read for EC2 eventual consistency (#22927)
  • resource/aws_vpc_ipam: Correct update of description (#22863)
  • resource/aws_waf_rule_group: Prevent panic when expanding the rule group's set of activated_rule (#22978)
  • resource/aws_wafregional_rule_group: Prevent panic when expanding the rule group's set of activated_rule (#22978)

3.74.1 (February 7, 2022)

BUG FIXES:

  • resource/aws_backup_selection: Fix permanent diffs for condition and not_resources arguments causing resource recreation (#22882)

3.74.0 (January 28, 2022)

FEATURES:

  • New Data Source: aws_api_gateway_export (#22731)
  • New Data Source: aws_api_gateway_sdk (#22731)
  • New Data Source: aws_apigatewayv2_export (#22732)
  • New Data Source: aws_connect_contact_flow_module (#22518)
  • New Data Source: aws_connect_prompt (#22636)
  • New Data Source: aws_connect_quick_connect (#22527)
  • New Data Source: aws_datapipeline_pipeline (#22597)
  • New Data Source: aws_datapipeline_pipeline_definition (#22597)
  • New Data Source: aws_imagebuilder_components (#21881)
  • New Data Source: aws_imagebuilder_distribution_configurations (#22733)
  • New Data Source: aws_imagebuilder_infrastructure_configurations (#22723)
  • New Resource: aws_connect_queue (#22566)
  • New Resource: aws_connect_security_profile (#22369)
  • New Resource: aws_dataexchange_data_set (#22697)
  • New Resource: aws_datapipeline_pipeline_definition (#22597)
  • New Resource: aws_devicefarm_test_grid_project (#22688)
  • New Resource: aws_ecs_cluster_capacity_providers (#22672)
  • New Resource: aws_sagemaker_project (#21534)

ENHANCEMENTS:

  • resource/aws_api_gateway_stage: Add web_acl_arn attribute (#18561)
  • resource/aws_elasticache_replication_group: Add user_group_ids to associate aws_elasticache_user_group with aws_elasticache_replication_group (#20406)
  • resource/aws_imagebuilder_distribution_configuration: Add container_distribution_configuration argument (#22758)
  • resource/aws_iot_role_alias: Increase the maximum allowed value of the credential_duration argument to 43200 (12 hours) (#22757)
  • resource/aws_network_interface: Add private_ip_list, private_ip_list_enabled, ipv6_address_list, and ipv6_address_list_enabled attributes (#17846)
  • resource/aws_s3_bucket_notification: Add eventbridge argument (#22045)
  • resource/aws_vpc_endpoint_subnet_association: Fix resource importing (#22796)

BUG FIXES:

  • data-source/aws_ecr_repository: Further refine tag error handling in ISO partitions (#22780)
  • data-source/aws_lb: Further refine tag error handling for ISO regions (#22717)
  • data-source/aws_lb: Further refine tag error handling for ISO regions (#22717)
  • data-source/aws_lb_listener: Further refine tag error handling for ISO regions (#22717)
  • data-source/aws_lb_target_group: Further refine tag error handling for ISO regions (#22717)
  • data-source/aws_sqs_queue: Further refine tag error handling in ISO partitions (#22780)
  • data-source/aws_vpc: Suppress errors if main route table cannot be found (#22724)
  • resource/aws_cloudfront_distribution: Increase the maximum valid origin_keepalive_timeout value to 180 (#22632)
  • resource/aws_cloudwatch_composite_alarm: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_cloudwatch_event_bus: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_cloudwatch_event_rule: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_cloudwatch_metric_alarm: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_cloudwatch_metric_stream: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_ecr_repository: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_ecs_capacity_provider: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_ecs_cluster: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_ecs_cluster: Provide new resource aws_ecs_cluster_capacity_providers to avoid bugs using capacity_providers and default_capacity_provider_strategy, which arguments will be deprecated in a future version (#22672)
  • resource/aws_ecs_service: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_ecs_task_definition: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_ecs_task_set: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_instance: Prevent panic when reading the instance's block device mappings (#22719)
  • resource/aws_internet_gateway: No longer give up before the attachment timeout (4m) is exceeded (previously it was giving up after 20 not found checks). (#22713)
  • resource/aws_lambda_function: Prevent errors when attempting to configure code signing in the ap-southeast-3 AWS Region (#22693)
  • resource/aws_lb: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_lb_listener: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_lb_listener_rule: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_lb_target_group: Further refine tag error handling for ISO regions (#22717)
  • resource/aws_sns_topic: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_sqs_queue: Further refine tag error handling in ISO partitions (#22780)
  • resource/aws_vpc: Suppress errors if main route table, default NACL or default security group cannot be found (#22724)
  • resource/aws_vpc_dhcp_options_association: Support default DHCP Options ID (#22722)

