Update Terraform aws to v5 #30
Loading…
Reference in a new issue
No description provided.
Delete branch "renovate/aws-5.x"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
4.67.0
->5.82.2
Release Notes
hashicorp/terraform-provider-aws (aws)
v5.82.2
Compare Source
BUG FIXES:
mutual_authentication.advertise_trust_store_ca_names
attribute. This fixes a regression introduced in v5.82.0 causingsetting mutual_authentication: Invalid address to set: []string{"mutual_authentication", "0", "advertise_trust_store_ca_names"}
errors (#40658)v5.82.1
Compare Source
ENHANCEMENTS:
availability_zone_distribution
argument (#40634)BUG FIXES:
statement
sid
(#40639)v5.82.0
Compare Source
NOTES:
id
attribute has changed to prevent inconsistent parsing which resulted in provider crashes under certain conditions. The new format is a comma-delimited string combininggroup_arn
andresource_arn
in their entirety. Configuarations relying on the previous format may need to be updated to continue functioning correctly. (#40579)FEATURES:
aws_servicecatalogappregistry_attribute_group_associations
(#38306)aws_api_gateway_domain_name_access_association
(#40566)aws_cloudfront_vpc_origin
(#40239)aws_memorydb_multi_region_cluster
(#40376)aws_networkmanager_dx_gateway_attachment
(#40546)aws_rds_cluster_snapshot_copy
(#40398)ENHANCEMENTS:
arn
attribute (#40546)statement
sid
is valid, including on alphanumeric characters (#40562)service_region
attribute (#40583)agent_collaboration
attribute to configure agent collaboration role (#40543)origin.vpc_origin_config
argument (#40239)name_prefix
argument (#40622)arn
attribute (#40546)efa_enabled
argument (#40381)advertise_trust_store_ca_names
attribute to themutual_authentication
configuration block (#40550)multi_region_cluster_name
argument (#40376)edge_locations
attribute (#40546)service_region
argument (#40583)BUG FIXES:
AccessDeniedException: ... is not authorized to perform: acm-pca:GetCertificateAuthorityCsr on resource: ...
errors for RAM-shared CAs (#39952)setting entitlements: Invalid address to set: []string{"entitlements", "0", "overage"}
errors (#40621)certificate_settings
when updating. (#40589)certificate_settings.type
toCUSTOM
. (#40589)ValidationException
when settingcertificate_settings.type
toAMPLIFY_MANAGED
. (#40589)certificate_settings
not set. (#40589)certificate_settings
is not set during update. (#40589)arn
for private custom domain names (#40566)vpc_configuration.tls_certificate
as Optional (#40574)at_rest_encryption_enabled
whenengine
isvalkey
. (#40514)IAMPrincipals
principal group (#38600)permissions
andpermissions_with_grant_option
attributes (#38047)result
attribute when changinginput
attribute, for lifecycle scope "CRUD" (#34263)teletext_destination_settings
. (#33797)allocated_storage
(#40601)force_destroy = true
can now delete objects with non-XML-safe keys (#40537)force_destroy = true
can now delete objects with non-XML-safe keys (#40537)automatically_after_days
was not being set properly whenschedule_expression
had been set previously (#34295)InvalidRequestException: A previous rotation isn't complete. That rotation will be reattempted.
(#34295)redrive_allow_policy
diffs (#40604)v5.81.0
Compare Source
FEATURES:
aws_servicecatalogappregistry_attribute_group
(#38188)aws_ssm_parameter
(#40313)aws_bedrock_inference_profile
(#40294)aws_cloudwatch_log_anomaly_detector
(#40437)aws_ecr_account_setting
(#40219)aws_msk_single_scram_secret_association
(#37056)aws_servicecatalogappregistry_attribute_group
(#38183)aws_servicecatalogappregistry_attribute_group_association
(#38290)ENHANCEMENTS:
policy
anddomain_name_id
attributes (#40364)tags
attribute (#38243)delivery_options.max_delivery_seconds
andtracking_options.https_policy
attributes (#40194)domain_name_id
argument (#40447)policy
argument anddomain_name_id
attribute (#40364)PRIVATE
as a valid value forendpoint_configuration.types
argument, enabling custom domain name support for private REST API endpoints (#40364)completion_duration_minutes
argument (#40336)configuration.retention_configuration
andconfiguration.orphan_file_deletion_configuration
attributes. (#40199)enable_primary_ipv6
argument to add support for enabling primary IPv6 addresses on EC2 instances (#36425)shard_count
would not exceed the AWS account's shard quota when the data stream capacity mode isPROVISIONED
, preventing the provider from retrying for 1 hour in the case that the quota is exceeded. This functionality requires thekinesis:DescribeLimits
IAM permission (#40499)kinesis:DescribeLimits
IAM permission (#40499)topic_replication.topic_name_configuration
argument (#40101)enable_primary_ipv6
argument to add support for enabling primary IPv6 addresses for network interfaces (#36425)stateful_engine_options.flow_timeouts
argument (#39996)serverlessv2_scaling_configuration.seconds_until_auto_pause
argument (#40441)tags
argument andtags_all
attribute (#40470)notebook-al2-v3
value forplatform_identifier
(#40484)tags
argument andtags_all
attribute (#38243)delivery_options.max_delivery_seconds
andtracking_options.https_policy
arguments (#40194)BUG FIXES:
InvalidArgumentException: NextToken and StreamName cannot be provided together
errors when the data stream has more than 1000 shards (#40499)rule
fromTypeSet
toTypeList
as order is significant (#40521)throughput_capacity
validation to allow values up to12228
(#40468)logging_configuration.log_destination_config
s (#40092)InvalidDBClusterStateFault
errors when deleting clusters that are members of a global cluster (#40333)InvalidParameterValue: Serverless v2 maximum capacity 0.0 isn't valid. The maximum capacity must be at least 1.0.
errors when removingserverlessv2_scaling_configuration
in an update (#40511)storage_type
when restoring from S3 (#40471)storage_type
when restoring from snapshot (#40471)storage_type
when restoring to a point in time (#40471)database_name
as Computed. This prevents resource recreation when the source cluster specifies adatabase_name
(#40469)v5.80.0
Compare Source
FEATURES:
aws_codeconnections_connection
(#40300)aws_codeconnections_host
(#40300)aws_s3tables_namespace
(#40420)aws_s3tables_table
(#40420)aws_s3tables_table_bucket
(#40420)aws_s3tables_table_bucket_policy
(#40420)aws_s3tables_table_policy
(#40420)ENHANCEMENTS:
instruction
max length for validation to 8000 (#40279)deletion_protection_enabled
argument (#35359)serverlessv2_scaling_configuration.max_capacity
andserverlessv2_scaling_configuration.min_capacity
minimum values to0
to support Amazon Aurora Serverless v2 scaling to 0 ACUs (#40230)LocalZone
as a valid value forlocation.type
, enabling support for Amazon S3 Express One Zone in AWS Dedicated Local Zones (#40339)BUG FIXES:
tags_all
when planning. (#40305)deserialization failed, failed to decode response body with invalid JSON
errors on Read (#40419)v5.79.0
Compare Source
FEATURES:
aws_vpc_block_public_access_exclusion
(#40235)aws_vpc_block_public_access_options
(#40233)ENHANCEMENTS:
compute_config
,storage_config
, andkubernetes_network_config.elastic_load_balancing
arguments for EKS Auto Mode (#40370)remote_network_config
argument for EKS Auto Mode (#40371)metrics_config
argument (#40322)provisioned_poller_config
argument (#40303)supported_regions
argument (#40346)BUG FIXES:
disk_iops_configuration.iops
from350000
to400000
fordeployment_type = "SINGLE_AZ_2"
(#40359)v5.78.0
Compare Source
NOTES:
FEATURES:
aws_iam_organizations_features
(#40164)ENHANCEMENTS:
engine
attribute (#40224)cluster_configuration.engine
attribute (#40224)engine
argument (#40224)cluster_configuration.engine
attribute (#40224)BUG FIXES:
product_description
(e.g., "postgresql") is a substring of multiple products, fixError: multiple RDS Reserved Instance Offerings matched; use additional constraints to reduce matches to a single RDS Reserved Instance Offering
(#40281)Warning: AWS account ID not found for provider
whenskip_requesting_account_id
istrue
(#40264)eksProperties
orecsProperties
block (#40172)content_policy_config.filters_config
s are specified. (#40304)sns_topic_arns
changes (#40253)sns_topic_arns
changes (#40291)storage_type
fromio1
orio2
togp3
, fix bug causing errorInvalidParameterCombination: You must specify both the storage size and iops when modifying the storage size or iops on a DB instance that has iops
(#37257)gp3
volume'sallocated_storage
to a value larger than the threshold value forengine
, fix bug causing errorInvalidParameterCombination: You must specify both the storage size and iops when modifying the storage size or iops on a DB instance that has iops
(#28847)v5.77.0
Compare Source
NOTES:
aws_kms_secrets
,aws_lambda_invocation
, andaws_secretsmanager_secret_version
now support ephemeral values. (#40009)FEATURES:
aws_kms_secrets
(#40009)aws_lambda_invocation
(#39988)aws_secretsmanager_secret_version
(#40009)aws_rds_instance_state
(#40180)ENHANCEMENTS:
most_recent
is true and certain filter criteria are missing (#40211)availability_zone_rebalancing
attribute (#40225)availability_zone_rebalancing
attribute (#40225)versionConsistency
argument tocontainer_definitions
(#40216)nodejs22.x
runtime
value (#40277)nodejs22.x
compatible_runtimes
value (#40277)endpoint
argument to point to the writer DB instance in the current primary cluster (#39960)BUG FIXES:
tags
from theDescribeSubnets
response, removing the need for theec2:DescribeTags
IAM permission (#40144)schema
element (#40195)pod_identity_association
is modified (#40168)pod_identity_association
is changed (#40168)v5.76.0
Compare Source
FEATURES:
aws_vpc_security_group_vpc_association
(#40069)ENHANCEMENTS:
python3.13
runtime
value (#40277)python3.13
compatible_runtimes
value (#40277)BUG FIXES:
BadRequestException: Invalid mapping expression specified
andNotFoundException: Invalid parameter name specified
errors when making updates torequest_parameters
and/orcache_key_parameters
(#40124)BadRequestException: Invalid mapping expression specified
andNotFoundException: Invalid parameter name specified
errors when making updates torequest_parameters
(#40124)launch_template
that is updated causingValidationError: You must use a valid fully-formed launch template.
(#40088)ipam_pool_id
is set (#40082)Provider returned invalid result object after apply
errors (#40090)policy_names
(#40076)policy_arns
(#40076)policy_names
(#40076)policy_arns
(#40076)policy_names
(#40076)policy_arns
(#40076)v5.75.1
Compare Source
ENHANCEMENTS:
description
attribute (#39980)reset_on_delete
to properly reset CloudWatch Role ARN on deletion. (#40004)description
argument (#39980)BUG FIXES:
canary_settings
andstage_description
whenstage_name
not set. (#40067)ttl[0].attribute_name
to be set whenttl[0].enabled
is false (#40046)ValidationException
on updates when RStudio is disabled on the domain (#40049)v5.75.0
Compare Source
BREAKING CHANGES:
canary_settings.deployment_id
attribute asrequired
(#39929)NOTES:
ARNType
will properly surface validation errors (#40008)deployment_id
was added tocanary_settings
as arequired
attribute. This breaking change was necessary to makecanary_settings
functional. Without this change all canary traffic was routed to the main deployment (#39929)FEATURES:
aws_spot_datafeed_subscription
(#39647)ENHANCEMENTS:
init_containers
,share_process_namespace
, andimage_pull_secrets
attributes (#40019)init_containers
andshare_process_namespace
arguments (#40019)containers
arguments to 10 (#40019)pod_identity_association
argument (#38357)password
argument as sensitive (#39991)BUG FIXES:
alarm_configuration.alarms
argument (#39971)ResourceNotFound
exceptions during resource destruction (#38357)Value Conversion Error
during resource creation (#39945)tcp_idle_timeout_seconds
argument for gateway load balancers (#40039)tcp_idle_timeout_seconds
value, preventingModifyListenerAttributes
API calls when a value is not explicitly configured (#40039)public_ip_source = "amazon"
:The request can only contain PubliclyAdvertisable if the AddressFamily is IPv6 and PublicIpSource is byoip.
(#40042)v5.74.0
Compare Source
FEATURES:
aws_lb_listener_rule
(#39865)aws_opensearch_authorize_vpc_endpoint_access
(#39846)aws_ssmquicksetup_configuration_manager
(#39931)ENHANCEMENTS:
distribution.s3_export_configuration
attribute (#35492)block_device_mapping.0.ebs.0.delete_on_termination: '' expected type 'bool', got unconvertible type 'string'
errors (#39928)termination_hook_enabled
argument (#35482)zonal_shift_config
argument (#39852)distribution.s3_export_configuration
argument (#35492)container_recipe_arn
andimage_recipe_arn
to be updated in-place (#39117)replication_specification
argument (#36331)efa-only
as a valid value fornetwork_interfaces.interface_type
(#39882)TransferSecurityPolicy-Restricted-2024-06
as a valid value forsecurity_policy_name
(#39871)BUG FIXES:
master_password
on resource Create whensnapshot_identifier
is configured (#38193)component.parameter.name
,component.parameter.value
,target_repository.repository_name
, andtarget_repository.service
to ForceNew (#39117)interface conversion: interface {} is nil, not map[string]interface {}
panic whengeolocation_routing_policy
is empty (#39944)approval_rule.approve_after_days
validation to allow a maximum value of360
(#39949)decoding JSON: unexpected end of JSON input
errors when updating from usingrule_json
to usingrule
(#39283)rule_json
(#39878)v5.73.0
Compare Source
FEATURES:
aws_ssm_patch_baselines
(#39779)aws_imagebuilder_lifecycle_policy
(#35674)aws_resiliencehub_resiliency_policy
(#38913)aws_sagemaker_hub
(#39807)aws_sagemaker_mlflow_tracking_server
(#39796)ENHANCEMENTS:
valkey
as valid value forproduct_description
(#39745)parameters
map attribute to readCROSS_ACCOUNT_VERSION
(#39826)enable_zonal_shift
attribute (#39585)min_size
andmax_size
(#39843)zonal_config
argument (#34850)approximate_creation_date_time_precision
argument (#38098)valkey
as valid value forengine
(#39745)engine_version
(#39745)engine_version
(#39745)valkey
as valid value forengine
(#39745)valkey
as valid value forengine
(#39745)iceberg_configuration
argument (#39844)parameters
map argument enablingCROSS_ACCOUNT_VERSION
to be set (#39826)enable_zonal_shift
argument (#39585)tcp_idle_timeout_seconds
argument (#39585)name
argument (#39798)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)default_user_settings.jupyter_lab_app_settings.app_lifecycle_management
,default_user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,default_user_settings.jupyter_lab_app_settings.emr_settings
,default_space_settings.jupyter_lab_app_settings.app_lifecycle_management
,default_space_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,default_space_settings.jupyter_lab_app_settings.emr_settings
,default_user_settings.auto_mount_home_efs
,default_user_settings.canvas_app_settings.emr_serverless_settings
,default_user_settings.studio_web_portal_settings.hidden_instance_types
,default_user_settings.code_editor_app_settings.app_lifecycle_management
,default_user_settings.code_editor_app_settings.built_in_lifecycle_config_arn
, andtag_propagation
arguments (#39774)app_network_access_type
andapp_security_group_management
to be updated in-place (#39774)feature_definition.collection_config
,feature_definition.collection_type
, andthroughput_config
arguments (#39805)space_settings.code_editor_app_settings.app_lifecycle_management
andspace_settings.jupyter_lab_app_settings.app_lifecycle_management
arguments (#39800)user_settings.auto_mount_home_efs
,user_settings.canvas_app_settings.emr_serverless_settings
,user_settings.code_editor_app_settings.app_lifecycle_management
,user_settings.code_editor_app_settings.built_in_lifecycle_config_arn
,user_settings.jupyter_lab_app_settings.app_lifecycle_management
,user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,user_settings.jupyter_lab_app_settings.emr_settings
anduser_settings.studio_web_portal_settings.hidden_instance_types
arguments (#39774)BUG FIXES:
name
. This fixes a regression introduced in v5.72.0 causingmultiple WorkSpaces Bundles matched; use additional constraints to reduce matches to a single WorkSpaces Bundle
errors (#39777)on_demand_throughput
is excluded (#39784)policy
content is written to state (#39842)InvalidParameterValue: This API supports only cross-engine upgrades to Valkey engine currently
errors on Update (#39745)policy
content is written to state (#39842)policy
content is written to state (#39842)policy
content is written to state (#39842)InvalidParameterValueException: Invalid RowLevelPermissionDataSet. Namespace parameter should not be specified for Version 2
errors on Create and Update (#39778)ttl=0
(#39728)policy
content is written to state (#39842)policy
content is written to state (#39842)v5.72.1
Compare Source
FEATURES:
aws_iam_group_policy_attachments_exclusive
(#39732)aws_iam_user_policy_attachments_exclusive
(#39731)ENHANCEMENTS:
scope
argument (#39744)BUG FIXES:
billing_mode
is set toPAY_PER_REQUEST
withoutglobal_secondary_index
updates (#39752)AGGREGATOR
indexes as tainted on Create (#39744)v5.72.0
Compare Source
NOTES:
managed_policy_arns
argument is deprecated. Use theaws_iam_role_policy_attachments_exclusive
resource instead. (#39718)FEATURES:
aws_iam_role_policy_attachments_exclusive
(#39718)ENHANCEMENTS:
saml_properties
attribute (#39060)source_flow_config.source_connector_properties.sapo_data.pagination_config
andsource_flow_config.source_connector_properties.sapo_data.parallelism_config
attributes (#38932)aws:RequestTag
conditions (#39648)appsync_target
configuration block (#37773)on_demand_throughput
andglobal_secondary_index.on_demand_throughput
arguments (#37799)serverlessv2_scaling_configuration.max_capacity
andserverlessv2_scaling_configuration.min_capacity
from128
to256
(#39697)storage-optimization
status as success when creating or updating cluster DB instances (#39691)saml_properties
configuration block (#39060)BUG FIXES:
arn
for automation documents (#39705)schema
has emptystring_attribute_constraints
ornumber_attribute_constraints
(#20386)arn
for automation documents (#39705)v5.70.0
Compare Source
NOTES:
aws_simpledb_domain
resource has been deprecated and will be removed in a future version. Use Amazon DynamoDB instead (#39536)aws_worklink_fleet
resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)aws_worklink_website_certificate_authority_association
resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)FEATURES:
aws_backup_logically_air_gapped_vault
(#39098)aws_ec2_transit_gateway_default_route_table_association
(#39496)aws_ec2_transit_gateway_default_route_table_propagation
(#39517)aws_iam_group_policies_exclusive
(#39554)aws_iam_user_policies_exclusive
(#39544)aws_securityhub_standards_control_association
(#39511)ENHANCEMENTS:
start_time
attribute (#39557)prepare_agent
argument (#39486)vector_ingestion_configuration.custom_transformation_configuration
argument (#39556)endpoint_configuration.attachment_arn
argument (#39507)tags
argument andtags_all
attribute (#39535)arn
attribute (#39535)tags
argument andtags_all
attribute (#39535)transition_default_minimum_object_size
argument (#39578)BUG FIXES:
customer_encryption_key_arn
not being passed during update (#39565)prompt_override_configuration
not being passed when not modified (#39565)knowledge_base_configuration
andstorage_configuration
to ForceNew (#39567)security_group_referencing_support
argument and mark as Computed. This suppresses the diffs shown for resources created with v5.68.0 (or earlier) (#39519)policy_version
computed attribute changing (#39528)policy_version
computed attribute changing (#39528)sheets.filter_controls.list.cascading_control_configuration
andsheets.parameter_controls.list.cascading_control_configuration
attributes (#39453)v5.69.0
Compare Source
NOTES:
(account-id).ddb.(region).amazonaws.com
instead ofdynamodb.(region).amazonaws.com
. If your network configuration blocks outgoing traffic to DynamoDB based on DNS names or endpoint URLs, you must adjust your configuration, because the service's DNS name will change. You may instead disable account-based endpoints for DynamoDB by settingaccount_id_endpoint_mode = disabled
in a shared config file or setting theAWS_ACCOUNT_ID_ENDPOINT_MODE
environment variable todisabled
(#39505)1.23.1
. The issue with AWS Network Firewall dropping TLS handshakeClientHello
messages after the v5.65.0 upgrade to Go1.23.0
, temporarily resolved by the v5.67.0 downgrade to Go1.22.7
, has been addressed by removing theX25519Kyber768Draft00
key exchange mechanism from the HTTP client used to make AWS API calls (#39432)ENHANCEMENTS:
tags
attribute (#39402)security_group_referencing_support
attribute (#34542)security_group_referencing_support
attribute (#34542)failure_code
andfailure_reason
attributes (#38995)guardrail_configuration
argument (#39440)tags
argument andtags_all
attribute (#39402)security_group_referencing_support
argument (#34542)security_group_referencing_support
argument (#34542)security_group_referencing_support
argument (#34542)volume_configuration.managed_ebs_volume.tag_specifications
attribute (#38662)display_name
to be updated in-place (#39416)credentials.secret_arn
argument (#29034)BUG FIXES:
security_group_ids
. This requires a call to the EC2DescribeVpcEndpoints
API (#39454)ap-southeast-5
Region (#39389)name
attribute. (#38993)name
attribute. (#38993)ConcurrentModificationException
s during role creation (#39429)AccessDeniedException: Lambda code scanning is not supported in ...
