Releases: hashicorp/terraform-provider-aws
Releases · hashicorp/terraform-provider-aws
v3.10.0
FEATURES
- New Data Source:
aws_codeartifact_authorization_token
(#15425) - New Data Source:
aws_ec2_instance_type
(#13124) - New Data Source:
aws_lex_bot_alias
(#8919) - New Data Source:
aws_redshift_orderable_cluster
(#15438) - New Resource:
aws_codeartifact_repository_permissions_policy
(#15562) - New Resource:
aws_lex_bot_alias
(#8919) - New Resource:
aws_s3_bucket_ownership_controls
(#15482)
NOTES
- data-source/aws_acm_certificate: The
id
attribute has changed to the ARN of the ACM Certificate. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_autoscaling_group: The
id
attribute has changed to the name of the Auto Scaling Group. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_availability_zones: The
id
attribute has changed to the name of the AWS Region. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_db_event_categories: The
id
attribute has changed to the name of the AWS Region. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_ebs_default_kms_key: The
id
attribute has changed to the name of the AWS Region. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_ebs_encryption_by_default: The
id
attribute has changed to the name of the AWS Region. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_ec2_instance_type_offering: The
id
attribute has changed to the EC2 Instance Type. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_ecr_authorization_token: The
id
attribute has changed to the AWS Region. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_ecr_image: The
id
attribute has changed to the SHA256 digest of the ECR Image. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_eks_cluster_auth: The
id
attribute has changed to the name of the EKS Cluster. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_iam_account_alias: The
id
attribute has changed to the AWS Account Alias. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_kms_alias: The
id
attribute has changed to the ARN of the KMS Alias. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_partition: The
id
attribute has changed to the identifier of the AWS Partition. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_regions: The
id
attribute has changed to the identifier of the AWS Partition. The first apply of this updated data source may show this difference. (#15399) - data-source/aws_sns_topic: The
id
attribute has changed to the ARN of the SNS Topic. The first apply of this updated data source may show this difference. (#15399)
ENHANCEMENTS
- data-source/aws_batch_compute_environment: Add
tags
attribute (#15470) - data-source/aws_batch_job_queue: Add
tags
attribute (#15470) - data-source/aws_vpc_endpoint_service: Accept
service_type
as argument (#15467) - resource/aws_appmesh_route: Add
timeout
configuration block togrpc_route
,http_route
,http2_route
andtcp_route
attributes. (#14361) - resource/aws_appmesh_virtual_node: Add
timeout
configuration block tolistener
attribute. (#14361) - resource/aws_batch_compute_environment: Add
tags
argument (#15470) - resource/aws_batch_job_definition: Add
tags
argument (#15470) - resource/aws_batch_job_queue: Add
tags
argument (#15470) - resource/aws_lb_target_group: Add
source_ip
as an option for thestickiness.type
argument. (#15295) - resource/aws_sns_topic_subscription: Create subscriptions with attributes (delivery policy, filter policy, etc.) instead of separate API calls (#10496)
BUG FIXES
- data-source/aws_acm_certificate: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_autoscaling_group: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_availability_zones: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_db_event_categories: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_ebs_default_kms_key: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_ebs_encryption_by_default: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_ec2_instance_type_offering: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_ecr_authorization_token: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_ecr_image: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_eks_cluster_auth: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_iam_account_alias: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_kms_alias: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_partition: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_regions: Prevent plan differences with the
id
attribute (#15399) - data-source/aws_sns_topic: Prevent plan differences with the
id
attribute (#15399) - resource/aws_acm_certificate: Prevent unexpected timeout error on deletion due to API retries (#15522)
- resource/aws_batch_job_definition: Prevent unexpected plan difference for
container_properties
argument value with new secrets support (#15470) - resource/aws_codestarnotifications_notification_rule: Prevent unexpected timeout error during target deletion due to API retries (#15523)
- resource/aws_config_remediation_configuration: Prevent unexpected timeout error on deletion due to API retries ([#15524](https://github.com/terraform-providers...