3.73.0 (January 21, 2022)

FEATURES:

  • New Data Source: aws_cloudfront_origin_access_identity (#22572)
  • New Data Source: aws_vpc_ipam_preview_next_cidr (#22643)
  • New Resource: aws_appsync_api_cache (#22578)
  • New Resource: aws_appsync_domain_name (#22487)
  • New Resource: aws_appsync_domain_name_api_association (#22487)
  • New Resource: aws_cloudsearch_domain (#17723)
  • New Resource: aws_cloudsearch_domain_service_access_policy (#17723)
  • New Resource: aws_detective_invitation_accepter (#22163)
  • New Resource: aws_detective_member (#22163)
  • New Resource: aws_fsx_data_repository_association (#22291)
  • New Resource: aws_lambda_invocation (#19488)

ENHANCEMENTS:

  • data-source/aws_cognito_user_pool_clients: Add client_names attribute (#22615)
  • data-source/aws_imagebuilder_image_recipe: Add user_data_base64 attribute (#21763)
  • resource/aws_dynamodb_table: Add special case handling when switching billing_mode from PAY_PER_REQUEST to PROVISIONED and provisioned throughput is ignored. (#22630)
  • resource/aws_fsx_lustre_file_system: Add file_system_type_version argument (#22291)
  • resource/aws_imagebuilder_image_recipe: Add user_data_base64 argument (#21763)
  • resource/aws_opsworks_custom_layer: Add plan time validation for ebs_volume.type and custom_json. (#12433)
  • resource/aws_opsworks_custom_layer: Add support for cloudwatch_configuration (#12433)
  • resource/aws_security_group: Ensure that the Security Group is found 3 times in a row before declaring that it has been created (#22420)

BUG FIXES:

  • resource/aws_apprunner_custom_domain_association: Add the status binding_certificate as a valid target when waiting for creation. (#20222)
  • resource/aws_cloudfront_distribution: Increase the maximum valid origin_keepalive_timeout value to 180 (#22632)
  • resource/aws_ecr_lifecycle_policy: Fix diffs in policy when no changes are detected (#22665)
  • resource/aws_load_balancer_policy: Suppress policy_attribute differences (#21776)

3.72.0 (January 13, 2022)

FEATURES:

  • New Data Source: aws_cognito_user_pool_client (#22477)
  • New Resource: aws_cognito_identity_pool_provider_principal_tag (#22514)
  • New Resource: aws_connect_contact_flow_module (#22349)
  • New Resource: aws_connect_quick_connect (#22250)
  • New Resource: aws_devicefarm_instance_profile (#22458)
  • New Resource: aws_memorydb_snapshot (#22486)
  • New Resource: aws_shield_protection_health_check_association (#21993)

ENHANCEMENTS:

  • data-source/aws_cloudfront_distribution: Add aliases attribute (#22552)
  • data-source/aws_customer_gateway: Add certificate_arn attribute (#22435)
  • data-source/aws_ebs_snapshot: Add storage_tier and outpost_arn attributes. (#22342)
  • data-source/aws_ecr_repository: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22535)
  • data-source/aws_eks_cluster: Add ip_family to the kubernetes_network_config configuration block (#22485)
  • data-source/aws_elb_service_account: Add account ID for ap-southeast-3 AWS Region (#22453)
  • data-source/aws_iam_role: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22544)
  • data-source/aws_iam_user: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22544)
  • data-source/aws_instance: Add the instance_metadata_tags attribute to the metadata_options configuration block (#22463)
  • data-source/aws_launch_template: Add the instance_metadata_tags attribute to the metadata_options configuration block (#22463)
  • data-source/aws_lb: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22551)
  • data-source/aws_lb_listener: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22551)
  • data-source/aws_lb_target_group: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22551)
  • data-source/aws_sagemaker_prebuilt_ecr_image: Add account IDs for the BlazingText image in af-south-1 and eu-south-1 AWS Regions (#22455)
  • data-source/aws_sagemaker_prebuilt_ecr_image: Add account IDs for the DeepAR Forecasting image in af-south-1 and eu-south-1 AWS Regions (#22455)
  • data-source/aws_sagemaker_prebuilt_ecr_image: Add account IDs for the Factorization Machines image in af-south-1, ap-northeast-3 and eu-south-1 AWS Regions (#22455)
  • data-source/aws_sagemaker_prebuilt_ecr_image: Add account IDs for the Spark ML Serving image in af-south-1, ap-east-1, cn-north-1, cn-northwest-1, eu-north-1, eu-south-1, eu-west-3, me-south-1 and sa-east-1 AWS Regions (#22455)
  • data-source/aws_sagemaker_prebuilt_ecr_image: Add account IDs for the XGBoost image in af-south-1, ap-northeast-3 and eu-south-1 AWS Regions (#22455)
  • data-source/aws_sqs_queue: Allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22516)
  • resource/aws_appsync_datasource: Add authorization_config attribute to the http_config configuration block (#22411)
  • resource/aws_appsync_datasource: Add delta_sync_config and versioned to the dynamodb_config configuration block (#22411)
  • resource/aws_appsync_datasource: Add relational_database_config argument (#22411)
  • resource/aws_appsync_datasource: Add plan time validation for service_role_arn and lambda_config.function_arn (#22411)
  • resource/aws_appsync_function: Add max_batch_size and sync_config arguments. (#22484)
  • resource/aws_appsync_resolver: Add max_batch_size and sync_config arguments. (#22510)
  • resource/aws_backup_selection: Add condition configuration block and not_resources argument in support of fine-grained backup plan resource assignment (#22074)
  • resource/aws_cloudwatch_composite_alarm: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22556)
  • resource/aws_cloudwatch_event_bus: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22550)
  • resource/aws_cloudwatch_event_rule: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22550)
  • resource/aws_cloudwatch_log_destination_policy: Add force_update argument. (#22460)
  • resource/aws_cloudwatch_log_destination_policy: Add plan time validation for access_policy. (#22460)
  • resource/aws_cloudwatch_metric_alarm: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22556)
  • resource/aws_cloudwatch_metric_stream: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22556)
  • resource/aws_connect_contact_flow: add delete function (#22303)
  • resource/aws_customer_gateway: Add certificate_arn argument (#22435)
  • resource/aws_ebs_snapshot: Add outpost_arn, storage_tier, permanent_restore, temporary_restore_days arguments (#22342)
  • resource/aws_ebs_snapshot_copy: Add storage_tier, permanent_restore, temporary_restore_days arguments (#22342)
  • resource/aws_ebs_snapshot_import: Add storage_tier, permanent_restore, temporary_restore_days arguments (#22342)
  • resource/aws_ecr_repository: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22535)
  • resource/aws_ecs_capacity_provider: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22529)
  • resource/aws_ecs_cluster: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22529)
  • resource/aws_ecs_service: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22529)
  • resource/aws_ecs_task_definition: Add skip_destroy argument to optionally prevent overwriting previous revision (#22269)
  • resource/aws_ecs_task_definition: Add plan time validation for family (#18610)
  • resource/aws_ecs_task_definition: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22529)
  • resource/aws_ecs_task_set: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22529)
  • resource/aws_eks_cluster: Add ip_family to the kubernetes_network_config configuration block (#22485)
  • resource/aws_glue_crawler: add delta_target argument. (#22472)
  • resource/aws_iam_role: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22544)
  • resource/aws_iam_user: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22544)
  • resource/aws_instance: Add the instance_metadata_tags argument to the metadata_options configuration block (#22463)
  • resource/aws_launch_template: Add the instance_metadata_tags argument to the metadata_options configuration block (#22463)
  • resource/aws_lb: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22551)
  • resource/aws_lb_listener: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22551)
  • resource/aws_lb_listener_rule: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22551)
  • resource/aws_lb_target_group: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22551)
  • resource/aws_s3_bucket: Add additional protection against object_lock_configuration causing errors in partitions (e.g., ISO) where not supported (#22575)
  • resource/aws_sns_topic: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22511)
  • resource/aws_sqs_queue: Attempt tags-on-create, fallback to tag after create, and allow some tags errors to be non-fatal to support non-standard AWS partitions (i.e., ISO) (#22516)
  • resource/aws_vpc: Add ipv6_cidr_block_network_border_group argument (#22211)
  • resource/aws_vpc_ipam_pool_cidr_allocation: Add disallowed_cidrs argument (#22470)
  • resource/aws_vp...
Check out latest releases or
releases around hashicorp/terraform-provider-aws v4.9.0

Don't miss a new terraform-provider-aws release

NewReleases is sending notifications on new releases.

Get notifications