errors (#38254)AccessDeniedException
errors during creation (#38254)name
andvpc_id
to ForceNew (#39454)security_group_ids
. This requires a call to the EC2DescribeVpcEndpoints
API (#39454)v5.68.0
Compare Source
NOTES:
inline_policy
argument is deprecated. Use theaws_iam_role_policy
resource instead. If Terraform should exclusively manage all inline policy associations (the current behavior of this argument), use theaws_iam_role_policies_exclusive
resource as well. (#39203)composite_slot_type_setting
block, thesubslots
argument has been renamedsub_slots
. See the linked pull request for additional justification on this change. The previous misnaming effectively made this argument unusable, therefore a breaking change in a minor version was deemed acceptable. (#39353)FEATURES:
aws_elasticache_reserved_cache_node_offering
(#29832)aws_securityhub_standards_control_associations
(#39334)aws_synthetics_runtime_version
(#39180)aws_synthetics_runtime_versions
(#39180)aws_appsync_source_api_association
(#39323)aws_elasticache_reserved_cache_node
(#29832)aws_iam_role_policies_exclusive
(#39203)aws_pinpointsmsvoicev2_opt_out_list
(#25036)aws_pinpointsmsvoicev2_phone_number
(#25036)aws_sesv2_account_suppression_attributes
(#39325)ENHANCEMENTS:
iam_role_arn
argument tos3_action
configuration block (#39364)name
length to 255 characters (#39315)BUG FIXES:
assume_role.role_arn
to be an empty string when there is a singleassume_role
entry. (#39328)environment_variables
argument (#39397)Managed by DynamoDB
encryption setting (#31284)engine_version
mismatch with RabbitMQ 3.13 and ActiveMQ 5.18 and above (#39024)endpoint_management = "CUSTOMER"
(#39394)policy
(#39322)v5.67.0
Compare Source
BREAKING CHANGES:
value_selection_setting.advanced_recognition_setting
block, theaudio_recognition_setting
argument has been renamedaudio_recognition_strategy
(#39254)NOTES:
1.22.6
. A small number of users have reported failed or hanging network connections using the version of the Terraform AWS provider which was first built with Go1.23.0
(v5.65.0
). At this point, maintainers have been unable to reproduce failures, but enough distinct users have reported issues that we are going to attempt downgrading to Go1.22.6
for the next provider release. We will continue to coordinate with users and AWS in an attempt to identify the root cause, using this upcoming release with a reverted Go build version as a data point. (#39256)value_selection_setting.advanced_recognition_setting
block, theaudio_recognition_setting
argument has been renamedaudio_recognition_strategy
. See the linked pull request for additional justification on this change. The previous misnaming effectively made this argument unusable, therefore a breaking change in a minor version was deemed acceptable. (#39254)FEATURES:
aws_codebuild_fleet
(#39237)aws_cloudformation_stack_instances
(#36794)aws_codebuild_fleet
(#39237)aws_computeoptimizer_enrollment_status
(#35349)aws_computeoptimizer_recommendation_preferences
(#35349)aws_costoptimizationhub_enrollment_status
(#36440)aws_costoptimizationhub_preferences
(#36526)aws_datazone_asset_type
(#38812)aws_datazone_environment_profile
(#38581)aws_lambda_function_recursion_config
(#39153)ENHANCEMENTS:
domain
andtags
as Optional. This enables certificates to be matched based on tags (#31453)encryption_type
andkms_key_id
attributes (#39212)user_pool_tags
in favor of standardtags
. (#39260)assume_role
now accepts multiple elements. (#39255)cache_config
argument (#39215)mode
argument (#39206)hsm2m.medium
as a valid value forhsm_type
(#39206)fleet
attribute inenvironment
configuration block (#39237)snowflake_configuration.buffering_internal
andsnowflake_configuration.buffering_size
arguments (#39214)READER_PRO
,AUTHOR_PRO
, andADMIN_PRO
as valid values for theuser_role
argument (#39220)default_user_settings.domain_settings.docker_settings
configuration block (#35416)default_user_settings.studio_web_portal_settings
,default_space_settings.jupyter_lab_app_settings
,default_space_settings.space_storage_settings
,default_space_settings.custom_posix_user_config
, anddefault_space_settings.custom_file_system_config
configuration blocks (#38457)production_variants.managed_instance_scaling
andshadow_production_variants.managed_instance_scaling
configuration blocks (#35479)primary_container.inference_specification_name
andcontainer.inference_specification_name
arguments (#35873)primary_container.model_data_source.s3_data_source.model_access_config
,primary_container.multi_model_config
,container.model_data_source.s3_data_source.model_access_config
, andcontainer.multi_model_config
configuration blocks (#35873)user_settings.studio_web_portal_settings
configuration block (#38567)definition
using the AWS Step Functions Validation API (#39229)BUG FIXES:
created_at
as an RFC3339 formatted timestamp (#24183)created_at
as an RFC3339 formatted timestamp (#24183)check_certificate_revovation_status
is ignored due to bad autoflex field mapping (#39211)aggregation_period
not set. (#39279)permissions.actions
MaxItems
from16
to20
. This fixes a regression introduced in v5.66.0 (#39226)vpc_connection_id
regular expression validator. This fixes a regression introduced in v5.66.0 (#39231)default_user_settings.domain_settings
to include missingsecurity_group_ids
andr_studio_server_pro_domain_settings
values (#35416)suppression_options.suppressed_reasons
to be an empty list ([]
) in order to disable the suppression list (#29671)event_destination.matching_event_types
fromTypeList
toTypeSet
as order is not significant (#36897)load_balancer_options.subnet_ids
(#39196)v5.66.0
Compare Source
FEATURES:
aws_glue_registry
(#37953)aws_organizations_organizational_unit_descendant_organizational_units
(#39120)aws_quicksight_analysis
(#31737)aws_datazone_environment
(#38811)ENHANCEMENTS:
tags
attribute (#38959)tags
attribute (#39092)api_type
andmerged_api_execution_role_arn
arguments (#39159)vector_ingestion_configuration.chunking_configuration.semantic_chunking_configuration
,vector_ingestion_configuration.chunking_configuration.hierarchical_chunking_configuration
, andvector_ingestion_configuration.parsing_configuration
configuration blocks (#39138)skip_deletion_protection
attribute (#38811)backup_retention_period
andpreferred_backup_window
attributes (#38452)parameters.databricks
argument (#31737)notification_settings
argument (#39108)InService
timeouts to 60 minutes (#39090)rate_based_statement.limit
minimum from100
to10
(#39107)rate_based_statement.limit
minimum from100
to10
(#39107)BUG FIXES:
segment_actions.via.with_edge_override.use_edge
to be nested set of edges, matching JSON (#39142)segment_actions.via.with_edge_override.use_edge
. Usesegment_actions.via.with_edge_override.use_edge_location
instead (#39142)null
value. (#38869)role_arn
as Optional (#38900)slot_type_values
validator which limited configurations to 1 element (#39126)theme_arn
argument on create and update when configured (#31737)role_arns
as Optional and send an empty list if unconfigured (#39108)run_config.timeout_in_seconds
default value to allow creation of resources with a frequency less than 14 minutes (#35177)v5.65.0
Compare Source
NOTES:
FEATURES:
aws_shield_protection
(#37524)aws_glue_catalog_table_optimizer
(#38052)ENHANCEMENTS:
ap-southeast-5
AWS Region (#39052)ap-southeast-5
AWS Region (#39052)ap-southeast-5
AWS Region (#39052)ap-southeast-5
as a valid AWS Region (#39049)password_policy.password_history_size
argument (#39043)process
argument (#25468)SUCCEEDED_WITH_ISSUES
status as success when upgrading cluster (#38086)io2
as a valid value forebs_config.type
(#37740)io2
as a valid value forinstance_type_configs.ebs_config.type
(#37740)io2
as a valid value forinstance_type_configs.ebs_config.type
(#37740)job_run_queuing_enabled
argument (#39027)kms_key_arn
argument (#39055)false
on update ifpolicy_document
is empty (#38675)BUG FIXES:
auto_branch_creation_config
(#39041)domain_name
to ForceNew (#38086)instance_count
value of0
on create when configured (#37740)BadRequestException: The request is rejected because an invalid or out-of-range value is specified as an input parameter
errors on resource Create (#39084)data_cells_filter
permissions (#39026)neptune_cluster_parameter_group_name
as Computed (#38980)neptune_parameter_group_name
as Computed (#38980)ValidationException: Parameter ARN is not supported for this operation
errors when deleting resources imported by ARN (#39067)v5.64.0
Compare Source
ENHANCEMENTS:
dashboard_endpoint_v2
,domain_endpoint_v2_hosted_zone_id
, andendpoint_v2
attributes (#38456)suspended_state
configuration block (#38942)restore_source_table_arn
attribute (#38953)dashboard_endpoint_v2
,domain_endpoint_v2_hosted_zone_id
, andendpoint_v2
attributes (#38456)BUG FIXES:
id
attribute whendeployment_targets
does not include organizational unit IDs. (#38969)action
is configured (#38994)enabled_http_endpoint
) to be enabled and disabled forprovisioned
engine mode and serverlessv2 (#38997)v5.63.1
Compare Source
FEATURES:
aws_route53_zones
(#17457)aws_ssoadmin_permission_sets
(#38741)ENHANCEMENTS:
job_state_time_limit_action
attribute (#38784)ecs_properties
argument (#37871)job_state_time_limit_action
argument (#38784)BUG FIXES:
id
parsing errors (#38924)logical_table_map.data_transforms.project_operation.projected_columns
with null list elements (#38886)reputation_metrics_enabled
is set totrue
(#38921)v5.63.0
Compare Source
FEATURES:
aws_bedrockagent_agent_versions
(#38792)aws_bedrock_guardrail
(#38757)aws_cloudtrail_organization_delegated_admin_account
(#38817)aws_datazone_environment_profile
(#38581)aws_datazone_form_type
(#38746)aws_datazone_glossary_term
(#38706)aws_pinpoint_email_template
(#33266)ENHANCEMENTS:
logging_configuration.log_destination_config
MaxItems
from2
to3
(#38824)BUG FIXES:
sdkdiags.AppendErrorf
function calls (#38854)sdkdiags.AppendErrorf
function calls (#38854)sdkdiags.AppendErrorf
function calls (#38854)name
andname_prefix
(#38194)sdkdiags.AppendErrorf
function calls (#38854)service_registries
item (#38883)container_definitions
diffs onhealthCheck
's default values (#38872)container_definitions.dockerLabels
(#38804)null
s fromcontainer_definition
array fields (#38870)replicas_per_node_group
if node groups are empty (#38797)sdkdiags.AppendErrorf
function calls (#38854)network_access_control
block is configured (#38775)vpc_configuration
block is configured (#38775)attribute_payload
block is configured (#38776)configuration.bgp_configurations
on Read (#38798)encrypted
on snapshot restore, when enabled (#38828)sdkdiags.AppendErrorf
function calls (#38854)sdkdiags.AppendErrorf
function calls (#38854)sdkdiags.AppendErrorf
function calls (#38854)v5.62.0
Compare Source
FEATURES:
aws_rds_cluster_parameter_group
(#38416)aws_secretsmanager_secret_versions
(#35411)aws_ebs_snapshot_block_public_access
(#38641)aws_rds_integration
(#35199)ENHANCEMENTS:
application/x-sql
(#38737)application/x-sql
(#38737)default_tags
to be set by environment variables (#33339)ignore_tags.keys
andignore_tags.key_prefixes
to be set by environment variables (#35264)skip_destroy
argument (#29663)skip_destroy
argument (#29663)secret_arn
(#37213)force_delete
argument (#38707)grafana_token
argument (#38743)target_health_state.unhealthy_draining_interval
argument (#38654)sub_slot_setting
attribute (#38698)BUG FIXES:
ROOT
as a valid value forprefix
(#38685)name
max length validation to 128 (#37539)eks_properties
for job updates (#38716)retry_strategy
for job updates (#38716)timeout
for job updates (#38716)created_date
attribute (#38689)ROOT
as a valid value forprefix
(#38685)launch_specifications
argument (#38773)PreconditionFailedException
on delete for resources deleted out-of-band (#38661)PreconditionFailedException
on delete for resources deleted out-of-band (#38661)PreconditionFailedException
on delete for resources deleted out-of-band (#38661)$.network-function-groups: null found, array expected
errors when creating resource withcreate_base_policy
argument (#38642)revision_id
andstate_machine_version_arn
as Computed on update ifpublish
istrue
(#38657)v5.61.0
Compare Source
NOTES:
FEATURES:
aws_ecr_repository_creation_template
(#38597)aws_chatbot_slack_channel_configuration
(#38124)aws_chatbot_teams_channel_configuration
(#38630)aws_datazone_glossary
(#38602)aws_ecr_repository_creation_template
(#38597)aws_timestreaminfluxdb_db_instance
(#37963)ENHANCEMENTS:
upgrade_policy
attribute (#38573)repository_name
values. See documentation for details (#38575)enhanced_metrics_config
configuration block (#38570)upgrade_storage_config
argument (#36904)ipv6_cidr_block
sizes between/44
and/60
in increments of /4 (#35614)ipv6_netmask_length
values between44
and60
in increments of 4 (#35614)upgrade_policy
configuration block (#38573)log_configuration.include_execution_data
argument (#38569)performance_insights_enabled
,performance_insights_kms_key_id
, andperformance_insights_retention_period
arguments (#29415)restore_to_point_in_time.source_cluster_resource_id
argument (#38540)restore_to_point_in_time.source_cluster_identifier
as Optional (#38540)encryption_configuration
configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions Activity resources (#38574)encryption_configuration
configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions State Machine resources (#38574)json
attribute value (#35950)ipv6_cidr_block
sizes between/44
and/60
in increments of /4 (#35614)ipv6_netmask_length
values between44
and60
in increments of 4 (#35614)assign_generated_ipv6_cidr_block
andipv6_pool
arguments (#27274)ipv6_cidr_block
sizes between/44
and/60
in increments of /4 (#35614)ipv6_netmask_length
values between44
and60
in increments of 4 (#35614)tags
to theAuthorizeSecurityGroupEgress
EC2 API call instead of making a separateCreateTags
call (#35614)tags
to theAuthorizeSecurityGroupIngress
EC2 API call instead of making a separateCreateTags
call (#35614)rule_json
attribute to allow raw JSON for rules. (#38309)BUG FIXES:
CoreNetworkPolicyException
when putting policy with single wildcard inwhen_sent_to
(#38595)index_name
character length validation (#38509)container_definitions
start with a lowercase letter (#38622)type
argument on create when configured (#38640)policy
content to prevent persistent differences (#38604)target_parameters
if the configured value has not changed (#38598)domain_dns_ips
to use single DNS server IP (#36500)domain_settings.r_studio_server_pro_domain_settings.r_studio_package_manager_url
argument on create (#38547)description
on Read (#38618)netmask_length
on Read (#38618)v5.60.0
Compare Source
NOTES:
FEATURES:
aws_service_principal
(#38307)aws_shield_subscription
(#37637)ENHANCEMENTS:
kms_key_identifier
attribute (#38492)tags
attribute (#38483)metadata_catalog_config
attribute (#37566)prefix_hierarchy
