v5.57.0

FEATURES:

• New Data Source: aws_appstream_image (#38225)
• New Data Source: aws_cognito_user_pool (#37399)
• New Data Source: aws_ec2_transit_gateway_peering_attachments (#25743)
• New Data Source: aws_transfer_connector (#38213)

ENHANCEMENTS:

• data-source/aws_backup_plan: Add rule attribute (#37890)
• resource/aws_amplify_domain_association: Add certificate_settings argument (#37105)
• resource/aws_ec2_transit_gateway_peering_attachment: Add options argument (#36902)
• resource/aws_iot_authorizer: Add tags argument (#37152)
• resource/aws_iot_topic_rule: Add cloudwatch_logs.batch_mode and error_action.cloudwatch_logs.batch_mode arguments (#36772)
• resource/aws_sagemaker_endpoint_configuration: Add support for InputAndOutput in capture_mode (#37726)

BUG FIXES:

• resource/aws_iot_provisioning_template: Fix pre_provisioning_hook update operation (#37152)
• resource/aws_iot_topic_rule: Retry IAM eventual consistency errors on Update (#36286)

v5.56.1

BUG FIXES:

• data-source/aws_cognito_user_pool_client: Fix InvalidParameterException: 2 validation errors detected errors on Read (#38168)
• resource/aws_cognito_user: Fix a bug that caused resource recreation for resources imported with certain import ID formats (#38182)
• resource/aws_cognito_user_pool: Fix runtime error: index out of range [0] with length 0 panic when adding lambda_config (#38184)

v5.56.0

FEATURES:

• New Resource: aws_appfabric_app_authorization_connection (#38084)
• New Resource: aws_appfabric_ingestion (#37291)
• New Resource: aws_appfabric_ingestion_destination (#37627)
• New Resource: aws_networkfirewall_tls_inspection_configuration (#35168)
• New Resource: aws_networkmonitor_monitor (#35722)
• New Resource: aws_networkmonitor_probe (#35722)

ENHANCEMENTS:

• resource/aws_controltower_control: Add parameters argument and arn attribute (#38071)
• resource/aws_networkfirewall_logging_configuration: Add plan-time validation of firewall_arn (#35168)
• resource/aws_quicksight_account_subscription: Add iam_identity_center_instance_arn attribute (#36830)
• resource/aws_route53_resolver_firewall_rule: Add firewall_domain_redirection_action argument (#37242)
• resource/aws_route53_resolver_firewall_rule: Add q_type argument (#38074)
• resource/aws_sagemaker_domain: Add default_user_settings.canvas_app_settings.generative_ai_settings configuration block (#37139)
• resource/aws_sagemaker_domain: Add default_user_settings.code_editor_app_settings.custom_image configuration block (#37153)
• resource/aws_sagemaker_endpoint_configuration: Add production_variants.inference_ami_version and shadow_production_variants.inference_ami_version arguments (#38085)
• resource/aws_sagemaker_user_profile: Add user_settings.canvas_app_settings.generative_ai_settings configuration block (#37139)
• resource/aws_sagemaker_user_profile: Add user_settings.code_editor_app_settings.custom_image configuration block (#37153)
• resource/aws_sagemaker_workforce: add oidc_config.authentication_request_extra_params and oidc_config.scope arguments (#38078)
• resource/aws_sagemaker_workteam: Add worker_access_configuration attribute (#38087)
• resource/aws_wafv2_web_acl: Add sensitivity_level argument to sqli_match_statement configuration block (#38077)

BUG FIXES:

• data-source/aws_ecs_service: Correctly set tags (#38067)
• resource/aws_drs_replication_configuration_template: Fix issues preventing creation and deletion (#38143)

v5.55.0

FEATURES:

• New Resource: aws_drs_replication_configuration_template (#26399)

ENHANCEMENTS:

• data-source/aws_autoscaling_group: Add mixed_instances_policy.launch_template.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price attribute (#38003)
• data-source/aws_glue_catalog_table: Add additional_locations argument in storage_descriptor (#37891)
• data-source/aws_launch_template: Add instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price attribute (#38003)
• data-source/aws_networkmanager_core_network_policy_document: Add attachment_policies.action.add_to_network_function_group argument (#38013)
• data-source/aws_networkmanager_core_network_policy_document: Add network_function_groups configuration block (#38013)
• data-source/aws_networkmanager_core_network_policy_document: Add send-via and send-to as valid values for segment_actions.action (#38013)
• data-source/aws_networkmanager_core_network_policy_document: Add single-hop and dual-hop as valid values for segment_actions.mode (#38013)
• data-source/aws_networkmanager_core_network_policy_document: Add when_sent_to and via configuration blocks to segment_actions (#38013)
• resource/aws_api_gateway_integration: Increase maximum value of timeout_milliseconds from 29000 (29 seconds) to 300000 (5 minutes) (#38010)
• resource/aws_appsync_api_key: Add api_key_id attribute (#36568)
• resource/aws_autoscaling_group: Add mixed_instances_policy.launch_template.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price argument (#38003)
• resource/aws_autoscaling_group: Add plan-time validation of warm_pool.max_group_prepared_capacity and warm_pool.min_size (#37174)
• resource/aws_docdb_cluster: Add restore_to_point_in_time argument (#37716)
• resource/aws_dynamodb_table: Adds validation for ttl values. (#37991)
• resource/aws_ec2_fleet: Add launch_template_config.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price argument (#38003)
• resource/aws_glue_catalog_table: Add additional_locations argument in storage_descriptor (#37891)
• resource/aws_glue_job: Add maintenance_window argument (#37760)
• resource/aws_launch_template: Add instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price argument (#38003)

BUG FIXES:

• data-source/aws_ami: Fix interface conversion: interface {} is types.ProductCodeValues, not string panic (#37977)
• data-source/aws_networkmanager_core_network_policy_document: Add correct except values to the returned JSON document when segment_actions.share_with_except is configured (#38013)
• provider: Now falls back to non-FIPS endpoint if use_fips_endpoint is set and no FIPS endpoint is available (#38057)
• resource/aws_autoscaling_group: Fix bug updating warm_pool.max_group_prepared_capacity to 0 (#37174)
• resource/aws_dynamodb_table: Fixes perpetual diff when ttl.attribute_name is set when ttl.enabled is not set. (#37991)
• resource/aws_ec2_network_insights_path: Mark destination as Optional (#36966)
• resource/aws_lambda_event_source_mapping: Remove the upper limit on scaling_config.maximum_concurrency (#37980)
• service/transitgateway: Fix resource Read pagination regression causing NotFound errors (#38011)

v5.54.1

BUG FIXES:

• data-source/aws_ami: Fix interface conversion: interface {} is types.ProductCodeValues, not string panic (######)
• resource/aws_codebuild_project: Increase maximum values of build_batch_config.timeout_in_mins and build_timeout from 480 (8 hours) to 2160 (36 hours) (#37970)

v5.54.0

NOTES:

• resource/aws_ec2_capacity_block_reservation: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#37528)

FEATURES:

• New Data Source: aws_ec2_capacity_block_offering (#37528)
• New Resource: aws_appfabric_app_authorization (#37468)
• New Resource: aws_appfabric_app_bundle (#37542)
• New Resource: aws_ec2_capacity_block_reservation (#37528)
• New Resource: aws_fms_resource_set (#37767)
• New Resource: aws_guardduty_malware_protection_plan (#37919)

ENHANCEMENTS:

• data-source/aws_opensearch_domain: Add ip_address_type argument (#37237)
• resource/aws_ec2_traffic_mirror_session: Mark packet_length as Computed (#36962)
• resource/aws_opensearch_domain: Add ip_address_type argument (#37237)
• resource/aws_vpc_endpoint: Add subnet_configuration argument to support user defined IP addresses (#37226)

BUG FIXES:

• data-source/aws_ami: Fix query returning no results (#37958)
• provider: Fixes an error where some data sources were not returning tags (#37966)
• resource/aws_applicationinsights_application: Change resource_group_name to ForceNew (#36962)
• resource/aws_dynamodb_table: Fix UnknownOperationException: Tagging is not currently supported in DynamoDB Local errors on resource Read (#37924)
• resource/aws_ec2_capacity_reservation: Fix InvalidCapacityReservationId.NotFound errors during Read and Delete when resource is manually deleted (#37127)
• resource/aws_route53_zone: Fix InvalidInput: 1 validation error detected: Value '...' at 'resourceId' failed to satisfy constraint: Member must have length less than or equal to 32 errors for resources imported with a /hostedzone/ prefix (#37893)
• service/apigatewayv2: Retry on ConflictException: Unable to complete operation due to concurrent modification errors (#37902)

v5.53.0

FEATURES:

• New Resource: aws_paymentcryptography_key (#37017)
• New Resource: aws_paymentcryptography_key_alias (#37020)

ENHANCEMENTS:

• data-source/aws_customer_gateway: Add bgp_asn_extended argument (#37815)
• data-source/aws_rds_engine_version: Add supports_limitless_database attribute (#37271)
• provider: The use_fips_endpoint flag is now ignored for any service with a custom endpoint configured in endpoints. (#34233)
• resource/aws_apigatewayv2_authorizer: Add configurable delete timeout (#37732)
• resource/aws_customer_gateway: Add bgp_asn_extended argument (#37815)
• resource/aws_fsx_lustre_file_system: Add metadata_configuration argument (#37868)
• resource/aws_lb: Add support for IPv6-only Application Load Balancers (#37700)
• resource/aws_mwaa_environment: Add max_webservers and min_webservers attributes (#37632)
• resource/aws_pipes_pipe: Add log_configuration argument (#37135)
• resource/aws_route53_record: Fix InvalidChangeBatch errors on resource Delete (#37850)
• resource/aws_s3_bucket: Ignore UnsupportedOperation errors when reading acceleration_status, server_side_encryption_configuration and tags (#37801)
• resource/aws_transfer_ssh_key: Add ssh_key_id attribute (#37548)

BUG FIXES:

• resource/aws_apigatewayv2_authorizer: Fix ConflictException errors on resource Delete (#37732)
• resource/aws_bedrockagent_agent: Increase instruction max length for validation to 4000 (#37758)
• resource/aws_cloudwatch_log_group: Correctly handles tag updates with empty string tags (#37668)
• resource/aws_kms_external_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#37818)
• resource/aws_kms_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#37818)
• resource/aws_kms_replica_external_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#37818)
• resource/aws_kms_replica_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#37818)
• resource/aws_mq_broker: Do not reboot on changes to maintenance_window_start_time or auto_minor_version_upgrade (#36506)
• resource/aws_pipes_pipe: Mark source_parameters.self_managed_kafka_parameters.credentials.basic_auth as Optional (#34293)
• resource/aws_secretsmanager_secret: Tags with empty values no longer remove all tags. (#37743)
• resource/aws_ssm_parameter: Fix Cannot import non-existent remote object errors when importing resources with version (#37832)
• resource/aws_vpc_endpoint: Restore pre-v5.51.0 default of false for private_dns_enabled (#37715)
• service/chatbot: Correctly overrides region when using custom endpoint. (#37851)
• service/costoptimizationhub: Correctly overrides region when using custom endpoint. (#37851)
• service/cur: Correctly overrides region when using custom endpoint. (#37851)
• service/globalaccelerator: Correctly overrides region when using custom endpoint. (#37851)
• service/route53: Correctly overrides region when using custom endpoint. (#37851)
• service/route53domains: Correctly overrides region when using custom endpoint. (#37851)
• service/shield: Correctly overrides region when using custom endpoint. (#37851)

v5.52.0

ENHANCEMENTS:

• resource/aws_kinesisanalyticsv2_application: Add application_mode argument (#37714)
• resource/aws_lightsail_bucket: Add support to ListTags function for proper key-only tag handling (#37711)
• resource/aws_lightsail_certificate: Add support to ListTags function for proper key-only tag handling (#37711)
• resource/aws_lightsail_container_service: Add support to ListTags function for proper key-only tag handling (#37711)
• resource/aws_lightsail_database: Add support to ListTags function for proper key-only tag handling (#37711)
• resource/aws_lightsail_distribution: Add support to ListTags function for proper key-only tag handling (#37711)
• resource/aws_lightsail_key_pair: Add support to ListTags function for proper key-only tag handling (#37711)
• resource/aws_lightsail_lb: Add support to ListTags function for proper key-only tag handling (#37711)

BUG FIXES:

• resource/aws_lightsail_database: Prevent destroy failure when resource is already deleted outside Terraform (#37711)
• resource/aws_lightsail_instance: Fix crash when reading a resource that has a key-only tag (#37587)
• resource/aws_lightsail_key_pair: Prevent destroy failure when resource is already deleted outside Terraform (#37711)
• resource/aws_lightsail_lb: Prevent destroy failure when resource is already deleted outside Terraform (#37711)

v5.51.1

ENHANCEMENTS:

• resource/aws_ecs_service: Add volume_configuration argument (#37019)
• resource/aws_ecs_task_definition: Add configure_at_launch parameter in volume argument (#37019)

BUG FIXES:

• data-source/aws_route53_zone: Fix incorrect name_servers values (#37685)
• data-source/aws_route53_zone: Permit both name and zone_id arguments when one is an empty string (#37686)
• resource/aws_route53_zone: Fix incorrect name_servers values (#37685)

v5.51.0

NOTES:

• data-source/aws_lambda_function: source_code_hash attribute has been deprecated in favor of code_sha256. Will be removed in a future major version (#37669)
• data-source/aws_lambda_layer_version: source_code_hash attribute has been deprecated in favor of code_sha256. Will be removed in a future major version (#37646)

FEATURES:

• New Data Source: aws_chatbot_slack_workspace (#37218)
• New Resource: aws_lambda_runtime_management_config (#37643)
• New Resource: aws_vpc_endpoint_private_dns (#37628)
• New Resource: aws_vpc_endpoint_service_private_dns_verification (#37176)

ENHANCEMENTS:

• data-source/aws_lambda_function: Add code_sha256 attribute (#37669)
• data-source/aws_lambda_layer_version: Add code_sha256 attribute (#37646)
• data-source/aws_route53_traffic_policy_document: Add support for application-load-balancer, elastic-beanstalk and network-load-balancer endpoint.type values (#37618)
• resource/aws_api_gateway_deployment: Add canary_settings attribute (#37573)
• resource/aws_iam_openid_connect_provider: Allow client_id_list to be updated in-place (#37612)
• resource/aws_lambda_function: Add code_sha256 attribute (#37669)
• resource/aws_lambda_function: Remove replace_security_group_on_destroy and replacement_security_group_ids deprecations, re-implement with alternate workflow (#37624)
• resource/aws_lambda_layer_version: Add code_sha256 attribute (#37646)
• resource/aws_route53_health_check: Add plan-time validation of cloudwatch_alarm_region (#37510)
• resource/aws_route53_record: Add plan-time validation of latency_routing_policy.region (#37510)
• resource/aws_route53_vpc_association_authorization: Add plan-time validation of vpc_region (#37510)
• resource/aws_route53_zone_association: Add plan-time validation of vpc_region (#37510)
• resource/aws_wafv2_web_acl: Add api_gateway, app_runner_service, cognito_user_pool, and verified_access_instance configuration blocks to association_config.request_body (#37588)

BUG FIXES:

• resource/aws_dynamodb_table_replica: Correctly set kms_key_arn on Read (#37570)
• resource/aws_kms_grant: Change grant_token to Sensitive (#37593)
• resource/aws_lambda_function: Fix issue when source_code_hash causes drift even if source code has not changed (#37669)
• resource/aws_lambda_layer_version: Fix issue when source_code_hash forces a replacement even if source code has not changed (#37646)
• resource/aws_m2_deployment: Fix state error on deployment_id during start/stop update (#37581)
• resource/aws_storagegateway_smb_file_share: Fix crash when cache_attributes is removed on update (#37611)