hashicorp/terraform-provider-google v6.0.0

on GitHub

Terraform Google Provider 6.0.0 Upgrade Guide

BREAKING CHANGES:

• provider: changed provider labels to add the goog-terraform-provisioned: true label by default. (#19190)
• activedirectory: added deletion_protection field to google_active_directory_domain resource. This field defaults to true, preventing accidental deletions. To delete the resource, you must first set deletion_protection = false before destroying the resource. (#18906)
• alloydb: removed network in google_alloy_db_cluster. Use network_config.network instead. (#19181)
• bigquery: added client-side validation to prevent table view creation if schema contains required fields for google_bigquery_table resource (#18767)
• bigquery: removed allow_resource_tags_on_deletion from google_bigquery_table. Resource tags are now always allowed on table deletion. (#19077)
• bigqueryreservation: removed multi_region_auxiliary from google_bigquery_reservation (#18922)
• billing: revised the format of id for google_billing_project_info (#18823)
• cloudrunv2: added deletion_protection field to google_cloudrunv2_service. This field defaults to true, preventing accidental deletions. To delete the resource, you must first set deletion_protection = false before destroying the resource.(#19019)
• cloudrunv2: changed liveness_probe to no longer infer a default value from api on google_cloud_run_v2_service. Removing this field and applying the change will now remove liveness probe from the Cloud Run service. (#18764)
• cloudrunv2: retyped containers.env to SET from ARRAY for google_cloud_run_v2_service and google_cloud_run_v2_job. (#18855)
• composer: ip_allocation_policy = [] in google_composer_environment is no longer valid configuration. Removing the field from configuration should not produce a diff. (#19207)
• compute: added new required field enabled in google_compute_backend_service and google_compute_region_backend_service (#18772)
• compute: changed certifcate_id in google_compute_managed_ssl_certificate to correctly be output only. (#19069)
• compute: revised and in some cases removed default values of connection_draining_timeout_sec, balancing_mode and outlier_detection in google_compute_region_backend_service and google_compute_backend_service. (#18720)
• compute: revised the format of id for compute_network_endpoints (#18844)
• compute: guest_accelerator = [] is no longer valid configuration in google_compute_instance. To explicitly set an empty list of objects, set guest_accelerator.count = 0. (#19207)
• compute: google_compute_instance_from_template and google_compute_instance_from_machine_image network_interface.alias_ip_range, network_interface.access_config, attached_disk, guest_accelerator, service_account, scratch_disk can no longer be set to an empty block []. Removing the fields from configuration should not produce a diff. (#19207)
• compute: secondary_ip_ranges = [] in google_compute_subnetwork is no longer valid configuration. To set an explicitly empty list, use send_secondary_ip_range_if_empty and completely remove secondary_ip_range from config. (#19207)
• container: made advanced_datapath_observability_config.enable_relay required in google_container_cluster (#19060)
• container: removed deprecated field advanced_datapath_observability_config.relay_mode from google_container_cluster resource. Users are expected to use enable_relay field instead. (#19060)
• container: three label-related fields are now in google_container_cluster resource. resource_labels field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-only terraform_labels field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-only effective_labels field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients. (#19062)
• container: made three fields resource_labels, terraform_labels, and effective_labels be present in google_container_cluster datasources. All three fields will have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent to effective_labels on the resource. (#19062)
• container: guest_accelerator = [] is no longer valid configuration in google_container_cluster and google_container_node_pool. To explicitly set an empty list of objects, set guest_accelerator.count = 0. (#19207)
• container: guest_accelerator.gpu_driver_installation_config = [] and guest_accelerator.gpu_sharing_config = [] are no longer valid configuration in google_container_cluster and google_container_node_pool. Removing the fields from configuration should not produce a diff. (#19207)
• datastore: removed google_datastore_index in favor of google_firestore_index (#19160)
• edgenetwork: three label-related fields are now in google_edgenetwork_network and google_edgenetwork_subnet resources. labels field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-only terraform_labels field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-only effective_labels field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients. (#19062)
• identityplatform: removed resource google_identity_platform_project_default_config in favor of google_identity_platform_project_config (#18992)
• pubsub: allowed schema_settings in google_pubsub_topic to be removed (#18631)
• integrations: removed create_sample_workflows and provision_gmek from google_integrations_client (#19148)
• redis: added a deletion_protection_enabled field to the google_redis_cluster resource. This field defaults to true, preventing accidental deletions. To delete the resource, you must first set deletion_protection_enabled = false before destroying the resource. (#19173)
• resourcemanager: added deletion_protection field to google_folder to make deleting them require an explicit intent. Folder resources now cannot be destroyed unless deletion_protection = false is set for the resource. (#19021)
• resourcemanager: made deletion_policy in google_project 'PREVENT' by default. This makes deleting them require an explicit intent. google_project resources cannot be destroyed unless deletion_policy is set to 'ABANDON' or 'DELETE' for the resource. (#19114)
• sql: removed settings.ip_configuration.require_ssl in google_sql_database_instance. Please use settings.ip_configuration.ssl_mode instead. (#18843)
• storage: removed no_age field from lifecycle_rule.condition in the google_storage_bucket resource (#19048)
• vpcaccess: removed default values for min_throughput and min_instances fields on google_vpc_access_connector and made them default to values returned from the API when not provided by users (#18697)
• vpcaccess: added a conflicting fields restriction between min_throughput and min_instances fields on google_vpc_access_connector (#18697)
• vpcaccess: added a conflicting fields restriction between max_throughput and max_instances fields on google_vpc_access_connector (#18697)
• workstation: defaulted host.gce_instance.disable_ssh to true for google_workstations_workstation_config (#19101)

IMPROVEMENTS:

• compute: added fields reserved_internal_range and secondary_ip_ranges[].reserved_internal_range to google_compute_subnetwork resource (#19151)
• compute: changed the behavior of name_prefix in multiple Compute resources to allow for a longer max length of 54 characters. See the upgrade guide and resource documentation for more details. (#19152)

BUG FIXES:

• compute: fixed an issue regarding sending enabled field by default for null iap message in google_compute_backend_service and google_compute_region_backend_service (#18772)