attribute todestination_flow_config.s3.s3_output_format_config
(#37566)eks_properties.*.pod_properties.*.image_pull_secret
argument (#38517)operation_preferences.concurrency_mode
argument (#38498)kms_key_identifier
argument (#38492)tags
argument andtags_all
attribute (#38483)shared_accounts
argument (#34885)shared_accounts
argument (#34843)AZURECOSMOS
,AZURESQL
,BIGQUERY
,OPENSEARCH
, andSNOWFLAKE
as valid values for theconnection_type
argument andSparkProperties
as a valid value for theconnection_properties
argument (#37731)inline_policy
fails to create (#38477)scaling_configuration.seconds_before_timeout
argument (#38451)event_destination.event_bridge_destination
configuration block (#38458)runtime error: invalid memory address or nil pointer dereference
panic when reading a non-existent table (#38512)BUG FIXES:
tags
on Read (#38343)tags
on Read (#38343)rule
argument on update (#38449)scope_configuration.domain
argument (#38513)error marshaling prior state: a number is required
when upgrading from v5.58.0 to v5.59.0 (#38490)Provider produced inconsistent final plan
errors whencontainer_definitions
is unknown (#38471)error marshaling prior state
when upgrading from v4.67.0 to v5.59.0 (#38476)tags
on Read (#38343)ca_certificate_identifier
as Computed (#38437)copy_tags_to_snapshot
value whenrestore_to_point_in_time
is set (#34044)apply_immediately
istrue
. This fixesInvalidParameterCombination
errors when updatingengine_version
(#38437)v5.59.0
Compare Source
FEATURES:
secrets_manager_configuration
toredshift_configuration
,snowflake_configuration
, andsplunk_configuration
(#38151)aws_cloudfront_origin_access_control
(#36301)aws_timestreamwrite_database
(#36368)aws_timestreamwrite_table
(#36599)aws_datazone_project
(#38345)aws_grafana_workspace_service_account
(#38101)aws_grafana_workspace_service_account_token
(#38101)aws_rds_certificate
(#35003)aws_rekognition_stream_processor
(#37536)ENHANCEMENTS:
cluster_mode
attribute (#38002)allow_full_table_external_data_access
attribute (#34474)broker_node_group_info
attribute (#37705)skip_resource_in_use_check
argument (#37586)action_group_executor.custom_control
argument (#37484)function_schema
configuration block (#37484)routing_configuration.provisioned_throughput
argument (#37520)scope_configuration
argument (#38199)timeout_in_minutes
argument to theaction
configuration block (#36316)engine_lifecycle_support
argument (#37708)configuration.managed_storage_configuration
argument (#37932)cluster_mode
argument (#38002)interactive_configuration
argument (#37889)experiment_options
configuration block (#36900)final_backup_tags
andskip_final_backup
arguments (#37717)final_backup_tags
argument (#37717)delete_options
andfinal_backup_tags
arguments (#37717)final_backup_tags
argument (#37717)execution_role
andworkflow
arguments (#37317)secrets_manager_configuration
tohttp_endpoint_configuration
(#38245)FLINK-1_19
as a valid value forruntime_environment
(#38350)allow_full_table_external_data_access
attribute (#34474)target_group_health
configuration block (#37082)starting_position
argument (#36968)engine_lifecycle_support
argument (#37708)engine_lifecycle_support
argument (#37708)arn
fromDescribeClusterSnapshots
API response (#37996)TLS_PASSTHROUGH
as a valid value forprotocol
(#37964)enable_machine_learning
toaws_managed_rules_bot_control_rule_set
configuration block (#37006)BUG FIXES:
id
the the access point ID, not the file system ID. This fixes a regression introduced in v5.58.0 (#38372)default_action.target_group_arn
(#37348)concurrent_build_limit
(#37748)trigger
as Computed (#36316)volume_configuration.managed_ebs_volume.throughput
fromTypeString
toTypeInt
(#38109)replicas_per_node_group
to0
and sets the maximum to5
. (#38396)description
. (#38396)num_cache_clusters
is set, prevents settingreplicas_per_node_group
. (#38396)num_cache_clusters
must be at least 2 whenautomatic_failover_enabled
istrue
. (#38396)ip_address_type
value whentarget_type
isinstance
(#36423)ACTIVE
on resource Create (#38332)interface conversion: interface {} is nil, not map[string]interface {}
panic whencampaign_hook
is empty ({}
) (#38323)TransferSecurityPolicy-FIPS-2024-05
,TransferSecurityPolicy-Restricted-2018-11
, andTransferSecurityPolicy-Restricted-2020-06
for thesecurity_policy_name
argument (#38425)v5.58.0
Compare Source
FEATURES:
aws_cloudwatch_log_account_policy
(#38328)aws_verifiedpermissions_identity_source
(#38181)ENHANCEMENTS:
network_interfaces.primary_ipv6
attribute (#37142)tags
attribute (#38270)tags
attribute (#38270)tags
attribute (#38270)link_configuration
attribute (#38277)deployment_targets
argument. (#37898)billing_mode
argument (#38273)InvalidParameterCombination: A parameter group can't be specified during Read Replica creation for the following DB engine: postgres
errors (#38227)InsufficientInstanceCapacity
errors (#36754)bootstrap_self_managed_addons
argument (#38162)resource_set_ids
attribute (#38161)384
,768
,1536
,3072
, and6144
as valid values forthroughput_capacity
(#38308)384
,768
, and1536
as valid values forthroughput_capacity_per_ha_pair
(#38308)MULTI_AZ_2
as a valid value fordeployment_type
(#38308)cidr_block
argument toresource
configuration block (#38196)delete
timeout (#38212)network_interfaces.primary_ipv6
argument (#37142)tags
argument andtags_all
attribute (#38270)tags
argument andtags_all
attribute (#38270)tags
argument andtags_all
attribute (#38270)link_configuration
argument (#38277)ca_certificate_identifier
argument andca_certificate_valid_till
attribute (#37108)tags
argument andtags_all
attribute (#38271)BUG FIXES:
tags
attribute is not set (#38272)access_config.bootstrap_cluster_creator_admin_permissions
attribute (#38295)0
as a valid value foridle_disconnect_timeout_in_seconds
(#38274)ForceNew
to deployment_targets attributes to ensure a new resource is recreated when the deployment_targets argument is changed, which was not the case previously. (#37898)access_config.bootstrap_cluster_creator_admin_permissions
totrue
on Read for clusters with noaccess_config
configured. This allows in-place updates of existing clusters whenaccess_config
is configured (#38295)cache_usage_limits.data_storage.maximum
,cache_usage_limits.data_storage.minimum
,cache_usage_limits.ecpu_per_second.maximum
andcache_usage_limits.ecpu_per_second.minimum
to be updated in-place (#38269)interface conversion: interface {} is nil, not map[string]interface {}
panic whenlog_delivery.worker_log_delivery
is empty ({}
) (#38270)v5.57.0
Compare Source
FEATURES:
aws_appstream_image
(#38225)aws_cognito_user_pool
(#37399)aws_ec2_transit_gateway_peering_attachments
(#25743)aws_transfer_connector
(#38213)ENHANCEMENTS:
rule
attribute (#37890)certificate_settings
argument (#37105)options
argument (#36902)tags
argument (#37152)cloudwatch_logs.batch_mode
anderror_action.cloudwatch_logs.batch_mode
arguments (#36772)InputAndOutput
incapture_mode
(#37726)BUG FIXES:
pre_provisioning_hook
update operation (#37152)v5.56.1
Compare Source
BUG FIXES:
InvalidParameterException: 2 validation errors detected
errors on Read (#38168)runtime error: index out of range [0] with length 0
panic when addinglambda_config
(#38184)v5.56.0
Compare Source
FEATURES:
aws_appfabric_app_authorization_connection
(#38084)aws_appfabric_ingestion
(#37291)aws_appfabric_ingestion_destination
(#37627)aws_networkfirewall_tls_inspection_configuration
(#35168)aws_networkmonitor_monitor
(#35722)aws_networkmonitor_probe
(#35722)ENHANCEMENTS:
parameters
argument andarn
attribute (#38071)firewall_arn
(#35168)iam_identity_center_instance_arn
attribute (#36830)firewall_domain_redirection_action
argument (#37242)q_type
argument (#38074)default_user_settings.canvas_app_settings.generative_ai_settings
configuration block (#37139)default_user_settings.code_editor_app_settings.custom_image
configuration block (#37153)production_variants.inference_ami_version
andshadow_production_variants.inference_ami_version
arguments (#38085)user_settings.canvas_app_settings.generative_ai_settings
configuration block (#37139)user_settings.code_editor_app_settings.custom_image
configuration block (#37153)oidc_config.authentication_request_extra_params
andoidc_config.scope
arguments (#38078)worker_access_configuration
attribute (#38087)sensitivity_level
argument tosqli_match_statement
configuration block (#38077)BUG FIXES:
tags
(#38067)v5.55.0
Compare Source
FEATURES:
aws_drs_replication_configuration_template
(#26399)ENHANCEMENTS:
mixed_instances_policy.launch_template.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price
attribute (#38003)additional_locations
argument instorage_descriptor
(#37891)instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price
attribute (#38003)attachment_policies.action.add_to_network_function_group
argument (#38013)network_function_groups
configuration block (#38013)send-via
andsend-to
as valid values forsegment_actions.action
(#38013)single-hop
anddual-hop
as valid values forsegment_actions.mode
(#38013)when_sent_to
andvia
configuration blocks tosegment_actions
(#38013)timeout_milliseconds
from29000
(29 seconds) to300000
(5 minutes) (#38010)api_key_id
attribute (#36568)mixed_instances_policy.launch_template.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price
argument (#38003)warm_pool.max_group_prepared_capacity
andwarm_pool.min_size
(#37174)restore_to_point_in_time
argument (#37716)ttl
values. (#37991)launch_template_config.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price
argument (#38003)additional_locations
argument instorage_descriptor
(#37891)maintenance_window
argument (#37760)instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price
argument (#38003)BUG FIXES:
except
values to the returned JSON document whensegment_actions.share_with_except
is configured (#38013)use_fips_endpoint
is set and no FIPS endpoint is available (#38057)warm_pool.max_group_prepared_capacity
to0
(#37174)ttl.attribute_name
is set whenttl.enabled
is not set. (#37991)destination
as Optional (#36966)scaling_config.maximum_concurrency
(#37980)NotFound
errors (#38011)v5.54.1
Compare Source
BUG FIXES:
interface conversion: interface {} is types.ProductCodeValues, not string
panic (#37977)build_batch_config.timeout_in_mins
andbuild_timeout
from480
(8 hours) to2160
(36 hours) (#37970)v5.54.0
Compare Source
NOTES:
FEATURES:
aws_ec2_capacity_block_offering
(#37528)aws_appfabric_app_authorization
(#37468)aws_appfabric_app_bundle
(#37542)aws_ec2_capacity_block_reservation
(#37528)aws_fms_resource_set
(#37767)aws_guardduty_malware_protection_plan
(#37919)ENHANCEMENTS:
ip_address_type
argument (#37237)packet_length
as Computed (#36962)ip_address_type
argument (#37237)subnet_configuration
argument to support user defined IP addresses (#37226)BUG FIXES:
tags
(#37966)resource_group_name
to ForceNew (#36962)UnknownOperationException: Tagging is not currently supported in DynamoDB Local
errors on resource Read (#37924)InvalidCapacityReservationId.NotFound
errors during Read and Delete when resource is manually deleted (#37127)InvalidInput: 1 validation error detected: Value '...' at 'resourceId' failed to satisfy constraint: Member must have length less than or equal to 32
errors for resources imported with a/hostedzone/
prefix (#37893)ConflictException: Unable to complete operation due to concurrent modification
errors (#37902)v5.53.0
Compare Source
FEATURES:
aws_paymentcryptography_key
(#37017)aws_paymentcryptography_key_alias
(#37020)ENHANCEMENTS:
bgp_asn_extended
argument (#37815)supports_limitless_database
attribute (#37271)use_fips_endpoint
flag is now ignored for any service with a custom endpoint configured inendpoints
. (#34233)delete
timeout (#37732)bgp_asn_extended
argument (#37815)metadata_configuration
argument (#37868)max_webservers
andmin_webservers
attributes (#37632)log_configuration
argument (#37135)InvalidChangeBatch
errors on resource Delete (#37850)UnsupportedOperation
errors when readingacceleration_status
,server_side_encryption_configuration
andtags
(#37801)ssh_key_id
attribute (#37548)BUG FIXES:
ConflictException
errors on resource Delete (#37732)instruction
max length for validation to 4000 (#37758)ignore_tags
matches tag assigned to resource (#37818)ignore_tags
matches tag assigned to resource (#37818)ignore_tags
matches tag assigned to resource (#37818)ignore_tags
matches tag assigned to resource (#37818)maintenance_window_start_time
orauto_minor_version_upgrade
(#36506)source_parameters.self_managed_kafka_parameters.credentials.basic_auth
as Optional (#34293)Cannot import non-existent remote object
errors when importing resources with version (#37832)false
forprivate_dns_enabled
(#37715)v5.52.0
Compare Source
ENHANCEMENTS:
application_mode
argument (#37714)ListTags
function for proper key-only tag handling (#37711)ListTags
function for proper key-only tag handling (#37711)ListTags
function for proper key-only tag handling (#37711)ListTags
function for proper key-only tag handling (#37711)ListTags
function for proper key-only tag handling (#37711)ListTags
function for proper key-only tag handling (#37711)ListTags
function for proper key-only tag handling (#37711)BUG FIXES:
v5.51.1
Compare Source
ENHANCEMENTS:
volume_configuration
argument (#37019)configure_at_launch
parameter involume
argument (#37019)BUG FIXES:
name_servers
values (#37685)name
andzone_id
arguments when one is an empty string (#37686)name_servers
values (#37685)v5.51.0
Compare Source
NOTES:
source_code_hash
attribute has been deprecated in favor ofcode_sha256
. Will be removed in a future major version (#37669)source_code_hash
attribute has been deprecated in favor ofcode_sha256
. Will be removed in a future major version (#37646)FEATURES:
aws_chatbot_slack_workspace
(#37218)aws_lambda_runtime_management_config
(#37643)aws_vpc_endpoint_private_dns
(#37628)aws_vpc_endpoint_service_private_dns_verification
(#37176)ENHANCEMENTS:
code_sha256
attribute (#37669)code_sha256
attribute (#37646)application-load-balancer
,elastic-beanstalk
andnetwork-load-balancer
endpoint.type
values (#37618)canary_settings
attribute (#37573)client_id_list
to be updated in-place (#37612)code_sha256
attribute (#37669)replace_security_group_on_destroy
andreplacement_security_group_ids
deprecations, re-implement with alternate workflow (#37624)code_sha256
attribute (#37646)cloudwatch_alarm_region
(#37510)latency_routing_policy.region
(#37510)vpc_region
(#37510)vpc_region
(#37510)api_gateway
,app_runner_service
,cognito_user_pool
, andverified_access_instance
configuration blocks toassociation_config.request_body
(#37588)BUG FIXES:
kms_key_arn
on Read (#37570)grant_token
toSensitive
(#37593)source_code_hash
causes drift even if source code has not changed (#37669)source_code_hash
forces a replacement even if source code has not changed (#37646)state
error ondeployment_id