v3.9.0
FEATURES
- New Resource:
aws_backup_vault_notifications
(#12501) - New Resource:
aws_codeartifact_domain
(#13743) - New Resource:
aws_codeartifact_domain_permissions
(#13753) - New Resource:
aws_codeartifact_repository
(#14429) - New Resource:
aws_db_proxy_target
(#12784) - New Resource:
aws_glue_data_catalog_encryption_settings
(#14916) - New Resource:
aws_glue_ml_transform
(#14909) - New Resource:
aws_glue_partition
(#12547) - New Resource:
aws_lex_bot
(#8918) - New Resource:
aws_lex_intent
(#8917) - New Data Source:
aws_lex_bot
(#8918) - New Data Source:
aws_lex_intent
(#8917)
ENHANCEMENTS
- resource/aws_appmesh_route: Add
grpc_route
andhttp2_route
attributes to support gRPC and HTTP/2 services (#11669) - resource/aws_appmesh_route: Add
retry_policy
attribute to support App Mesh retry policies (#11660) - resource/aws_appmesh_virtual_node: Add
grpc
andhttp2
as valid values for theprotocol
attribute (#11669) - resource/aws_appmesh_virtual_node: Add
spec.backend_defaults
,spec.backend.virtual_service.client_policy
andspec.listener.tls
attributes to support TLS in transit encryption (#12541) - resource/aws_appmesh_virtual_router: Add
grpc
andhttp2
as valid values for theprotocol
attribute (#11669) - resource/aws_fsx_lustre_file_system: Add
auto_import_policy
argument (#15231) - resource/aws_fsx_lustre_file_system: Support
daily_automatic_backup_start_time
(#15299) - resource/aws_fsx_lustre_file_system: Add
storage_type
anddrive_cache_type
(#14727) - resource/aws_glue_crawler: Add
connection_name
field tos3_target
block (#15350) - resource/aws_sagemaker_notebook_instance: Ability to configure root access for Sagemaker notebook instances (#14184)
BUG FIXES
- resource/aws_db_instance: Prevent ordering differences with
enabled_cloudwatch_logs_exports
argument (#15404) - resource/aws_ec2_client_vpn_authorization_rule: Increased active and revoked timeouts from 5 to 10 minutes (#15367)
- resource/aws_rds_cluster: Prevent ordering differences with
enabled_cloudwatch_logs_exports
argument (#15404) - resource/aws_redshift_cluster: Increase default update timeout to 75 minutes (#15339)
v3.8.0
FEATURES
- New Resource:
aws_datasync_location_fsx_windows
(#12686) - New Resource:
aws_route53_resolver_query_log_config
. (#14897) - New Resource:
aws_route53_resolver_query_log_config_association
. (#14901) - New Data Source:
aws_rds_engine_version
(#15228) - New Data Source:
aws_docdb_engine_version
(#15253) - New Data Source:
aws_neptune_engine_version
(#15259) - New Data Source:
aws_workspaces_image
(#11428)
ENHANCEMENTS
- data-source/aws_lb: Add
customer_owned_ipv4_pool
andsubnet_mapping
outpost_id
attributes (#15170) - resource/aws_apigatewayv2_api: Add
disable_execute_api_endpoint
attribute (#15250) - resource/aws_apigatewayv2_authorizer: Add
authorizer_payload_format_version
,authorizer_result_ttl_in_seconds
andenable_simple_responses
attribute to support Lambda authorizers for HTTP APIs (#15232) - resource/aws_apigatewayv2_authorizer: Change
identity_sources
to an optional attribute (#15232) - resource/aws_appmesh_mesh: Add
mesh_owner
andresource_owner
attributes (#14349) - resource/aws_appmesh_route: Add
mesh_owner
argument andresource_owner
attribute (#14349) - resource/aws_appmesh_virtual_node: Add
mesh_owner
argument andresource_owner
attribute (#14349) - resource/aws_appmesh_virtual_router: Add
mesh_owner
argument andresource_owner
attribute (#14349) - resource/aws_appmesh_virtual_service: Add
mesh_owner
