github hashicorp/terraform-provider-aws v6.23.0
on GitHub

10 hours ago

6.23.0 (November 26, 2025)

NOTES:

  • resource/aws_s3_bucket: To support ABAC (Attribute Based Access Control) in general purpose buckets, this resource will now attempt to send tags in the create request and use the S3 Control tagging APIs TagResource, UntagResource, and ListTagsForResource for read and update operations. The calling principal must have the corresponding s3:TagResource, s3:UntagResource, and s3:ListTagsForResource IAM permissions. If the principal lacks the appropriate permissions, the provider will fall back to tagging after creation and using the S3 tagging APIs PutBucketTagging, DeleteBucketTagging, and GetBucketTagging instead. With ABAC enabled, tag modifications may fail with the fall back behavior. See the AWS documentation for additional details on enabling ABAC in general purpose buckets. (#45251)

FEATURES:

  • New Resource: aws_ecs_express_gateway_service (#45235)
  • New Resource: aws_s3_bucket_abac (#45251)
  • New Resource: aws_vpc_encryption_control (#45263)
  • New Resource: aws_vpn_concentrator (#45175)

ENHANCEMENTS:

  • action/aws_lambda_invoke: Add tenant_id argument (#45170)
  • data-source/aws_eks_cluster: Add control_plane_scaling_config attribute (#45258)
  • data-source/aws_lambda_function: Add tenancy_config attribute (#45170)
  • data-source/aws_lambda_invocation: Add tenant_id argument (#45170)
  • data-source/aws_vpn_connection: Add vpn_concentrator_id attribute (#45175)
  • resoource/aws_ecs_capacity_provider: Add managed_instances_provider.infrastructure_optimization argument (#45142)
  • resource/aws_docdb_cluster: Add network_type argument (#45140)
  • resource/aws_docdb_subnet_group: Add supported_network_types attribute (#45140)
  • resource/aws_eks_cluster: Add control_plane_scaling_config configuration block to support EKS Provisioned Control Plane (#45258)
  • resource/aws_lambda_function: Add tenancy_config argument (#45170)
  • resource/aws_lambda_invocation: Add tenant_id argument (#45170)
  • resource/aws_s3_bucket: Tag on creation when the s3:TagResource permission is present (#45251)
  • resource/aws_s3_bucket: Use the S3 Control tagging APIs when the s3:TagResource, s3:UntagResource, and s3:ListTagsForResource permissions are present (#45251)
  • resource/aws_vpn_connection: Add vpn_concentrator_id argument to support Site-to-Site VPN Concentrator (#45175)
Check out latest releases or
releases around hashicorp/terraform-provider-aws v6.23.0

Don't miss a new terraform-provider-aws release

NewReleases is sending notifications on new releases.

Get notifications