during start/stop update (#37581)cache_attributes
is removed on update (#37611)v5.50.0
Compare Source
ENHANCEMENTS:
tags
attribute (#37361)launch_time
attribute (#37002)tags
argument (#37361)tags
argument (#37361)fargateTaskRetirementWaitPeriod
value inName
argument (#37018)s3_destination.kms_key_arn
,s3_destination.region
ands3_destination.sync_format
(#37481)BUG FIXES:
by_provider
argument (#37306)UnknownOperationException: Tagging is not currently supported in DynamoDB Local
errors on resource Read (#37472)interface conversion: interface {} is nil, not map[string]interface {}
panic whennotify_delay_after
is empty (null
) (#37347)state
error when usingrow_filter.all_rows_wildcard
(#37433)principal
to fixpanic: unexpected format for ID parts ([...]), the following id parts indexes are blank ([1])
(#37450)v5.49.0
Compare Source
FEATURES:
aws_datazone_environment_blueprint
(#36600)aws_bedrockagent_data_source
(#37158)aws_datazone_domain
(#36600)aws_datazone_environment_blueprint_configuration
(#36600)ENHANCEMENTS:
minified_json
attribute (#35677)table_arn
(#37288)rotation_period_in_days
argument (#37140)endpoint_id
in favor ofsubscriber_endpoint
(#37332)configuration.https_notification_configuration.authorization_api_key_value
as sensitive value (#37332)BUG FIXES:
tags
on Read (#37353)InvalidParameterValue: Invalid value 3412 for MaxRecords. Must be between 20 and 1000
errors (#37251)view_arn
in the AWS API request (#36778)prepare_agent
value (or default value oftrue
when omitted) for all create and update operations (#37405)auto_tune_options.rollback_on_disable
argument (#37394)tags
andtags_all
on resource Read (#37353)tags
andtags_all
on resource Read (#37353)trust_anchor_certificate
to ForceNew (#37092)auto_tune_options.rollback_on_disable
argument (#37394)auto_tune_options
to be applied during creation (#37394)source_version
(#36268)source_name
parameter (#36268)access_type
(#36268)source_version
parameter foraws_log_source_resource
andcustom_log_source_resource
(#36268)source_name
parameter foraws_log_source_resource
andcustom_log_source_resource
(#36268)configuration.https_notification_configuration.endpoint
(#37332)BackoffDelayer
to maintain behavioral compatibility with AWS SDK for Go v1 (#37404)v5.48.0
Compare Source
FEATURES:
aws_bedrockagent_agent_knowledge_base_association
(#37185)ENHANCEMENTS:
force_destroy
argument (#37130)SINGLE_AZ_1
andMULTI_AZ_1
deployment types (#36511)storage_capacity
maximum to 1PiB (#36511)ha_pairs
(#36511)throughput_capacity_per_ha_pair
to support all values fromthroughput_capacity
(#36511)aggregate_configuration
configuration block (#36511)size_in_bytes
andvolume_style
arguments (#36511)BUG FIXES:
table_configurations
expand/flatten (#37205)auth_parameters.oauth.oauth_http_parameters
orauth_parameters.invocation_http_parameters
body
,header
andquery_string
configuration blocks (#26755)unexpected state 'snapshotting'
errors when increasing or decreasing replica count (#30493)v5.47.0
Compare Source
NOTES:
FEATURES:
aws_identitystore_groups
(#36993)aws_bcmdataexports_export
(#36847)aws_bedrockagent_agent
(#36851)aws_bedrockagent_agent_action_group
(#36935)aws_bedrockagent_agent_alias
(#36905)aws_bedrockagent_knowledge_base
(#36783)aws_globalaccelerator_cross_account_attachment
(#35991)aws_verifiedpermissions_policy
(#35413)ENHANCEMENTS:
arn
attribute (#35991)root_resource_id
on resource Read (#37040)spec.service_discovery
argument (#37042)dedicated_log_volume
argument (#36503)arn
attribute (#35991)transit_encryption_mode
argument (#30403)transit_encryption_enabled
argument can now be done in-place for engine versions >7.0.5
(#30403)snowflake_configuration
argument (#36646)code_editor_app_image_config
andjupyter_lab_image_config.jupyter_lab_image_config
arguments (#37059)kernel_gateway_image_config.kernel_spec
MaxItems to 5 (#37059)sftp_authentication_methods
argument (#37015)BUG FIXES:
revision
do not trigger changes in dependent resources and/or cause an error, "Provider produced inconsistent final plan" (#37111)and
,not
andor
operand nesting for therule
argument (#30862)v5.46.0
Compare Source
NOTES:
template_body
ofaws_cloudformation_stack
, CRLF was previously treated as different from LF but these are now treated as equivalent in many situations (#14270)FEATURES:
aws_eip_domain_name
(#36963)ENHANCEMENTS:
client_keep_alive
argument (#36969)ptr_record
attribute (#36963)attachment_count
attribute (#36759)client_keep_alive
argument (#36969)master_account_name
attribute (#36797)ipv6_address_preferred_lease_time
attribute (#36934)client_keep_alive
argument (#36969)alarm_specification
to theinstance_refresh.preferences
configuration block (#36954)lambda
andmediapackagev2
as valid values fororigin_access_control_origin_type
(#34362)force_destroy
attribute (#34905)report_build_status
andbuild_status_config
arguments (#36942)ipv6_address_preferred_lease_time
as Computed attribute (#36934)resource_identifier
argument (#36901)ptr_record
attribute (#36963)minimum
attribute incache_usage_limits.data_storage
andcache_usage_limits.ecpu_per_second
(#36766)endpoint_ip_address
attribute (#36767)attachment_count
attribute (#36759)execution_role
andworkflow
arguments (#36953)client_keep_alive
argument (#36969)database_vpc_endpoint_service
andwebserver_vpc_endpoint_service
attributes (#36903)master_account_name
attribute (#36797)security_policy_name
argument (#36893)ipv6_address_preferred_lease_time
attribute (#36934)cascade
argument (#36898)BUG FIXES:
ConflictException
errors on resource Create (#36980)monitor_dimension
to ForceNew (#36773)account_id
to ForceNew (#36773)template_body
no longer cause erroneous diffs (#14270)interface conversion: interface {} is nil, not map[string]interface {}
panic whenauth
is empty ({}
) (#36967)replication_settings
to disallowLogging.CloudWatchLogGroup
andLogging.CloudWatchLogStream
. (#36936)replication_settings
JSON documents. (#36936)replication_task_settings
to disallowLogging.CloudWatchLogGroup
andLogging.CloudWatchLogStream
. (#36936)replication_task_settings
unset to use default settings. (#36936)replication_task_settings
JSON documents. (#36936)BadRequest: AuditLogDestination must not be provided when auditing is disabled
when updatingaudit_log_configuration.0.file_access_audit_log_level
andaudit_log_configuration.0.file_share_access_audit_log_level
to"DISABLED"
(#36928)number_of_workers
andworker_type
as optional/computed, preventing persistent differences whenmax_capacity
is set. (#36770)password_reset_required
istrue
and initial password reset is completed (#36926)certificate_name
on create and update (#36888)NotFound
error handling on delete (#36933)v5.45.0
Compare Source
NOTES:
logging
argument is now deprecated. Use theaws_redshift_logging
resource instead. (#36862)snapshot_copy
argument is now deprecated. Use theaws_redshift_snapshot_copy
resource instead. (#36810)FEATURES:
aws_redshift_logging
(#36862)aws_redshift_snapshot_copy
(#36810)ENHANCEMENTS:
registry_id
foraf-south-1
AWS Region (#36803)documentation_part_id
attribute (#36445)resource_arn
(#36445)BUG FIXES:
MaxBackoff
value to 300 seconds so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 (#36855)agent_arns
(#36819)filters.message_types
orfilters.severities
contains multiple elements (#36804)configuration_policy.enabled_standard_arns
as Optional, fixingInvalidInputException: Invalid semantics: Enabled standards and security control configurations must be configured when Security Hub is enabled
errors (#36740)v5.44.0
Compare Source
FEATURES:
aws_devopsguru_notification_channel
(#36656)aws_devopsguru_resource_collection
(#36657)aws_ecr_lifecycle_policy_document
(#6133)trim_iam_role_path
(#36723)aws_devopsguru_service_integration
(#36694)ENHANCEMENTS:
application_tag
attribute (#36647)data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role
attribute (#35978)desired_sessions
argument to thecompute_capacity
block. (#34266)max_sessions_per_instance
argument. (#34266)deregister_on_new_revision
to allow keeping prior versions ACTIVE when a new revision is published. (#35149)character_set_name
whenreplicate_source_db
,restore_to_point_in_time
, orsnapshot_identifier
is set (#36518)unhealthy_node_replacement
argument (#36523)data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role
argument (#35978)ruby3.3
runtime
value (#36751)ruby3.3
compatible_runtimes
value (#36751)application_tag
attribute (#36647)s3_storage_options
configuration block (#36664)address_fields
andphone_number_fields
tostatement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_acfp_rule_set.request_inspection
(#36685)BUG FIXES:
TF_APPEND_USER_AGENT
which contain/
,(
,)
, or space. (#36738)email_verification_message
,email_verification_subject
,admin_create_user_config.invite_message_template.email_message
,admin_create_user_config.invite_message_template.email_subject
,admin_create_user_config.invite_message_template.sms_message
,sms_authentication_message
,sms_verification_message
,verification_message_template.email_message
,verification_message_template.email_message_by_link
,verification_message_template.email_subject
,verification_message_template.email_subject_by_link
, andverification_message_template.sms_message
to count UTF-8 characters properly (#36661)tagPatternList
change detection in policy JSON (#35231)alarms.rollback
on resource Create and Update (#36691)force_destroy
is used and there are inline or attached policies, allow resource to be destroyed (#36640)ami_distribution_configuration.name
(#36659)snapshot_copy
block (#36655)v5.43.0
Compare Source
FEATURES:
aws_resourceexplorer2_search
(#36560)aws_servicecatalogappregistry_application
(#36596)aws_cloudfrontkeyvaluestore_key
(#36534)aws_devopsguru_notification_channel
(#36557)aws_dynamodb_resource_policy
(#36595)aws_ec2_instance_metadata_defaults
(#36589)aws_lakeformation_resource_lf_tag
(#36537)aws_m2_application
(#35399)aws_m2_deployment
(#35408)aws_m2_environment
(#35311)aws_redshiftserverless_custom_domain_association
(#35865)aws_servicecatalogappregistry_application
(#36277)ENHANCEMENTS:
key_value_store_associations
attribute (#36585)original_snapshot_create_time
attribute (#36544)key_value_store_associations
argument (#36585)policy
to have leading whitespace (#36597)policy
to have leading whitespace (#36597)policy
to have leading whitespace (#36597)assume_role_policy
andinline_policy.*.policy
to have leading whitespace (#36597)policy
to have leading whitespace (#36597)policy
to have leading whitespace (#36597)FLINK-1_18
runtime_environment
value (#36562)policy
to have leading whitespace (#36597)inline_policy
to have leading whitespace (#36597)policy
to have leading whitespace (#36597)policy
to have leading whitespace (#36597)tier
argument (#36504)BUG FIXES:
us-east-1
endpoint as this is the only Region in which AWS Cost and Usage Reports is available (#36540)ACTIVE
a valid create target status (#36615)us-east-1
endpoint as this is the only Region in which AWS Cost and Usage Reports is available (#36540)ValidationException
. (#36592)role
no longer exists (#34099)instance_type
change also requires an architecture change, such as x86_64 to arm64 (#36590)ValidationException
. (#36592)InvalidParameterCombination
errors when updating onlyskip_final_snapshot
(#36635)name
casing changes (#36563)InvalidRequestException
(#36609)data_type
is updated. (#35960)v5.42.0
Compare Source
FEATURES:
aws_redshift_producer_data_shares
(#36481)aws_devopsguru_event_sources_config
(#36485)aws_devopsguru_resource_collection
(#36489)aws_dynamodb_table_export
(#30399)ENHANCEMENTS:
ipv6_cidr_block_set
andpeer_ipv6_cidr_block_set
attributes (#36391)kerberos_keytab_base64
andkerberos_krb5_conf_base64
arguments (#36072)read_write
andsegment_configuration.on_demand
arguments (#36486)enable_local_write_forwarding
argument to support Aurora MySQL local write forwarding (#34370)BUG FIXES:
RateLimiter
toratelimit.None
so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 (#36467)start_time
andend_time
values on update when configured (#33713)scalable_dimension
as an additional filter (#34382)container_url
attribute value and badsubdirectory
attribute value from state read/refresh (#36072)efs_file_system_arn
attribute value from state read/refresh (#36072)qop_configuration
as Computed (#36072)server_hostname
attribute value from state read/refresh (#36072)s3_bucket_arn
attribute value from state read/refresh (#36072)server_hostname
attribute value from state read/refresh (#36072)replication_settings
(#35670)replication_task_settings
(#35670)kubernetes_groups
anduser_name
values on update when configured (#36484)number_of_workers
minimum value to1
(#36458)local_ipv6_network_cidr
,remote_ipv6_network_cidr
,tunnel1_inside_ipv6_cidr
, andtunnel2_inside_ipv6_cidr
no longer requiretransit_gateway_id
to be specified (#36405)v5.41.0
Compare Source
FEATURES:
aws_apprunner_hosted_zone_id
(#36288)aws_medialive_input
(#36307)aws_lakeformation_data_cells_filter
(#36264)aws_securityhub_configuration_policy
(#35752)aws_securityhub_configuration_policy_association
(#35752)aws_securitylake_subscriber_notification
(#36323)ENHANCEMENTS:
state
attribute (#36304)data_cells_filter
attribute (#36264)name
is Optional (#36062)pre_token_generation_config
configuration block (#35236)state
attribute (#36304)DEFAULT
) forconfiguration.execute_command_configuration.logging
(#36341)data_cells_filter
attribute (#36264)resource_arn
andresource_share_arn
(#36062)billing_contact
andbilling_privacy
arguments (#36285)organization_configuration
configuration block to support central configuration (#35752)auto_enable
tofalse
,auto_enable_standards
toNONE
, andorganization_configuration.configuration_type
toLOCAL
on resource Delete (#35752)BUG FIXES:
Failed to marshal state to json: unsupported attribute "override_json"
andFailed to marshal state to json: unsupported attribute "source_json"
errors when runningterraform show -json
orterraform state rm
(#36383)auto_tune_options.use_off_peak_window
attribute. This fixes a regression introduced in v5.40.0 causingInvalid address to set
errors (#36298)InvalidParameterException: ActiveEncryptionCertificate is not a valid key for SAML identity provider details
errors on resource Update (#36311)ipv6_address_count
(#36308)panic: interface conversion: interface {} is nil, not map[string]interface {}
whenconfiguration
,configuration.execute_command_configuration
, orconfiguration.execute_command_configuration.log_configuration
are empty (#36341)panic: interface conversion: interface {} is nil, not map[string]interface {}
whenservice_connect_configuration.service.timeout
is empty (#36309)service_connect_configuration.service.tls.issuer_cert_authority.aws_pca_authority_arn
is Required (#36309)InvalidReplicationGroupState: Cluster not in available state to perform tagging operations.