argument andresource_owner
attribute (#14349) - resource/aws_elasticsearch_domain: Support
AUDIT_LOGS
log type (#15218) - resource/aws_glue_connection: Support
NETWORK
connection type (#14818) - resource/aws_glue_crawler: Add support for
scan_all
andscan_rate
arguments for ddb targets (#14819) - resource/aws_glue_crawler: Allow removing
table_prefix
(#15268) - resource/aws_glue_job: Add
non_overridable_arguments
argument (#14793) - resource/aws_glue_workflow: Add
tags
argument (#14910) - resource/aws_glue_workflow: Add
arn
attribute (#14910) - resource/aws_glue_workflow: Add
max_concurrent_runs
argument (#14910) - resource/aws_glue_workflow: Plan time validation for
name
(#14910) - resource/aws_fsx_lustre_file_system: Add support for backup retention (#14446)
- resource/aws_fsx_lustre_file_system: Add
kms_key_id
argument (#15057) - resource/aws_fsx_lustre_file_system: Add
mount_name
argument (#14313) - resource/aws_lb: Add
customer_owned_ipv4_pool
argument andsubnet_mapping
outpost_id
attribute (#15170) - resource/aws_organizations_policy: Add
tags
argument (#15316) - resource/aws_rds_cluster: Add
allow_major_version_upgrade
argument (#14709) - resource/aws_storagegateway_smb_file_share: Add
admin_user_list
argument (#12196) - resource/aws_transfer_server: Support
VPC
value forendpoint_type
argument and addendpoint_details
configuration blockaddress_allocation_ids
,subnet_ids
, andvpc_id
arguments (#12599) - resource/aws_transfer_user: Add
home_directory_mappings
configuration blocks andhome_directory_type
argument (#13591)
BUG FIXES
- resource/aws_dynamodb_table: Ensure changes in
name
,range_key
,projection_type
, ornon_key_attributes
of alocal_secondary_index
configuration block force resource recreation (#12335) - resource/aws_dynamodb_table: Ensure
local_secondary_index
non_key_attributes
are sent through API requests on resource creation (#15115) - resource/aws_efs_mount_target: Increase create timeout to 30 minutes (#15293)
- resource/aws_fsx_lustre_file_system: Change
aws_fsx_lustre_file_system's
'snetwork_interface_ids
toTypeList
to preserve ordering. (#14314) - resource/aws_neptune_cluster_instance: Add
configuring-enhanced-monitoring
to expected states when creating and updating (#15284) - resource/aws_vpn_gateway: Increase VPC detachment timeout to 30 minutes (#15201)
- resource/aws_vpn_gateway_attachment: Increase VPC detachment timeout to 30 minutes (#15201)
v3.7.0
FEATURES
- New Resource:
aws_config_remediation_configuration
(#13884)
ENHANCEMENTS
- resource/aws_db_cluster_snapshot: Add plan-time validation for
db_cluster_snapshot_identifier
argument (#15132) - resource/aws_kinesis_firehose_delivery_stream: Add
server_side_encryption
key_arn
andkey_type
arguments (support KMS Customer Managed Key encryption) (#11954)
BUG FIXES
v3.6.0
v3.5.0
FEATURES
- New Data Source:
aws_docdb_orderable_db_instance
(#14931) - New Data Source:
aws_lex_slot_type
(#8916) - New Data Source:
aws_neptune_orderable_db_instance
(#14953) - New Data Source:
aws_rds_orderable_db_instance
(#14834) - New Data Source:
aws_vpc_peering_connections
(#9491) - New Resource:
aws_codebuild_report_group
(#12573) - New Resource:
aws_db_proxy
(#12704) - New Resource:
aws_emr_instance_fleet
(#14813) - New Resource:
aws_glue_user_defined_function
(#12537) - New Resource:
aws_guardduty_filter
(#14876) - New Resource:
aws_lex_slot_type
(#8916)
ENHANCEMENTS
- data-source/aws_cur_report_definition: Add
refresh_closed_reports
andreport_versioning