(#36310)command_line_arguments
andinitialization_script
updates from overwriting one another (#36361)InvalidNetworkAclID.NotFound
errors on resource Delete (#36326)principal
is disassociated outside of Terraform (#36062)couldn't find resource
errors on resource Delete (#36326)tunnel1_inside_ipv6_cidr
andtunnel2_inside_ipv6_cidr
(#36236)v5.40.0
Compare Source
FEATURES:
arn_build
(#34952)arn_parse
(#34952)aws_account_region
(#35739)aws_securitylake_subscriber
(#35981)ENHANCEMENTS:
has_major_target
andhas_minor_target
optional arguments andvalid_major_targets
andvalid_minor_targets
attributes (#36246)compute_environment_order
which conflicts withcompute_environments
but aligns with AWS API.compute_environments
has been deprecated. (#34750)origin.custom_origin_config.origin_read_timeout
(#36088)io2
as a valid value forstorage_type
(#36252)cache_usage_limits.ecpu_per_second.maximum
(#35927)use_off_peak_window
argument to theauto_tune_options
configuration block (#36067)io2
as a valid value forstorage_type
(#36252)arn
. (#35710)arn
. (#35710)arn
. (#35710)evaluation_window_sec
argument to therate_based_statement
configuration block (#36045)evaluation_window_sec
argument to therate_based_statement
configuration block (#36045)BUG FIXES:
parameter_group_name
whenreplicate_source_db
is in different region. (#36080)InvalidParameterValue: Environment named ... is in an invalid state for this operation. Must be Ready
errors whentags
are updated along with other attributes (#36074)cache_usage_limits.data_storage.maximum
andcache_usage_limits.ecpu_per_second.maximum
to ForceNew (#35927)encoder_settings.audio_descriptions
arguments (#36097)action.forward.target_groups
maximum item limit (#36095)v5.39.1
Compare Source
BUG FIXES:
panic: Invalid address to set
related toroot_block_device.0.tags_all
(#36054)v5.39.0
Compare Source
FEATURES:
aws_redshift_data_shares
(#35937)aws_apprunner_deployment
(#35758)aws_config_retention_configuration
(#15136)aws_securityhub_automation_rule
(#34781)aws_shield_proactive_engagement
(#34667)ENHANCEMENTS:
custom_time_zone
andfile_extension
arguments to theextended_S3_configuration
configuration block (#35969)task.source_fields
to be anull
value (#35993)trigger
configuration block (#35475)aws_config_organization_custom_rule.lambda_function_arn
(#15136)read
timeout (#35955)aws_instance
, addebs_block_device.*.tags_all
androot_block_device.*.tags_all
attributes which include default tags (#33769)data_replication_mode
anddata_replication_primary_broker_arn
arguments, enabling support for cross-region data replication (#35990)endpoint_management
attribute (#35961)Add attributes
admin_password_secret_kms_key_id
andmanage_admin_password
(#35965)read
timeout (#35955)application_integration_url
attribute (#35974)BUG FIXES:
iam_roles
attribute on read (#35965)task.task_type
is set toMap_all
(#35993)panic: interface conversion: interface {} is nil, not map[string]interface {}
whenrecording_group.exclusion_by_resource_types
is empty (#15136)name
to ForceNew (#15136)InvalidParameterValueException: PolicyText is required when Owner is CUSTOM_POLICY
errors on resource Update (#15136)container_definitions
diffs whenName
s are ordered differently (#36029)detect_and_copy_new_topics
attribute value from state read/refresh (#35966)max_capacity
removal (#36032)base_capacity
andmax_capacity
(#36032)log_bucket
androle_arn_association_id
to ForceNew (#34667)v5.38.0
Compare Source
FEATURES:
aws_batch_job_definition
(#34663)aws_cognito_user_group
(#34046)aws_cognito_user_groups
(#34046)ENHANCEMENTS:
load_balancer_arns
attribute (#34364)maximum_network_cards
attribute (#35840)vpc_id
attribute (#35887)load_balancer_arns
attribute (#34364)token_bucket_rate_limiter_capacity
parameter (#35926)load_balancer_arns
attribute (#34364)arn
attribute (#35888)execution_mode
argument (#35875)recording_mode
configuration block (#35527)performance_insights_retention_period
(#35870)vpc_id
attribute (#35887)load_balancer_arns
attribute (#34364)max_capacity
argument (#35720)TransferSecurityPolicy-2024-01
andTransferSecurityPolicy-FIPS-2024-01
as valid values forsecurity_policy_name
(#35879)BUG FIXES:
sts_region
is specified (#35860)cluster_name
plan-time validation, allowing single-character names (#35874)cluster_name
plan-time validation, allowing single-character names (#35874)name
plan-time validation, allowing single-character names (#35874)index_field
options response values (#35900)cluster_name
plan-time validation, allowing single-character names (#35874)cluster_name
plan-time validation, allowing single-character names (#35874)cluster_name
plan-time validation, allowing single-character names (#35874)name
plan-time validation, allowing single-character names (#35874)cluster_name
plan-time validation, allowing single-character names (#35874)cluster_name
plan-time validation, allowing single-character names (#35874)v5.37.0
Compare Source
NOTES:
FEATURES:
aws_db_parameter_group
(#35698)aws_bedrock_provisioned_model_throughput
(#35689)aws_cloudfront_key_value_store
(#35663)aws_redshift_data_share_consumer_association
(#35771)ENHANCEMENTS:
credential_arn
attribute (#34475)client_token
argument (#34402)skip_final_snapshot
argument (#35698)latest
,preferred_major_targets
, andpreferred_upgrade_targets
. Addversion_actual
attribute (#35698)engine_latest_version
andsupports_clusters
arguments and convertingread_replica_capable
,supported_engine_modes
,supported_network_types
, andsupports_multi_az
to arguments for use as search criteria (#35698)introspection_config
,query_depth_limit
, andresolver_count_limit
arguments (#35631)s3_bucket_arn
attribute (#35760)credential_arn
argument (#34475)service_connect_configuration.service.timeout
andservice_connect_configuration.service.tls
configuration blocks (#35684)track_latest
argument (#30154)federated_database
argument (#35799)timeouts
(#35542)domain
anddomain_iam_role_name
arguments to support Kerberos authentication (#35753)geoproximity_routing_policy
configuration block to support geoproximity routing (#35565)target_ip.protocol
argument (#35744)routing_config
argument. Enables the specification of arouting_strategy
. (#34777)ownership_settings
,space_sharing_settings
,space_settings.app_type
,space_settings.code_editor_app_settings
,space_settings.custom_file_system
,space_settings.jupyter_lab_app_settings
, andspace_settings.space_storage_settings
arguments (#35116)BUG FIXES:
failed to get rate limit token, retry quota exceeded
errors (#35817)ownership_verification_certificate_arn
on update (#35777)BadRequestException: Unable to update route. Authorizer type is invalid or null
errors when updatingauthorizer_id
(#35821)report_override
values (#35778)report_override
arguments (#35778)auth
fromTypeList
toTypeSet
as order is not significant (#35819)value
(#33393)container_definitions
diffs whenSecrets
are ordered differently (#35792)ReservationCapacityExceeded
errors when updatinginstance_type
andcapacity_reservation_specification.capacity_reservation_target.capacity_reservation_id
(#33412)false
values foruse_service_linked_role
(#35799)client_cache
tohls_group_settings
. (#35738)ACTIVE
status (#35771)access_control_policy
when switching configuration toacl
. (#35775)v5.36.0
Compare Source
NOTES:
FEATURES:
aws_controltower_landing_zone
(#34595)aws_osis_pipeline
(#35582)aws_redshift_data_share_authorization
(#35703)aws_securitylake_custom_log_source
(#35354)ENHANCEMENTS:
output_format
(#35569)diag.log
andnotify.log
as valid values forenabled_cloudwatch_logs_exports
(#35626)domain_auth_secret_arn
,domain_dns_ips
,domain_fqdn
, anddomain_ou
arguments to support self-managed Active Directory (#35500)filter.access_point
argument (#35590)sse_configuration
argument (#34055)BUG FIXES:
password
attribute correctly (#35589)replica
s are always set on Read (#35630)launch_specifications.on_demand_specification.allocation_strategy
andlaunch_specifications.spot_specification.allocation_strategy
values to fix perpetual state differences (#34367)extended_s3_configuration.processing_configuration.processors.parameters
fromTypeList
toTypeSet
as order is not significant (#35672)logging_config
when values forapplication_log_level
orsystem_log_level
are not specified (#35694)default_action
parameters which don't match thetype
. (#35678)default_action[].target_group_arn
whenignore_changes
was set. (#35671)default_action[].forward
in state if only a singletarget_group
was set. (#35671)action
parameters which don't match thetype
. (#35678)action[].target_group_arn
whenignore_changes
was set. (#35671)action[].forward
in state if only a singletarget_group
was set. (#35671)json
as Computed if there are content changes (#35606)v5.35.0
Compare Source
FEATURES:
aws_bedrock_custom_model
(#34310)aws_bedrock_custom_models
(#34310)aws_ssmcontacts_rotation
(#32710)aws_bedrock_custom_model
(#34310)aws_lexv2models_slot
(#34617)aws_lexv2models_slot_type
(#35555)aws_rekognition_collection
(#35407)aws_sesv2_email_identity_policy
(#35486)aws_ssmcontacts_rotation
(#32710)ENHANCEMENTS:
multi_az
attribute (#35508)hybrid_access_enabled
argument (#35571)with_federation
argument (#35154)multi_az
argument (#35508)owner_account
argument (#35509)header_order
tofield_to_match
configuration blocks (#35521)header_order
tofield_to_match
configuration blocks (#35521)BUG FIXES:
core_network_configuration.edge_locations
maximum item limit (#35585)InvalidParameterValueException: Invalid lifecycle. EBS Cold Tier is not yet supported
errors on resource Create in AWS GovCloud (US) (#35560)/
(#35501)source_ids
as Optional. This fixes a regression introduced in v5.31.0 (#35541)lifecycle_policy
maximum item limit to 3 (#35522)command_line_arguments
max length restriction from 50 to 1024. (#35581)v5.34.0
Compare Source
FEATURES:
aws_rekognition_project
(#35429)aws_route53domains_delegation_signer_record
(#33596)ENHANCEMENTS:
kms_key_id
attribute (#35095)ThirdParty
owner
value (#35286)ThirdParty
owner
value (#35286)ThirdParty
owner
value (#35286)json
attribute to facilitate use with S3 buckets (#33402)configuration
configuration block (#35310)flow_status
attribute (#34948)kms_key_id
argument (#35095)trigger.destination_arn
andtrigger.events
(#35095)auto_scaling_group_provider.managed_draining
argument (#35421)AutoScalingGroups
,Buckets
,ReplicationGroups
,Tables
andTransitGateways
toaction.*.target
(#35300)skip_final_backup
argument (#35320)role_arn
attribute (#35453)json
attribute to facilitate use with S3 buckets (#33402)challenge_config
argument (#35367)BUG FIXES:
build_batch_config
to be removed on Update (#34121)kubernetes_groups
as Computed (#35391)type
anduser_name
as Optional, allowing values to be configured (#35391)workspace_id
attribute after import (#35290)UnsupportedOperation: The functionality you requested is not available in this region
errors on Read in certain partitions (#33484)v5.33.0
Compare Source
FEATURES:
aws_eks_access_entry
(#35037)aws_eks_access_entry
(#35037)aws_eks_access_policy_association
(#35037)aws_lexv2models_intent
(#34891)ENHANCEMENTS:
access_config
attribute (#35037)created_date
andlast_changed_date
attributes (#35117)created_date
attribute (#35117)rule.lifecycle.opt_in_to_archive_for_supported_resources
andrule.copy_action.lifecycle.opt_in_to_archive_for_supported_resources
and arguments (#34994)access_config
configuration block (#35037)use_service_linked_role
argument (#35284)rotate_immediately
argument (#35105)BUG FIXES:
schedule
to be removed successfully (#35282)target.resource_arns
ortarget.resource_tag
attributes. (#35254)ValidationError: Mutual Authentication mode passthrough does not support ignoring certificate expiry
errors whenmutual_authentication.mode
is set topassthrough
(#35289)InvalidParameterException: The parameter RemoveFromVersionId can't be empty. Staging label AWSCURRENT is currently attached to version ..., so you must explicitly reference that version in RemoveFromVersionId
errors when a secret is updated outside Terraform (#19943)v5.32.1
Compare Source
BUG FIXES:
most_recent
is not alsolatest
(#35269)registration_config.role_arn
fromTypeBool
toTypeString
, fixingInappropriate value for attribute "role_arn": a bool is required
errors (#35234)interface conversion: interface {} is *schema.Set, not []string
panic (#35265)v5.32.0
Compare Source
FEATURES:
aws_mq_broker_engine_types
(#34232)aws_msk_bootstrap_brokers
(#32484)aws_verifiedpermissions_policy_store
(#32204)aws_ebs_fast_snapshot_restore
(#35211)aws_elasticache_serverless_cache
(#34951)aws_imagebuilder_workflow
(#35097)aws_kinesis_resource_policy
(#35167)aws_prometheus_scraper
(#34749)aws_securitylake_aws_log_source
(#34974)aws_ssoadmin_application_access_scope
(#34811)aws_verifiedpermissions_policy_store
(#32204)aws_verifiedpermissions_policy_template
(#32205)aws_verifiedpermissions_schema
(#32204)ENHANCEMENTS:
update_policy
attribute (#34353)image_uri
attribute (#24526)lifecycle_policy.transition_to_archive
attribute (#35096)protection
attribute (#35029)il-central-1
AWS Region (#35131)ca-west-1
AWS Region (#35131)ha_pairs
andthroughput_capacity_per_ha_pair
attributes (#34993)region
attribute totarget_table
block. (#34817)logging_config
attribute (#35050)ca-west-1
AWS Region (#35131)load_balancing_anomaly_mitigation
attribute (#35083)name
length validation (#34399)firewall_policy.tls_inspection_configuration_arn
attribute (#35094)kms_key_arn
attribute (#35062)protocols
attribute (#35098)resolver_endpoint_type
attribute (#34798)ca-west-1
AWS Region (#35131)ca-west-1
as a valid AWS Region (#35131)destination_connector_properties.s3.s3_output_format_config.target_file_size
argument (#35215)idle_disconnect_timeout_in_seconds
max value for validation to 360000 (#35173)instance_refresh.preferences.max_healthy_percentage
attribute (#34929)ValidationError: The instance ... is not part of Auto Scaling group ...
errors on resource Delete when disabling scale-in protection for instances that are already fully terminated (#35071)update_policy
parameter (#34353)scheduling_priority
argument andarn_prefix
attribute (#34997)amazonlinux-2023-x86_64
andresolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64
as valid values forimage_id
(#35020)pipeline_type
argument andvariable
configuration block (#34841)cdc_start_time
to use RFC3339 formatted dates in addition to UNIX timestamps (#31917)replication_instance_arn
, allowing in-place migration between DMS instances (#30721)lifecycle_policy.transition_to_archive
argument (#35096)protection
configuration block (#35029)destination.file_system_id
as Optional, enabling EFS replication fallback (#34955)per_unit_storage_throughput
to be updated in-place (#34932)ha_pairs
andthroughput_capacity_per_ha_pair
arguments (#34993)disk_iops_configuration.iops
to2400000
(#34993)throughput_capacity
is Optional (#34993)region
attribute totarget_table
block. (#34817)csv_classifier.serde
argument (#34251)opensearch_configuration.document_id_options
configuration block (#35137)splunk_configuration.buffering_interval
andsplunk_configuration.buffering_size
arguments (#35137)elasticsearch_configuration.buffering_interval
,http_endpoint_configuration.buffering_interval
,opensearch_configuration.buffering_interval
,opensearchserverless_configuration.buffering_interval
,redshift_configuration.s3_backup_configuration.buffering_interval
,extended_s3_configuration.s3_backup_configuration.buffering_interval
,elasticsearch_configuration.s3_configuration.buffering_interval
,http_endpoint_configuration.s3_configuration.buffering_interval
,opensearch_configuration.s3_configuration.buffering_interval
,opensearchserverless_configuration.s3_configuration.buffering_interval
,redshift_configuration.s3_configuration.buffering_interval
andsplunk_configuration.s3_configuration.buffering_interval
minimum values to0
to support zero buffering (#35137)xks_key_id
attribute (#31216)logging_config
configuration block in support of advanced logging controls (#35050)python3.12
runtime
value (#35049)python3.12
compatible_runtimes
value (#35049)load_balancing_anomaly_mitigation
argument (#35083)weighted_random
as a valid value forload_balancing_algorithm_type
(#35083)storage_type
argument (#34985)storage_type
attribute (#34985)firewall_policy.tls_inspection_configuration_arn
argument (#35094)kms_key_arn
argument, enabling encryption at-rest using AWS KMS Customer Managed Keys (CMK) (#35062)port
argument (#34925)protocols
argument (#35098)resolver_endpoint_type
argument (#34798)TransferSecurityPolicy-PQ-SSH-Experimental-2023-04
andTransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04
as valid values forsecurity_policy_name
(#35129)policy_document
argument (#34264)BUG FIXES:
deregistration_delay
fromTypeInt
toTypeString
(#31436)./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)image_id
is Required (#35020)build_timeout
andqueued_timeout
for Lambda compute types (#35043)activation_key
by removing requirement for one ofip_address
oractivation_key
to be set (#35150)replication_settings
(#34356)replication_task_settings
(#34356)arn
attribute on read, resolving persistent differences whentags
are configured (#34998)thing_indexing_configuration.filter.named_shadow_names
(#35225)InvalidArgumentException: Both BufferSizeInMBs and BufferIntervalInSeconds are required to configure buffering for lambda processor
errors on resource Update (#26964)extended_s3_configuration.processing_configuration.processors.parameters
diffs when processor type isLambda
(#35137)source_code_hash
does not change. (#29921)ValidationError: Attributes cannot be empty
errors (#35228)stickiness.cookie_name
whenstickiness.type
islb_cookie
(#31436)snapshotting
status as pending when creating cluster (#31077)reading RAM Resource Share (...) Principal Association (...): couldn't find resource (21 retries)
errors when a high number of principals are associated with a resource share (#34738)./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)./
fromkey
to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility (#35223)rotation_rules.automatically_after_days
whenrotation_rules.schedule_expression
is set. (#35024)tracking_options
being omitted from state and resulting in persistent diff (#35056)portal_options.sign_in_options.application_url
triggeringValidationError
when unset (#34967)v5.31.0
Compare Source
FEATURES:
aws_polly_voices
(#34916)aws_ssoadmin_application_assignments
(#34796)aws_ssoadmin_principal_application_assignments
(#34815)aws_finspace_kx_dataview
(#34828)aws_finspace_kx_scaling_group
(#34832)aws_finspace_kx_volume
(#34833)aws_ssoadmin_trusted_token_issuer
(#34839)ENHANCEMENTS:
log_group_class
attribute (#34812)postgres_settings
attribute (#34724)connection_logs
attribute (#34864)dns_record_client_routing_policy
attribute (#34135)standby_replicas
attribute (#34677)elasticsearch_settings.use_new_mapping_type
argument (#29470)postgres_settings
configuration block (#34724)database.dataview_name
,scaling_group_configuration
, andtickerplant_log_configuration
arguments. (#34831)capacity_configuration
argument is now optional. (#34831)connection_logs
configuration block (#34864)subnets
orsubnet_mapping
is configured (#33205)subnet_mapping
s for Application Load Balancers to be changed without recreating the resource (#33205)subnet_mapping
s for Network Load Balancers to be increased without recreating the resource (#33205)subnets
for Network Load Balancers to be increased without recreating the resource (#33205)standby_replicas
attribute (#34677)BUG FIXES:
ecr_repository_prefix
(#34716)us-east-1
for S3 directory bucket operations. This fixesno such host
errors (#34893)backend
s per virtual node (#34774)invalid new value for .skip_destroy: was cty.False, but now null
errors (#30354)STANDARD
) forlog_group_class
argument and mark as Computed. This fixesInvalidParameterException: Only Standard log class is supported
errors in AWS Regions other than AWS Commercial (#34812)source_ids
andsource_type
are Required (#33731)ecr_repository_prefix
(#34716)security_groups
for Network Load Balancers when the new value is Computed (#33205)InvalidConfigurationRequest: Load balancer attribute key 'dns_record.client_routing_policy' is not supported on load balancers with type 'network'
errors on resource Create in AWS GovCloud (US) (#34135)failover_condition
argument (#33410)reflect.Set: value of type basetypes.StringValue is not assignable to type types.ARN
panic when importing resources withnil
ARN fields (#34820)v5.30.0
Compare Source
FEATURES:
aws_codeguruprofiler_profiling_group
(#34672)aws_ecr_repositories
(#34446)aws_lb_trust_store
(#34584)aws_ssoadmin_application
(#34773)aws_ssoadmin_application_providers
(#34670)aws_codeguruprofiler_profiling_group
(#34672)aws_customerprofiles_domain
(#34622)aws_customerprofiles_profile
(#34622)aws_lb_trust_store
(#34584)aws_lb_trust_store_revocation
(#34584)aws_securitylake_data_lake
(#34521)aws_ssoadmin_application
(#34723)aws_ssoadmin_application_assignment
(#34741)aws_ssoadmin_application_assignment_configuration
(#34752)ENHANCEMENTS:
kms_key_identifier
attribute (#34725)enforce_security_group_inbound_rules_on_private_link_traffic
attribute (#33767)mutual_authentication
attribute (#34584)kms_key_identifier
attribute (#34725)kms_key_identifier
attribute (#34739)log_group_class
argument (#34679)enforce_security_group_inbound_rules_on_private_link_traffic
argument (#33767)mutual_authentication
configuration block (#34584)stack overflow
fatal errors on resource Delete whenforce_destroy
istrue
and the bucket contains delete markers (#34712)resource_spec.sagemaker_image_version_alias
argument (#34729)jupyter_lab_image_config
configuration block (#34696)default_user_settings.code_editor_app_settings
,default_user_settings.custom_file_system_config
,default_user_settings.custom_posix_user_config
,default_user_settings.default_landing_uri
,default_user_settings.jupyter_lab_app_settings
,default_user_settings.space_storage_settings
,default_user_settings.studio_web_portal
arguments (#34729)sagemaker_image_version_alias
argument under alldefault_resource_spec
blocks (#34729)single_sign_on_application_arn
attribute (#34729)sagemaker_image_version_alias
argument under alldefault_resource_spec
blocks (#34729)space_display_name
argument (#34729)url
attribute (#34729)sagemaker_image_version_alias
argument under alldefault_resource_spec
blocks (#34729)user_settings.code_editor_app_settings
,user_settings.custom_file_system_config
,user_settings.custom_posix_user_config
,user_settings.default_landing_uri
,user_settings.jupyter_lab_app_settings
,user_settings.space_storage_settings
,user_settings.studio_web_portal
arguments (#34729)TransferSecurityPolicy-FIPS-2023-05
security_policy_name
value (#34709)BUG FIXES:
deprecation_time
on creation and update due to eventual consistency (#34691)description
on update due to eventual consistency (#34691)deprecation_time
(#34691)destination_flow_config
(#34770)physical_connection_requirements
configuration block (#34737)v5.29.0
Compare Source
FEATURES:
aws_docdbelastic_cluster
(#31033)aws_eks_pod_identity_association
(#34566)ENHANCEMENTS:
storage_type
argument (#34637)name_prefix
argument (#34500)BUG FIXES:
options
fields while waiting for acceptance (#34547)NotImplemented: This bucket does not support Object Versioning
errors on resource Delete whenforce_destroy
istrue
(#34647)v5.28.0
Compare Source
FEATURES:
aws_s3_directory_buckets
(#34612)aws_s3_directory_bucket
(#34612)ENHANCEMENTS:
identity_center_arn
argument andidentity_center_application_arn
attribute (#34582)BUG FIXES:
auth_token_update_strategy
argument with a default value (#34600)v5.27.0
Compare Source
NOTES:
internetmonitor
,ivschat
,pipes
, ands3
. These changes primarily affect how arguments with default values are serialized for outbound requests, changing scalar types to pointers. See this AWS SDK for Go V2 issue for additional context. The corresponding provider changes should make this breakfix transparent to users, but as with any breaking change there is the potential for missed edge cases. If errors are observed in the impacted resources, please link to this dependency update pull request in the bug report (#34476)FEATURES:
aws_emr_supported_instance_types
(#34481)aws_apprunner_default_auto_scaling_configuration_version
(#34292)aws_lexv2models_bot_version
(#33858)aws_s3control_access_grant
(#34564)aws_s3control_access_grants_instance
(#34564)aws_s3control_access_grants_instance_resource_policy
(#34564)aws_s3control_access_grants_location
(#34564)ENHANCEMENTS:
has_associated_service
andis_default
attributes (#34292)network_configuration.ip_address_type
argument (#34292)source_configuration.code_repository.source_directory
argument to support monorepos (#34292)health_check_configuration
to be updated in-place (#34292)state
parameter and deprecateis_enabled
parameter (#34510)auth_token_update_strategy
argument (#34460)java21
runtime
value (#34476)python3.12
runtime
value (#34533)java21
compatible_runtimes
value (#34476)python3.12
compatible_runtimes
value (#34533)target_object_key_format
configuration block to support automatic date-based partitioning (#34504)BUG FIXES:
InvalidParameter: 2 validation error(s) found
error whendestination_flow_config
ortask
is updated (#34456)interface conversion: interface {} is nil, not map[string]interface {}
panic (#34456)service_url
for private services (#34292)ConcurrentModificationException: Workflow <workflowName> was modified while adding trigger <triggerName>
errors (#34530)voice_settings.engine
validation, value conversion errors (#34532)type
argument on create and update when configured (#34524)source_parameters
on update (#34487)v5.26.0
Compare Source
FEATURES:
aws_iot_registration_code
(#15098)aws_bedrock_model_invocation_logging_configuration
(#34303)aws_iot_billing_group
(#31237)aws_iot_ca_certificate
(#15098)aws_iot_event_configurations
(#31237)ENHANCEMENTS:
instance_maintenance_policy
attribute (#34430)https_proxy
andno_proxy
parameters. (#34243)instance_maintenance_policy
configuration block (#34430)policy_arn
(#34378)policy_arn
(#34378)policy_arn
(#34378)policy_arn
(#34378)ca_certificate_id
attribute (#15098)nodejs20.x
andprovided.al2023
runtime
values (#34401)nodejs20.x
andprovided.al2023
compatible_runtimes
values (#34401)definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline
attribute (#33931)definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options
attribute (#33931)number_display_format_configuration
andpercentage_display_format_configuration
to nestednumeric_format_configuration
argument (#33931)definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline
attribute (#33931)definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options
attribute (#33931)number_display_format_configuration
andpercentage_display_format_configuration
to nestednumeric_format_configuration
argument (#33931)definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.sparkline
attribute (#33931)definition.sheets.visuals.kpi_visual.chart_configuration.kpi_options.visual_layout_options
attribute (#33931)number_display_format_configuration
andpercentage_display_format_configuration
to nestednumeric_format_configuration
argument (#33931)delete_automated_backups
argument (#34309)BUG FIXES:
read
error when resource is not created inus-east-1
(#34334)read
error when resource is not created inus-east-1
(#34334)read
error when resource is not created inus-east-1
(#34334)read
error when resource is not created inus-east-1
(#34334)read
error when resource is not created inus-east-1
(#34334)read
error when resource is not created inus-east-1
(#34334)us-east-1
(#34334)us-east-1
(#34426)us-east-1
(#34426)UserNotFound: ... is not available for tagging
errors on resource Read when there is a concurrent update to the user (#34396)key
toSensitive
(#34105)ConcurrentModificationException
errors on create and delete (#34378)ConcurrentModificationException
errors on create and delete (#34378)ConcurrentModificationException
errors on create and delete (#34378)ConcurrentModificationException
errors on create and delete (#34378)errors: *target must be interface or implement error
panic (#34424)interface conversion: interface {} is nil, not map[string]inspector2.AccountResourceStatus
panic (#34424)ca_pem
andcertificate_pem
to ForceNew (#15098)DeleteConflictException
errors on delete (#34329)number_scale
,prefix
, andsuffix
integer arguments (#33931)rolling_date
argument (#33931)select_all_options
argument (#33931)visual_ids
argument (#33931)column_index
androw_index
arguments now properly handle zero values (#33931)number_scale
,prefix
, andsuffix
integer arguments (#33931)rolling_date
argument (#33931)select_all_options
argument (#33931)visual_ids
argument (#33931)column_index
androw_index
arguments now properly handle zero values (#33931)permissions.actions
maximum item limit to 20, aligning with the AWS API limits (#33931)number_scale
,prefix
, andsuffix
integer arguments (#33931)rolling_date
argument (#33931)select_all_options
argument (#33931)visual_ids
argument (#33931)column_index
androw_index
arguments now properly handle zero values (#33931)default_user_settings.canvas_app_settings.identity_provider_oauth_settings
from TypeSet to TypeList, preventinginterface conversion: interface {} is *schema.Set, not []interface {}
panics (#34418)expression
israte(0 minutes)
(#34084)UnsupportedOperation: The tunnel inside ip version parameter is not currently supported in this region
error when creating connections in certain partitions and Regions (#34420)v5.25.0
Compare Source
NOTES:
name
toarn
(#30758)FEATURES:
aws_apigatewayv2_vpc_link
(#33974)aws_athena_named_query
(#24815)aws_bedrock_foundation_model
(#34148)aws_bedrock_foundation_models
(#34148)aws_athena_prepared_statement
(#33417)aws_lexv2models_bot_locale
(#33949)ENHANCEMENTS:
endpoints.sso
(#34302)jwt_token
andoauth2_grant_type
arguments to theconnector_profile_config.connector_profile_credentials.salesforce
block. (#34248)initial_lifecycle_hook.default_result
,initial_lifecycle_hook.heartbeat_timeout
,initial_lifecycle_hook.lifecycle_transition
,initial_lifecycle_hook.name
,initial_lifecycle_hook.notification_target_arn
andinitial_lifecycle_hook.role_arn
(#12145)default_result
,heartbeat_timeout
,lifecycle_transition
,name
,notification_target_arn
androle_arn
(#12145)task_report_config
argument (#33861)postgres
as a validengine
value for blue/green deployments (#34216)pause_replication_tasks
, which when set totrue
, pauses associated running replication tasks, regardless if they are managed by Terraform, prior to modifying the endpoint (only tasks paused by the resource will be restarted after the modification completes) (#34316)vpc_config.security_group_ids
andvpc_config.subnet_ids
to be updated in-place (#32409)lambda_code
argument to theauto_enable
configuration block (#34261)default_user_settings.canvas_app_settings.direct_deploy_settings
,default_user_settings.canvas_app_settings.identity_provider_oauth_settings
anddefault_user_settings.canvas_app_settings.kendra_settings
arguments (#34265)default_space_settings.kernel_gateway_app_settings.custom_image
,default_user_settings.kernel_gateway_app_settings.custom_image
anddefault_user_settings.r_session_app_settings.custom_image
MaxItems
from30
to200
(#34265)offline_store_config.s3_storage_config.resolved_output_s3_uri
,online_store_config.storage_type
andonline_store_config.ttl_duration
arguments (#34283)online_store_config.ttl_duration
to be updated in-place (#34283)container.model_data_source
andprimary_container.model_data_source
configuration blocks (#34158)space_settings.kernel_gateway_app_settings.custom_image
MaxItems
from30
to200
(#34265)default_user_settings.canvas_app_settings.direct_deploy_settings
,default_user_settings.canvas_app_settings.identity_provider_oauth_settings
anddefault_user_settings.canvas_app_settings.kendra_settings
arguments (#34265)archive_policy
argument andbeginning_archive_time
attribute to support message archiving (#34252)replay_policy
argument (#34252)BUG FIXES:
Value Conversion Error
panic for certain resources whennull
tag values are specified (#34319)initial_lifecycle_hook
configuration block attributes to ForceNew (#34260)id
attribute from the trail's name to its ARN to support organization trails (#30758)event_pattern
max length for validation to 4096 (#34270)default_space_settings.r_studio_server_pro_app_settings.access_status
fromENABLED
toDISABLED
(#34265)v5.24.0
Compare Source
NOTES:
FEATURES:
aws_opensearchserverless_lifecycle_policy
(#34144)aws_detective_organization_admin_account
(#25237)aws_detective_organization_configuration
(#25237)aws_opensearchserverless_lifecycle_policy
(#34144)aws_redshift_resource_policy
(#34149)aws_verifiedaccess_endpoint
(#30763)ENHANCEMENTS:
custom_headers
argument (#31561)node_properties
argument (#34153)code
,database
, andinitialization_script
arguments. The update timeout has been increased to 30 minutes. (#34220)kafka.header
anderror_action.kafka.header
arguments (#34191)NO_ENCAP
as a validoptions.protocol
value (#34109)subnet_arn
argument to support Tunnel-less Connect attachments (#34109)inside_cidr_blocks
is Optional (#34109)backup_retention_period
(also, "1") to allow integration with AWS Backup (#34187)snapshot_arn
argument (#34181)manage_master_password
andmaster_password_secret_kms_key_id
arguments to support managed admin credentials (#34182)override_provider
configuration block, allowing tags inherited from the providerdefault_tags
configuration block to be ignored (#33262)rotation_lambda_arn
argument is now optional to support modifying the rotation schedule of AWS-managed secrets. (#34180)BUG FIXES:
id
attribute for individual IPAM pools (#32133)action.forward.target_group
argument minimum item requirement. Previously this was set to 2, but the AWS API allows specifying a single target group. (#33727)enable_performance_mode
(#34141)action.forward.target_group
argument minimum item requirement. Previously this was set to 2, but the AWS API allows specifying a single target group. (#33727)window_options.bounds.*
argument validatation functions (#34230)window_options.bounds.*
argument validatation functions (#34230)window_options.bounds.*
argument validatation functions (#34230)unexpected state 'scaling-compute'
(#34187)v5.23.1
Compare Source
BUG FIXES:
vpc_config.ipv6_allowed_for_dual_stack
attribute, fixingInvalid address to set: []string{"vpc_config", "0", "ipv6_allowed_for_dual_stack"}
errors (#34134)v5.23.0
Compare Source
NOTES:
finspace
,kafka
,medialive
,rds
,s3control
,timestreamwrite
, andxray
. These changes primarily affect how arguments with default values are serialized for outbound requests, changing scalar types to pointers. See this AWS SDK for Go V2 issue for additional context. The corresponding provider changes should make this breakfix transparent to users, but as with any breaking change there is the potential for missed edge cases. If errors are observed in the impacted resources, please link to this dependency update pull request in the bug report. (#34096)FEATURES:
aws_iot_domain_configuration
(#24765)ENHANCEMENTS:
image_scanning_configuration
attribute (#34049)evaluation_mode
attribute (#34033)ip_discovery
andnetwork_type
arguments (#34019)image_scanning_configuration
configuration block (#34049)vpc_config.ipv6_allowed_for_dual_stack
argument (#34045)dns_record_client_routing_policy
attribute to configure Availability Zonal DNS affinity on Network Load Balancer (NLB) (#33992)target_health_state
configuration block (#34070)false
) forconnection_termination
argument and mark as Computed, to support new default behavior for UDP/TCP_UDP target groups (#34070)slowquery
as a validenable_cloudwatch_logs_exports
value (#34053)BUG FIXES:
tags_all
is null (#34073)launch_template
name is updated. (#34086)false
foradd_trailing_padding_character
, maintaining compatibility with older (pre-3.4.7) DMS engine versions (#34048)0
as a valid value forvolume.efs_volume_configuration.transit_encryption_port
, preventing unexpected drift (#34020)description
attribute when it is changed (#34037)thing_indexing_configuration.filter
attribute, resolvingInvalidRequestException: NamedShadowNames Filter must not be empty for enabling NamedShadowIndexingMode
errors (#26859)0
(representing Sunday) formaintenance_start_time.day_of_week
(#34015)InvalidParameterValue: Policy Document cannot be provided when Policy Enabled is false or missing
errors when updatingpolicy_document
(#34054)v5.22.0
Compare Source
FEATURES:
aws_media_convert_queue
(#27075)aws_elasticsearch_vpc_endpoint
(#33925)aws_msk_replicator
(#33973)ENHANCEMENTS:
self_service_portal_url
attribute (#34007)name_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)cluster_identifier_prefix
argument (#33852)identifier_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)self_service_portal_url
attribute (#34007)name_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)type
attribute (#33950)name_prefix
argument (#33852)name_prefix
argument (#33852)cluster_identifier_prefix
argument (#33852)identifier_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)name_prefix
argument (#33852)cluster_identifier_prefix
argument (#33852)identifier_prefix
argument (#33852)name_prefix
argument (#33852)signer:SignPayload
as a validaction
value (#33852)statement_id_prefix
argument (#33852)pre_authentication_login_banner
andpost_authentication_login_banner
length limits to 4096 (#33937)ja3_fingerprint
tofield_to_match
configuration blocks (#33933)BUG FIXES:
computed
values are not set when there is no update (#33969)manage_master_user_password
andmaster_user_secret_kms_key_id
attributes correctly (#33699)engine_version
from6.x
to a specific6.<digit>
version number (#33954)permission_boundary
when deleted outside of Terraform (#33963)permission_boundary
when deleted outside of Terraform (#33963)Value at 'resourceTypes' failed to satisfy constraint
errors (#33348)engine_version
(#33487)found resource
errors on Delete (#33966)v5.21.0
Compare Source
FEATURES:
aws_servicequotas_templates
(#33871)aws_ec2_image_block_public_access
(#33810)aws_guardduty_organization_configuration_feature
(#33913)aws_servicequotas_template_association
(#33725)aws_verifiedaccess_group
(#33297)aws_verifiedaccess_instance_logging_configuration
(#33864)ENHANCEMENTS:
s3_settings.glue_catalog_generation
attribute (#33778)cluster_uuid
attribute (#33805)outdated_instances_strategy
argument (#33844)s3_settings.glue_catalog_generation
attribute (#33778)glue_catalog_generation
attribute (#33778)allow_major_version_upgrade
argument (#33790)copy_tags_to_snapshot
argument (#31022)import_table
configuration block (#33802)cluster_uuid
attribute (#33805)cluster_uuid
attribute (#33805)base_policy_document
argument (#33712)require_ssl
anduse_fips_ssl
config_parameters
keys (#33916)fips_enabled
argument (#33880)config.lambda_event_structure_version
argument (#33804)config.port
,config.protocol
andconfig.vpc_identifier
optional (#33804)aws_managed_rules_acfp_rule_set
tomanaged_rule_group_configs
configuration block (#33915)BUG FIXES:
AWS_S3_US_EAST_1_REGIONAL_ENDPOINT
environment variable when configuring the S3 API client (#33874).