attributes (#12428) - data-source/aws_outposts_outpost: Add
arn
argument (#14967) - data-source/aws_route: Add
local_gateway_id
attribute (#14864) - data-source/aws_route_table: Add
route
local_gateway_id
attribute (#14864) - resource/aws_acm_certificate: Provide additional plan-time validation for
subject_alternative_names
argument values (#14782) - resource/aws_ami: Support
io2
value forvolume_type
argument plan-time validation (#14906) - resource/aws_autoscaling_group: Support provider-level
ignore_tags
configuration (#13868) - resource/aws_cloudtrail: Add
insight_selector
configuration block (#12390) - resource/aws_cur_report_definition: Add
refresh_closed_reports
andreport_versioning
arguments (#12428) - resource/aws_cur_report_definition: Support
ATHENA
value inadditional_artifacts
argument plan-time validation (#12428) - resource/aws_cur_report_definition: Support
Parquet
value incompression
andformat
argument plan-time validations (#12428) - resource/aws_cur_report_definition: Support
MONTHLY
value intime_unit
argument plan-time validation (#12428) - resource/aws_ebs_volume: Support io2 type (#14894)
- resource/aws_ec2_client_vpn_endpoint: Support
authentication_options
type
argumentfederated-authentication
value and newsaml_provider_arn
argument (#14171) - resource/aws_emr_cluster: Add
core_instance_fleet
andmaster_instance_fleet
configuration blocks (#14788) - resource/aws_instance: Support
io2
value forvolume_type
argument plan-time validation (#14906) - resource/aws_kinesis_firehose_delivery_stream: Add
elasticsearch_configuration
vpc_config
configuration block (#13269) - resource/aws_kinesis_firehose_delivery_stream: Add
elasticsearch_configuration
cluster_endpoint
argument (#12484) - resource/aws_kinesis_firehose_delivery_stream: Add various plan-time validations for arguments (#12484)
- resource/aws_launch_template: Support
io2
value forvolume_type
argument plan-time validation (#14906) - resource/aws_msk_configuration: Support resource in-place updates and deletion (#14826)
- resource/aws_route: Add
local_gateway_id
argument (#14864) - resource/aws_route_table: Add
route
local_gateway_id
argument (#14864) - resource/aws_spot_fleet_request: Support
io2
value forvolume_type
argument plan-time validation (#14906) - resource/aws_wafv2_rule_group: Add
ip_set_forwarded_ip_config
configuration block toip_set_reference_statement
(#14902) - resource/aws_wafv2_web_acl: Add
ip_set_forwarded_ip_config
configuration block toip_set_reference_statement
(#14902)
BUG FIXES
- resource/aws_autoscaling_group: Prevent unnecessary tag removal and recreation within tag updates (#13868)
- resource/aws_cloudfront_distribution: Prevent panic with missing
ForwardedValues
(#14993) - resource/aws_dynamodb_table: Properly update
global_secondary_index
non_key_attributes
values (#9988) - resource/aws_emr_cluster: Prevent recreation when
ebs_config.volumes_per_instance
is greater than 1 (#14858) - resource/aws_lambda_function_event_invoke_config: Prevent unexpected format of function resource error (#14851)
- resource/aws_lightsail_instance: Prevent panic with key-only tags (#13868)
- resource/aws_mq_configuration: Prevent additional revision creation with
tags
only updates (#14850) - resource/aws_opsworks_stack: Suppress equivalent
custom_json
differences (#14886) - resource/aws_rds_cluster_endpoint: Increase creation timeout to 30 minutes (#14862)
- resource/aws_route53_resolver_rule: Correct handling for single period (
.