) no longer fail validation (#33704).
) no longer fail validation (#33704)v5.20.1
Compare Source
NOTES:
v5.20.0
Compare Source
FEATURES:
aws_guardduty_detector_feature
(#31463)aws_servicequotas_template
(#33688)aws_sesv2_account_vdm_attributes
(#33705)aws_verifiedaccess_instance_trust_provider_attachment
(#33734)ENHANCEMENTS:
features
attribute (#31463)name
(#21030)opensearchserverless_configuration
andmsk_source_configuration
configuration blocks (#33101)opensearchserverless
as a validdestination
value (#33101)BUG FIXES:
active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group
is not configured (#33800)active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group
is not configured (#33800)dns_options.dns_record_ip_type
toComputed
to prevent diffs (#33743)v5.19.0
Compare Source
BREAKING CHANGES:
metadata
attribute's keys are always returned in lowercase (#33660)metadata
attribute's keys are always returned in lowercase (#33660)NOTES:
metadata
attribute's keys are now always returned in lowercase. Please modify configurations as necessary (#33660)metadata
attribute's keys are now always returned in lowercase. Please modify configurations as necessary (#33660)FEATURES:
aws_cleanrooms_configured_table
(#33602)aws_dms_replication_config
(#32908)aws_lexv2models_bot
(#33475)aws_rds_custom_db_engine_version
(#33285)ENHANCEMENTS:
ubuntu-22.04-x86_64
andresolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64
as valid values forimage_id
(#33662)bypass_snaplock_enterprise_retention
argument andsnaplock_configuration
configuration block to support SnapLock (#32530)copy_tags_to_backups
andsnapshot_policy
arguments (#32530)delete_volume_options
argument (#32530)force_delete
argument (#33586)connection_properties
,connection_mode
andaccept_connection
arguments (#32990)rate_based_statement.custom_key
configuration block (#33594)rate_based_statement.custom_key
configuration block (#33594)BUG FIXES:
compute_environments
as ARNs (#33577)IllegalUpdate
errors when updating a stagingaws_cloudfront_distribution
that is part of continuous deployment (#33578)IllegalUpdate
errors when updating a staging distribution associated with anaws_cloudfront_continuous_deployment_policy
(#33578)PreconditionFailed
errors when destroying a distribution associated with anaws_cloudfront_continuous_deployment_policy
(#33578)StagingDistributionInUse
errors when destroying a distribution associated with anaws_cloudfront_continuous_deployment_policy
(#33578)protocol.smb.domain
,protocol.smb.user
andprotocol.smb.password
(#33641)policy
(#33570)policy
(#33570)policy
(#33570)assume_role_policy
(#33570)policy
(#33570)policy
(#33570)policy
(#33570)couldn't find resource
errors on resource Create (#33537)inline_policy
(#33570)policy
(#33570)policy
(#33570)v5.18.1
Compare Source
NOTES:
v5.18.0
Compare Source
FEATURES:
aws_fsx_ontap_file_system
(#32503)aws_fsx_ontap_storage_virtual_machine
(#32621)aws_fsx_ontap_storage_virtual_machines
(#32624)aws_organizations_organizational_unit
(#33408)aws_opensearch_package
(#33227)aws_opensearch_package_association
(#33227)ENHANCEMENTS:
active_directory_configuration.self_managed_active_directory_configuration.domain_name
,active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group
andactive_directory_configuration.self_managed_active_directory_configuration.organizational_unit_distinguished_name
allowing an SVM to join AD after creation (#33466)BUG FIXES:
dkim_signing_attributes.domain_signing_private_key
as sensitive (#33477)storage_throughput
can be changed wheniops
andallocated_storage
are not changed (#33529)option
port
and/orversion
is not set (#33511)active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group
is configured (#33466)file_system_id
to ForceNew (#32621)OperationAborted: A conflicting conditional operation is currently in progress against this resource
errors (#33531)OperationAborted: A conflicting conditional operation is currently in progress against this resource
errors (#33531)OperationAborted: A conflicting conditional operation is currently in progress against this resource
errors (#33531)dkim_signing_attributes.domain_signing_private_key
as sensitive (#33477)v5.17.0
Compare Source
NOTES:
/
as the value forkey
is no longer supported (#33358)FEATURES:
aws_shield_application_layer_automatic_response
(#33432)aws_verifiedaccess_instance
(#33459)ENHANCEMENTS:
checksum_mode
argument andchecksum_crc32
,checksum_crc32c
,checksum_sha1
andchecksum_sha256
attributes (#33358)details.region.bucket_account_id
attribute (#33416)checksum_algorithm
argument andchecksum_crc32
,checksum_crc32c
,checksum_sha1
andchecksum_sha256
attributes (#33358)checksum_algorithm
argument andchecksum_crc32
,checksum_crc32c
,checksum_sha1
andchecksum_sha256
attributes (#33358)details.region.bucket_account_id
argument to support cross-account Multi-Region Access Points (#33416)details.region.region
attribute (#33416)JSONSchemaDraft4
schema type support (#33442)sftp_config
argument and makeas2_config
optional (#32741)WAFOptimisticLockException
errors (#33432)BUG FIXES:
replication_task_settings
isnil
(#33456)redis
engine types caused by the newtransit_encryption_enabled
argument (#33451)kms_key_arn
on restore from DB cluster snapshot (#33413)provisioning_artifact_parameters
attribute (#33448)v5.16.2
Compare Source
FEATURES:
aws_cognito_identity_pool
(#33053)aws_verifiedaccess_trust_provider
(#33195)ENHANCEMENTS:
instance_refresh.preferences.scale_in_protected_instances
andinstance_refresh.preferences.standby_instances
fromWait
to the Amazon EC2 Auto Scaling console recommended value ofIgnore
(#33382)alias
attribute (#33388)BUG FIXES:
ValidationError
errors when starting Auto Scaling group instance refresh (#33382)InvalidParameter
errors on Update with Kafka destinations (#33360)name
(#33405)name
(#33405)name
(#33405)name
(#33405)lb_name
(#33405)lb_name
(#33405)lb_name
(#33405)lb_name
(#33405)lb_name
(#33405)lb_name
(#33405)v5.16.1
Compare Source
BUG FIXES:
Search returned 0 results
errors when there are more than 101 file systems in the configured Region (#33336)unexpected state
errors on resource Create (#33369)metadata_location
andtable_type
parameters
when updating Iceberg tables (#33374)v5.16.0
Compare Source
NOTES:
FEATURES:
aws_shield_drt_access_log_bucket_association
(#33328)aws_shield_drt_access_role_arn_association
(#33328)ENHANCEMENTS:
customer_id
attribute (#33281)disk_iops_configuration
attribute (#33303)software_update_options
attribute (#32234)request_payer
argument andrequest_charged
attribute (#33304)encoding_type
(#33304)api_key_version
andfeatures
attributes (#33279)customer_id
argument (#33281)name
(#33281)scale_in_protected_instances
andstandby_instances
attributes toinstance_refresh.preferences
configuration block (#33310)redshift-serverless
as valid value forengine_name
(#33316)transit_encryption_enabled
argument, enabling in-transit encryption for Memcached clusters inside a VPC (#26987)disk_iops_configuration
configuration block (#33303)open_table_format_input
configuration block to support open table formats such as Apache Iceberg (#33274)automatic_input_failover_settings
ininput_attachments
(#33129)software_update_options
attribute (#32234)sync_compliance
attribute (#23515)BUG FIXES:
filter
argument to preventUnknownOperationException
errors in certain Regions (#33311)filter
argument to preventUnknownOperationException
errors in certain Regions (#33311)max_keys
value if it's greater than1000
(#33304)cloudwatch_role_arn
to an empty value and set it correctly on Read, allowing its value to be determined on import (#33279)disk_iops_configuration.iops
to160000
(#33263)ResourceNotFoundException
errors on resource Delete when configuredprincipal_type
isIAM_PATTERN
(#32243)v5.15.0
Compare Source
ENHANCEMENTS:
name
attribute (#33243)read_only_admins
attribute (#33189)cluster_config.multi_az_with_standby_enabled
attribute (#33031)call_as = "DELEGATED_ADMIN"
via StackSetName,CallAs syntax forimport
block orterraform import
command (#19092)call_as = "DELEGATED_ADMIN"
via StackSetName,AccountID,Region,CallAs syntax forimport
block orterraform import
command (#19092)setting protocol: Invalid address to set
errors (#33225)name
attribute (#33243)endpoint_ip_address_range
,preferred_subnet_id
androute_table_ids
arguments to support the Multi-AZ deployment type (#33245)read_only_admins
argument (#33189)cluster_config.multi_az_with_standby_enabled
argument (#33031)name_prefix
argument (#33206)statement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_atp_rule_set.enable_regex_in_path
argument (#33217)BUG FIXES:
tags
that arecomputed
(#33226)oauth2
incustom_connector_profile
(#33192)Can only set RetainStacksOnAccountRemoval if AutoDeployment is enabled
errors (#19092)TypeString
instead ofTypeInt
to preventvalue out of range
panic (#33220)tag propagation: timeout while waiting for state to become 'TRUE'
errors when any tag value is empty (""
) (#33226)ShieldMitigationRuleGroup
rule on resource Update (#33216)v5.14.0
Compare Source
NOTES:
statement.*.condition
blocks with the sametest
andvariable
arguments were incorrectly handled by the provider. Since this results in unexpected IAM Policies being submitted to AWS, we have updated the logic to mergevalues
lists in this case. This may cause existing IAM Policy documents to report a difference. However, those policies are likely not what was originally intended. (#33093)FEATURES:
aws_datasync_location_azure_blob
(#32632)aws_datasync_location_fsx_ontap_file_system
(#32632)ENHANCEMENTS:
network_type
attribute (#33158)destination_arn
andsource_arn
attributes (#33168)network_type
argument (#33158)destination_arn
andsource_arn
attributes (#33168)transit_gateway_configuration.*.attachment_network_acl_configuration
argument. (#33123)selector_settings
foraudio_selector
andselector_settings
forcaption_selector
(#32714)BUG FIXES:
condition
blocks with duplicatedtest
andvariable
arguments (#33093)outpost_arn
without anasset_id
(#33142)setting forward_path_components: Invalid address to set
errors (#33168)source
ordestination
(#33168)AnalysisExistsForNetworkInsightsPath
errors on resource Delete (#33168)tag propagation: timeout while waiting for state to become 'TRUE'
errors whenignore_tags
has been configured (#33167)InvalidParameterValueException
errors during resource Delete (#32845)Current cluster policy version needed for Update
errors (#33118)definition.*.parameter_declarations
to a set type, preventing persistent differences (#33120)word_orientation
argument when using word cloud visuals. (#33122)definition.*.parameter_declarations.*.*_parameter_declaration.static_values
when empty, preventing persistent differences. (#33161)definition.*.parameter_declarations
to a set type, preventing persistent differences (#33120)word_orientation
argument when using word cloud visuals. (#33122)definition.*.parameter_declarations.*.*_parameter_declaration.static_values
when empty, preventing persistent differences. (#33161)definition.*.parameter_declarations
to a set type, preventing persistent differences (#33120)word_orientation
argument when using word cloud visuals. (#33122)definition.*.parameter_declarations.*.*_parameter_declaration.static_values
when empty, preventing persistent differences. (#33161)acl
as Computed. This suppresses the diffs shown when migrating resources with no configuredacl
attribute value from v4.67.0 (or earlier) (#33138)acl
as Computed. This suppresses the diffs shown when migrating resources with no configuredacl
attribute value from v4.67.0 (or earlier) (#33138)SECURITY_CONTROL
) forcontrol_finding_generator
argument and mark as Computed (#33095)v5.13.1
Compare Source
BUG FIXES:
source_code_hash
back to ForceNew. This fixesdoesn't support update
errors (#33097)current Organization ID (o-xxxxxxxxxx) does not match
errors on resource Read (#33091)v5.13.0
Compare Source
FEATURES:
aws_msk_cluster_policy
(#32848)aws_opensearch_vpc_endpoint
(#32435)aws_ram_sharing_with_organization
(#25433)ENHANCEMENTS:
image_scanning_configuration
attribute (#33005)resource_arns
attribute (#22591)s3_us_east_1_regional_endpoint
attribute to support using the regional S3 API endpoint inus-east-1
. (#33024)babelfish
as anengine_name
option (#32975)image_scanning_configuration
configuration block (#33005)security_groups
for Network Load Balancers force a new resource if either the old or new set of security group IDs is empty (#32987)global_cluster_identifier
(#30996)BUG FIXES:
most_recent_image_tags
when only a single image is found (#31757)outputs
as Computed when there are potential changes. (#33059)source_code_hash
is used but not changed (#32535)terraform import
is the current Organization (#31796)definition.*.calculated_fields.*.expression
to 32000 characters (#33012)definition.*.calculated_fields
to a set type, preventing persistent differences (#33040)permissions
argument to TypeSet, preventing persistent differences (#33023)font_configuration
to be set for table header styles (#33018)font_configuration
to be set for table header styles (#33018)font_configuration
to be set for table header styles (#33018)visuals
blocks per sheet to 50 (#32856)definition.*.calculated_fields.*.expression
to 32000 characters (#33012)definition.*.calculated_fields
to a set type, preventing persistent differences (#33040)permissions
argument to TypeSet, preventing persistent differences (#33023)definition.*.calculated_fields
to 500 (#33012)definition.*.calculated_fields.*.expression
to 32000 characters (#33012)definition.*.calculated_fields
to a set type, preventing persistent differences (#33040)permissions
argument to TypeSet, preventing persistent differences (#33023)expected_bucket_owner
is configured (#32989)s3_kms_key_id
insharing_settings
andkms_key_id
(#32661)rule_group_reference_statement.rule_action_override.action_to_use.challenge
argument (#31127)v5.12.0
Compare Source
NOTES:
FEATURES:
aws_codecatalyst_dev_environment
(#32886)aws_ec2_transit_gateway_route_table_routes
(#30771)aws_msk_vpc_connection
(#31062)aws_cloudfront_continuous_deployment_policy
(#32936)aws_codecatalyst_dev_environment
(#32366)aws_codecatalyst_project
(#32883)aws_codecatalyst_source_repository
(#32899)aws_msk_vpc_connection
(#31062)ENHANCEMENTS:
metadata_options.http_protocol_ipv6
attribute (#32759)db_system_id
attribute (#32846)il-central-1
as a valid AWS Region (#32878)ignore_failed_scaling_activities
argument (#32914)continuous_deployment_policy_id
andstaging
arguments to support continuous deployments (#32936)actions_suppressor
configuration block (#32751)sagemaker_pipeline_target
argument (#32882)hudi_target
argument (#32898)http_protocol_ipv6
attribute tometadata_options
configuration block (#32759)bootstrap_brokers_vpc_connectivity_sasl_iam
,bootstrap_brokers_vpc_connectivity_sasl_scram
andbootstrap_brokers_vpc_connectivity_tls
attributes (#31062)vpc_connectivity
attribute to thebroker_node_group_info.connectivity_info
configuration block (#31062)db_system_id
argument to support RDS Custom engine types (#32846)custom_iam_instance_profile
argument to allow RDS Custom users to specify an IAM Instance Profile for the RDS Cluster Instance (#32846)engine
plan-time validation to allow for RDS Custom engine types (#32846)BUG FIXES:
max_user_duration_in_seconds
to 432000 (#32933)UpdateDistribution
API if only tags are updated (#32865)restore_to_point_in_time
configuration block (#32928)args
forbootstrap_action
(#32956)security_service_policy_data.managed_service_data
(#32860)InvalidParameterCombination: Network interfaces and an instance-level security groups may not be specified on the same request
errors creating Instances withsubnet_id
configured andlaunch_template
referencing anaws_launch_template
with configuredvpc_security_group_ids
(#32854)v5.11.0
Compare Source
FEATURES:
aws_sagemaker_pipeline
(#32527)ENHANCEMENTS:
il-central-1
AWS Region (#32840)tags
argument (#31602)tags
(#32740)tags
(#32740)tags
argument (#31600)il-central-1
AWS Region (#32840)il-central-1
AWS Region (#32840)il-central-1
AWS Region (#32840)name
(#32177)savedown_storage_configuration.size
minimum value to10
GB. (#32800)python3.11
runtime
value (#32729)python3.11
compatible_runtimes
value (#32729)REJECT
action in stateful rule actions (#32746)deployment_config.rolling_update_policy
argument (#32418)deployment_config.blue_green_update_policy
optional (#32418)BUG FIXES:
container_overrides.memory
tocontainer_overrides.memory_reservation
(#32793)unexpected state 'Pending'
errors on resource Create (#31600)transit_gateway_default_route_table_association
andtransit_gateway_default_route_table_propagation
to Computed (#32821)InvalidRequestException: IdentityId is invalid
errors reading resources created withidentity_name
(#32416)definition.sheets.visuals.insight_visual.insight_configuration.computation
(#32791)select_all_options
values forcustom_filter_configuration
,custom_filter_list_configuration
,filter_list_configuration
,numeric_equality_filter
, andnumeric_range_filter
(#32822)definition.sheets.visuals.insight_visual.insight_configuration.computation
(#32791)definition.sheets.visuals.insight_visual.insight_configuration.computation
(#32791)select_all_options
values forcustom_filter_configuration
,custom_filter_list_configuration
,filter_list_configuration
,numeric_equality_filter
, andnumeric_range_filter
(#32822)Provider produced inconsistent final plan
errors forpublish
(#32844)v5.10.0
Compare Source
FEATURES:
aws_iam_security_token_service_preferences
(#32091)ENHANCEMENTS:
secondary_allocation_ids