) value indomain_name
argument (#15015) - resource/aws_route53_zone_association: Correctly handle zones with over 100 VPC associations (#14885)
- resource/aws_waf_rate_based_rule: Properly update
rate_limit
value (#14964) - resource/aws_workspaces_workspace: Prevent error when
workspace_properties
running_mode
is set toALWAYS_ON
(#13976)
v3.4.0
FEATURES
- New Data Source:
aws_db_subnet_group
(#9525) - New Resource:
aws_emr_managed_scaling_policy
(#13965) - New Resource:
aws_guardduty_publishing_destination
(#13894) - New Resource:
aws_securityhub_action_target
(#10493) - New Resource:
aws_xray_encryption_config
(#13600) - New Resource:
aws_xray_group
(#13597)
ENHANCEMENTS
- resource/aws_apigatewayv2_integration: Add
integration_subtype
argument (Support AWS service integrations for HTTP APIs) (#14860) - resource/aws_elasticache_replication_group: Add plan-time validation for
notification_topic_arn
andsnapshot_arns
arguments (#12974) - resource/aws_globalaccelerator_endpoint_group: Add
client_ip_preservation_enabled
argument to theendpoint_configuration
configuration block (#14486) - resource/aws_storagegateway_cached_iscsi_volume: Add
kms_encrypted
andkms_key
arguments (#12066) - resource/aws_storagegateway_gateway: Add
smb_security_strategy
argument (#13563) - resource/aws_storagegateway_gateway: Add plan-time validation for
gateway_ip_address
argument (#13563) - resource/aws_storagegateway_gateway: Add
average_download_rate_limit_in_bits_per_sec
andaverage_upload_rate_limit_in_bits_per_sec
arguments (#13568) - resource/aws_storagegateway_nfs_file_share: Add
cache_attributes
configuration block (#14759) - resource/aws_storagegateway_nfs_file_share: Support
S3_INTELLIGENT_TIERING
value indefault_storage_class
argument plan-time validation (#14759) - resource/aws_storagegateway_smb_file_share: Add
cache_attributes
configuration block andcase_sensitivity
argument (#14790) - resource/aws_storagegateway_smb_file_share: Support
S3_INTELLIGENT_TIERING
value indefault_storage_class
argument plan-time validation (#14790) - resource/aws_xray_sampling_rule: Add
tags
argument (#14831)
BUG FIXES
- resource/aws_acmpca_certificate_authority: Ensure
DELETED
status triggers state removal (#13684) - resource/aws_appmesh_virtual_node: Prevent panics with empty
backend
configuration blocks (#14074) - resource/aws_cloudfront_distribution: Preview panics during resource import with empty
forwarded_values.query_string
(#14844) - resource/aws_elasticache_replication_group: Ensure
tags
are stored in Terraform state and properly updated (#12974) - resource/aws_emr_instance_group: Increase creation and update timeout to 30 minutes (#13077] / [#14106)
- resource/aws_globalaccelerator_accelerator: Increase creation timeout to 10 minutes (#14486)
- resource/aws_globalaccelerator_endpoint_group: Prevent differences with
health_check_path
defaults (#14486) - resource/aws_glue_crawler: Properly update
schedule
value (#14792)
v3.3.0
ENHANCEMENTS
- data-source/aws_lambda_layer_version: Support
java8.al2
andprovided.al2
inruntime
argument plan-time validation (#14663) - provider: Support for appending information to User-Agent request headers with the
TF_APPEND_USER_AGENT
environment variable (#14555) - resource/aws_apigatewayv2_api: Add
body
argument (#12567) - resource/aws_customer_gateway: Support tag on create (#14501)
- resource/aws_dms_replication_instance: Add
allow_major_version_upgrade
argument (#14550) - resource/aws_ec2_client_vpn_network_association: Allow specifying custom security groups (#14146)
- resource/aws_ec2_client_vpn_network_association: Support resource import (#14146)
- resource/aws_egress_only_intrenet_gateway:-Ssupport tag on create (#14501)
- resource/aws_eks_node_group: Support
AL2_ARM_64
value forami_type
argument plan-time validation (#14729) - resource/aws_eks_node_group: Add
launch_template
configuration block (#14639) - resource/aws_internet_gateway: Support tag on create (#14501)
- resource/aws_lambda_function: Support
java8.al2
andprovided.al2
inruntime
argument plan-time validation (#14663) - resource/aws_lambda_layer_version: Support
java8.al2
andprovided.al2
incompatible_runtimes
argument plan-time validation (#14663) - resource/aws_launch_template: Support
elastic-gpu
andspot-instances-request
intag_specifications
resource_type
argument plan-time validation (#14662) - resource/aws_network_acl: Support tag on create (#14501)
- resource/aws_network_interface: Support tag on create (#14501)
- resource/aws_route_table: Support tag on create (#14501)
- resource/aws_security_group: Support tag on create (#14501)
- resource/aws_spot_instance_request: Support tag on create (#14501)
- resource/aws_storagegatway_smb_file_share: Add
audit_destination_arn
andsmb_acl_enabled
arguments (#13572) - resource/aws_subnet: Support tag on create (#14501)
- resource/aws_subnet: Add plan-time validation to
ipv6_cidr_block
argument (#12303) - resource/aws_vpc_dhcp_options: Support tag on create (#14501)
- resource/aws_vpc_peering_connection: Support tag on create (#14501)
- resource/aws_vpn_connection: Support tag on create (#14501)
- resource/aws_vpn_gateway: Support tag on create (#14501)
- resource/aws_wafv2_rule_group: Add
forwarded_ip_config
configuration block togeo_match_statement
(#14685) - resource/aws_wafv2_web_acl: Add
forwarded_ip_config
configuration block torate_based_statement
andgeo_match_statement
(#14685) - resource/aws_wafv2_web_acl: Support
FORWARDED_IP
value forrate_based_statement
aggregate_key_type
argument plan-time validation (#14685)
BUG FIXES
- resource/aws_api_gateway_vpc_link: Increase create, update, and delete timeouts to 20 minutes (#10407)
- resource/aws_apigatewayv2_stage: Set
execution_arn
attribute for HTTP APIs (#14638) - resource/aws_db_parameter_group: Restore ability to update
parameter
configuration values (#12112) - resource/aws_user_pool_domain: Ensure state removal when deleted outside Terraform (#14732)
- resource/aws_rds_cluster_parameter_group: Restore ability to update
parameter
configuration values (#12112) - resource/aws_ssm_parameter: Handle retries after creation for asynchronous
data_type
validation process (#14514) - resource/aws_storagegateway_nfs_file_share: Skip
UpdateSMBFileShare
API call when onlytags
change and remove extraneousListTagsForResource
API call during read (#13590) - resource/aws_subnet: Ensure
ipv6_cidr_block
argument performs removal when removed from configuration (#12303)
v3.2.0
ENHANCEMENTS
- data-source/aws_launch_configuration: Add
ebs_block_device
no_device
attribute (#14583) - data-source/aws_lb: Add
subnet_mapping
private_ipv4_address
attribute (#14545) - provider: Upgrade to Terraform Plugin SDK V2. There should be no breaking changes from a practitioner's perspective. Some validation errors should now feature enhanced messaging. (#14432)
- resource/aws_accessanalyzer_analyzer: Support
ORGANIZATION
value intype
argument (#14493) - resource/aws_codebuild_project: Support
WINDOWS_SERVER_2019_CONTAINER
value inenvironment
type
argument plan-time validation (#14532) - resource/aws_organizations_organization: Support
AISERVICES_OPT_OUT_POLICY
value inenabled_policy_types
argument plan-time validation (Support AI Opt Out policies) (#14650) - resource/aws_organizations_policy: Support
AISERVICES_OPT_OUT_POLICY
value intype
argument plan-time validation (Support AI Opt Out policies) (#14528) - resource/aws_route53_health_check: Add
disabled
argument (#14614)
BUG FIXES
- data-source/aws_launch_template: Prevent type error with
network_interfaces
delete_on_termination
attribute (#14599) - resource/aws_acm_certificate_validation: Prevent panic with missing
DomainValidationOptions
ResourceRecord
attribute in API response [#14590] - resource/aws_ecr_repository: Prevent panic with missing
EncryptionConfiguration
attribute in API response (#14584) - resource/aws_wafv2_rule_group: Prevent unnecessary resource recreation with
rule
updates (#14617) - resource/aws_wafv2_web_acl: Prevent unnecessary resource recreation with
rule
updates (#14616)
v3.1.0
NOTES:
- resource/aws_route53_zone_association: The addition of cross-account zone association support required the use of new
ListHostedZonesByVPC
API call and adding the VPC Region to the resource ID for new resources. Restrictive IAM permissions for Terraform and cross-region imports may require updates. (#14215)
FEATURES
- New Data Source:
aws_ec2_spot_price
(#12504) - New Resource:
aws_route53_vpc_association_authorization
(#14215)
ENHANCEMENTS
- data-source/aws_ecr_repository: Allow
registry_id
as an argument (#14368) - data-source/aws_ecr_repository: Add
image_scanning_configuration
andimage_tag_mutability
attributes (#14368) - data-source/aws_ecr_repository: Add
encryption_configuration
attribute (#14520) - resource/aws_api_gateway_method_settings: Plan-time validation added to
settings
unauthorized_cache_control_header_strategy
andlogging_level
arguments (#12651) - resource/aws_ecr_repository: Add
encryption_configuration
attribute (#14520) - resource/aws_lb: Add
subnet_mapping
configuration blockprivate_ipv4_address
argument (#11404) - resource/aws_rds_global_cluster: Add
force_destroy
andsource_db_cluster_identifier
arguments (#14487) - resource/aws_rds_global_cluster: Add
global_cluster_members
attribute (#14487) - resource/aws_route53_zone_association: Cross-account zone associations can now be created in conjunction with the new
aws_route53_vpc_association_authorization
resource (#14215) - resource/aws_ssm_parameter: Add
data_type
argument (supportaws:ec2:image
parameters) (#13326)
BUG FIXES
- data-source/aws_availability_zones: Prevent unexpected plan output every apply with
group_names
attribute (#14412) - data-source/aws_s3_bucket: Ensure provider
s3_force_path_style
configuration is passed through for getting S3 Bucket location with non-AWS implementations (#14481) - resource/aws_api_gateway_method_settings: Allow
settings
cache_ttl_in_seconds
argument to be set to 0 (#12651) - resource/aws_elastictranscoder_preset: Prevent empty configuration block panics (#14092)
- resource/aws_lambda_event_source_mapping: Allow
maximum_retry_attempts
argument to be set to 0 (#12479) - resource/aws_rds_cluster: Add an
InvalidDBClusterStateFault
retryable error condition for clusters part of a global cluster (#14420) - resource/aws_rds_cluster: Increase retry timeout for deletion to 2 minutes (#14420)
- resource/aws_rds_cluster: Prevent error when both
global_cluster_identifier
andreplication_source_identifier
are configured on creation (#14490) - resource/aws_s3_bucket: Ensure provider
s3_force_path_style
configuration is passed through for getting S3 Bucket location with non-AWS implementations (#14481) - resource/aws_secretsmanager_secret: Allow retries for IAM eventual consistency errors (#14459)
- resource/aws_security_group: Ensure
name_prefix
argument with hex digitsa
throughf
is properly imported (#14475) - resource/aws_spot_fleet_request: Allow
target_capacity
argument to be updated to 0 (#12759) - resource/aws_spot_fleet_request: Wait for modify operation completion (default timeout of 10 minutes) (#12759)
- resource/aws_vpc_dhcp_options_association: Properly trigger resource recreation when VPC is deleted outside Terraform (#14367)