,secondary_private_ip_addresses
andsecondary_private_ip_address_count
attributes (#31778)structured_log_destinations
attribute (#32654)compute_resources.allocation_strategy
,compute_resources.bid_percentage
,compute_resources.ec2_configuration.image_id_override
,compute_resources.ec2_configuration.image_type
,compute_resources.ec2_key_pair
,compute_resources.image_id
,compute_resources.instance_role
,compute_resources.launch_template.launch_template_id
,
compute_resources.launch_template.launch_template_name
,compute_resources.tags
andcompute_resources.type
can now be updated in-place (#30438)command.runtime
attribute (#32528)grafana_version
to be updated in-place (#32679)caption_descriptions
,global_configuration
,motion_graphics_configuration
, andnielsen_configuration
support toencoder settings
(#32233)secondary_allocation_ids
,secondary_private_ip_addresses
andsecondary_private_ip_address_count
arguments (#31778)firewall_policy.policy_variables
configuration block to support Suricata HOME_NET variable override (#32400)default_user_settings.canvas_app_settings.workspace_settings
attribute (#32526)user_settings.canvas_app_settings.workspace_settings
attribute (#32526)structured_log_destinations
argument (#32654)BUG FIXES:
phone_number
(#32715)ebs_options.throughput
andebs_options.iops
for unsupported volume types (#32659)database.cache_configurations.db_paths
argument is now optional (#32579)database.cache_configurations
argument is now optional (#32579)AAAA
type
value (#32664)off_peak_window_options.off_peak_window.window_start_time
value of00:00
(#32716)definition.sheets.visuals.pie_chart_visual.chart_configuration.data_labels.measure_label_visibility
(#32668)optimized_view_port_width
argument changed to Optional (#32644)definition.sheets.visuals.pie_chart_visual.chart_configuration.data_labels.measure_label_visibility
(#32668)optimized_view_port_width
argument changed to Optional (#32644)definition.sheets.visuals.pie_chart_visual.chart_configuration.data_labels.measure_label_visibility
(#32668)optimized_view_port_width
argument changed to Optional (#32644)destination_arn
(#32186)resource_identifier
(#32186)service_identifier
orservice_network_identifier
(#32658)service_network_identifier
(#32658)v5.9.0
Compare Source
FEATURES:
aws_workspaces_connection_alias
(#32482)ENHANCEMENTS:
path
to thespec.http_route.action.rewrite
andspec.http2_route.action.rewrite
configuration blocks (#32449)max_allocated_storage
attribute (#32477)asset_id
attribute (#32388)path
to thespec.http_route.action.rewrite
andspec.http2_route.action.rewrite
configuration blocks (#32449)stack_instance_summaries
attribute to track all account and stack IDs for deployments to organizational units. (#24523)deployment_targets
now force a new resource. (#24523)backup_target
attribute (#32609)asset_id
argument (#32388)rule_number
(#32594)tags
attribute (#32606)signing_material
attribute. (#32414)platform_id
validation. (#32414)association_config
argument (#31668)BUG FIXES:
replication_instance_private_ips
,replication_instance_public_ips
, andvpc_security_group_ids
to always returnnull
(#32551)setting user: Invalid address to set
errors (#32593)dns_options.private_dns_only_for_inbound_resolver_endpoint
(#32517)schema.string_attribute_constraints
is omitted forString
attribute types (#32445)private_link_endpoint
is not explicitly configured. (#32546)endpoint_group_region
value on resource Create (#32393)Error: setting target_parameters: Invalid address to set
errors when creating pipes with ecs task targets (#32432)ValidationException
errors when updating pipe (#32622)default
value for namespace (#32494)Value Conversion Error
errors (#32596)response_inspection
parameters (#31111)v5.8.0
Compare Source
ENHANCEMENTS:
insecure_value
attribute (#30817)policy_option
attribute forsecurity_service_policy_data
block (#25362)enable_date
anduser_name
attributes (#32462)BUG FIXES:
replication_user
tofalse
(#32454)definition.sheets.visuals.bar_chart_visual.chart_configuration.category_axis.scrollbar_options.visible_range
(#32464)definition.sheets.visuals.pivot_table_visual.chart_configuration.field_options.selected_field_options.visibility
(#32464)definition.sheets.visuals.pivot_table_visual.chart_configuration.field_wells.pivot_table_aggregated_field_wells.rows
(#32464)definition.sheets.visuals.bar_chart_visual.chart_configuration.category_axis.scrollbar_options.visible_range
(#32464)definition.sheets.visuals.pivot_table_visual.chart_configuration.field_options.selected_field_options.visibility
(#32464)definition.sheets.visuals.pivot_table_visual.chart_configuration.field_wells.pivot_table_aggregated_field_wells.rows
(#32464)definition.sheets.visuals.bar_chart_visual.chart_configuration.category_axis.scrollbar_options.visible_range
(#32464)definition.sheets.visuals.pivot_table_visual.chart_configuration.field_options.selected_field_options.visibility
(#32464)definition.sheets.visuals.pivot_table_visual.chart_configuration.field_wells.pivot_table_aggregated_field_wells.rows
(#32464)v5.7.0
Compare Source
FEATURES:
aws_opensearchserverless_security_config
(#32321)aws_opensearchserverless_security_policy
(#32226)aws_opensearchserverless_vpc_endpoint
(#32276)aws_cleanrooms_collaboration
(#31680)ENHANCEMENTS:
client_side_timestamps
configuration block (#32339)target_database.region
argument (#32283)iceberg_target
configuration block (#32332)health_events_config
configuration block (#32343)code_signing_config_arn
in theap-east-1
AWS Region (#32327)description
to be updated in-place (#32342)description
to be updated in-place (#32342)schema
configuration block (#32354)BUG FIXES:
forbidden_account_ids
(#32352)InvalidParameterException: You cannot specify both rotation frequency and schedule expression together
errors on resource Update (#31915)overwrite
parameter changes (#32372)InvalidParameter: PrivateDnsOnlyForInboundResolverEndpoint not supported for this service
errors creating S3 Interface VPC endpoints (#32355)v5.6.2
Compare Source
BUG FIXES:
InvalidArgument: Invalid attribute name specified
errors when listing S3 Bucket objects, caused by an AWS SDK for Go regression (#32317)v5.6.1
Compare Source
BUG FIXES:
tags
ortags_all
are updated (#32297)v5.6.0
Compare Source
FEATURES:
aws_opensearchserverless_access_policy
(#32231)aws_opensearchserverless_collection
(#32247)aws_sfn_alias
(#32176)aws_sfn_state_machine_versions
(#32176)aws_ec2_instance_connect_endpoint
(#31858)aws_sfn_alias
(#32176)aws_transfer_agreement
(#32203)aws_transfer_certificate
(#32203)aws_transfer_connector
(#32203)aws_transfer_profile
(#32203)ENHANCEMENTS:
placement_group
attribute to thecompute_resources
configuration block (#32200)release_label
changes (#32278)log_configuration
configuration block (#32102)parameters
attribute to thetarget
configuration block (#32160)Pods
andTasks
toaction.*.target
(#32152)queues
argument has changed from a set to a list with a maximum of one element. (#31931)activemq_broker_parameters
,dynamodb_stream_parameters
,kinesis_stream_parameters
,managed_streaming_kafka_parameters
,rabbitmq_broker_parameters
,self_managed_kafka_parameters
andsqs_queue_parameters
attributes to thesource_parameters
configuration block. NOTE: Because we cannot easily test all this functionality, it is best effort and we ask for community help in testing (#31607)batch_job_parameters
,cloudwatch_logs_parameters
,ecs_task_parameters
,eventbridge_event_bus_parameters
,http_parameters
,kinesis_stream_parameters
,lambda_function_parameters
,redshift_data_parameters
,sagemaker_pipeline_parameters
,sqs_queue_parameters
andstep_function_state_machine_parameters
attributes to thetarget_parameters
configuration block. NOTE: Because we cannot easily test all this functionality, it is best effort and we ask for community help in testing (#31607)enrichment_parameters
argument (#31607)resource_query
no longer conflicts withconfiguration
(#30242)description
,publish
,revision_id
,state_machine_version_arn
andversion_description
attributes (#32176)BUG FIXES:
available
state whenidentifier_prefix
is specified (#32287)reading Route in Route Table (rtb-1234abcd) with destination (1.2.3.4/5): couldn't find resource
errors when reading new resource (#32196)security_group_id
is Required (#32148)security_group_id
is Required (#32148)v5.5.0
Compare Source
NOTES:
trust-ad
option in/etc/resolv.conf
and, if set, will set the "authentic data" option in outgoing DNS requests in order to better match the behavior of the GNU libc resolver. (#32108)FEATURES:
aws_sesv2_email_identity
(#32026)aws_sesv2_email_identity_mail_from_attributes
(#32026)aws_chimesdkvoice_sip_rule
(#32070)aws_organizations_resource_policy
(#32056)ENHANCEMENTS:
TF_LOG
level isTRACE
(#32174)exclusion_by_resource_types
andrecording_strategy
attributes to therecording_group
configuration block (#32007)object_tags
attribute tooptions
configuration block (#27811)BUG FIXES:
binary_media_types
isnull
(#32169)server_certificate
argument (#27811)reading EC2 EIP (eipalloc-abcd1234): couldn't find resource
errors when reading new resource (#32016)waiting for completion: unexpected state 'AVAILABLE'
errors when deleting resource (#32067)reading Route Table (rtb-abcd1234): couldn't find resource
errors when reading new resource (#30999)kms_encrypted
istrue
butkms_key_arn
is not sent in the request (#32171)v5.4.0
Compare Source
FEATURES:
aws_organizations_policies
(#31545)aws_organizations_policies_for_target
(#31682)aws_chimesdkvoice_sip_media_application
(#31937)aws_opensearchserverless_collection
(#31091)aws_opensearchserverless_security_config
(#28776)aws_opensearchserverless_vpc_endpoint
(#28651)ENHANCEMENTS:
catalog_id
argument totarget_table
block (#31926)BUG FIXES:
index out of range [0] with length 0
panic (#32004)subnets
is updated to an empty list (#31976)function_name
argument now properly handles ARN values (#31933)*conns.AWSClient is not ssm.ssmClient: missing method SSMClient
panic (#31928)v5.3.0
Compare Source
NOTES:
metadata_options.http_endpoint
argument now correctly defaults toenabled
. (#24774)replace_security_groups_on_destroy
andreplacement_security_group_ids
attributes are being deprecated as AWS no longer supports this operation. These attributes now have no effect, and will be removed in a future major version. (#31904)FEATURES:
aws_quicksight_theme
(#31900)aws_opensearchserverless_access_policy
(#28518)aws_opensearchserverless_security_policy
(#28470)aws_quicksight_theme
(#31900)ENHANCEMENTS:
cluster_namespace_arn
attribute (#31884)cluster_namespace_arn
attribute (#31884)private_dns_only_for_inbound_resolver_endpoint
attribute to thedns_options
configuration block (#31873)BUG FIXES:
efs_volume_configuration
has bothroot_volume
andauthorization_config
set. (#26880)metadata_options.http_endpoint
argument. (#24774)name
(#31352)keyspace_name
,table_name
and column names (#31352)availability_zone_relocation_enabled
to betrue
whenpublicly_accessible
istrue
(#31886)reading EC2 VPC (vpc-abcd1234) Attribute (enableDnsSupport): couldn't find resource
errors when reading new resource (#31877)v5.2.0
Compare Source
NOTES:
FEATURES:
aws_budgets_budget
(#31691)aws_ecr_pull_through_cache_rule
(#31696)aws_guardduty_finding_ids
(#31711)aws_iam_principal_policy_simulation
(#25569)aws_chimesdkvoice_global_settings
(#31365)aws_finspace_kx_cluster
(#31806)aws_finspace_kx_database
(#31803)aws_finspace_kx_environment
(#31802)aws_finspace_kx_user
(#31804)ENHANCEMENTS:
bgp_peer_address
andbgp_transit_gateway_addresses
attributes (#31752)retry_mode
parameter (#31745)bgp_peer_address
andbgp_transit_gateway_addresses
attributes (#31752)replace_existing_association
argument (#31452)Volumes
toactions.*.target
(#31499)instance_market_options
configuration block andinstance_lifecycle
andspot_instance_request_id
attributes (#31495)ruby3.2
runtime
value (#31842)ruby3.2
compatible_runtimes
value (#31842)CREATING_SNAPSHOT
a valid pending state for resource update (#31833)stream_exception_policy
option tofirewall_policy.stateful_engine_options
(#31541)config_parameter.parameter_key
(#31747)container.model_package_name
andprimary_container.model_package_name
arguments (#31755)BUG FIXES:
modifying
state (#31772)default_tags
to resourcetags
, and vice versa (#31826)Failed
scaling activities due to IAM eventual consistency (#31282)vlan_id
fromTypeString
toTypeInt
in Terraform state for existing resources. This fixes a regression introduced in v5.1.0 causinga number is required
errors (#31735)endpoint_configuration.weight
to0
(#31767)hls_cdn_settings
expander. (#31844)iam_roles
diffs when the namespace contains a workgroup (#31749)config_parameter
fromTypeList
toTypeSet
as order is not significant (#31747)ValidationException: Can't update multiple configurations at the same time
errors (#31747)v5.1.0
Compare Source
BREAKING CHANGES:
role_last_used
attribute has been removed. Use theaws_iam_role
data source instead. (#31656)NOTES:
load_balancers
andtarget_group_arns
attributes have been changed toComputed
. This means that omitting this argument is interpreted as ignoring any existing load balancer or target group attachments. To remove all load balancer or target group attachments an empty list should be specified. (#31527)role_last_used
attribute has been removed. Use theaws_iam_role
data source instead. See the community feedback provided in the linked issue for additional justification on this change. As the attribute is read-only, unlikely to be used as an input to another resource, and available in the corresponding data source, a breaking change in a minor version was deemed preferable to a long deprecation/removal cycle in this circumstance. (#31656)aqua_configuration_status
, since the AWS API ignores it. Now always returnsauto
. (#31612)FEATURES:
aws_vpclattice_resource_policy
(#31372)aws_autoscaling_traffic_source_attachment
(#31527)aws_emrcontainers_job_template
(#31399)aws_glue_data_quality_ruleset
(#31604)aws_quicksight_analysis
(#31542)aws_quicksight_dashboard
(#31448)aws_resourcegroups_resource
(#31430)ENHANCEMENTS:
traffic_source
attribute (#31527)off_peak_window_options
attribute (#30965)visibility
argument (#31369)log_config.cloudwatch_logs_role_arn
(#31369)traffic_source
configuration block (#31527)managed_execution
argument (#25210)skip_final_backup
argument (#31544)security_style
argument and mark as Computed (#31544)ontap_volume_type
attribute to be configurable (#31544)junction_path
is Optional (#31544)storage_efficiency_enabled
is Optional (#31544)skip_destroy
attribute (#29571)skip_destroy
argument (#31646)off_peak_window_options
configuration block (#30965)shadow_production_variants.serverless_config.provisioned_concurrency
arguments (#31398)TransferSecurityPolicy-2023-05
security_policy_name
value (#31536)BUG FIXES:
vlan_id
being returned as null (#31480)tags
arenull
and others arecomputed
(#31687)The AutoRollback parameter cannot be set to true when the DesiredConfiguration parameter is empty
errors when refreshing instances (#31715)origin_keepalive_timeout
(#31608)CREATION_FAILED
status (#31689)tags
in state (#31716)vlan_id
being returned as null (#31480)alarms
is updated (#31683)storage_virtual_machine_id
to ForceNew (#31544)volume_type
to ForceNew (#31544)user_group_resolution_mode
value to state after creation (#31669)hls_cdn_settings
expand (#31647)resource_tags
blocks are configured (#31393)db_cluster_instance_class
(#31709)Maintenance
(#31612)ConcurrentModification
error (#31588)v5.0.1
Compare Source
BUG FIXES:
null
(#31587)v5.0.0
Compare Source
BREAKING CHANGES:
minimum_compression_size
is now a string type to allow values set via thebody
attribute to be properly computed. (#30969)hours_of_operation_arn
attribute has been removed (#31484)db_security_groups
attribute has been removed (#30966)security_group_names
attribute has been removed (#30966)number_cache_clusters
,replication_group_description
arguments -- usenum_cache_clusters
, anddescription
, respectively, instead (#31008)statement.sid
values tojson
attribute value (#28539)source_json
andoverride_json
have been removed -- usesource_policy_documents
andoverride_policy_documents
, respectively, instead (#30829)filter
argument has been removed (#31312)filter
argument has been removed (#31312)vpc_classic_link_id
andvpc_classic_link_security_groups
attributes have been removed (#30966)cluster_security_groups
attribute has been removed (#30966)rotation_enabled
,rotation_lambda_arn
androtation_rules
attributes have been removed (#31487)allow_classic_link_to_remote_vpc
andallow_vpc_to_remote_classic_link
attributes have been removed (#30966)assume_role.duration_seconds
,assume_role_with_web_identity.duration_seconds
,s3_force_path_style
,shared_credentials_file
andskip_get_ec2_platforms
attributes have been removed (#31155)aws_subnet_ids
data source has been removed (#31140)aws_db_security_group
resource has been removed (#30966)aws_elasticache_security_group
resource has been removed (#30966)aws_redshift_security_group
resource has been removed (#30966)aws_macie_member_account_association
resource has been removed (#31058)aws_macie_s3_bucket_association
resource has been removed (#31058)status
attribute has been removed (#31084)minimum_compression_size
is now a string type to allow values set via thebody
attribute to be properly computed. (#30969)alb_target_group_arn
has been removed -- uselb_target_group_arn
instead (#30828)tags
attribute (#30842)cost_filters
attribute has been removed (#31395)threshold
attribute has been removed (#30374)ecs_target.propagate_tags
attribute now has no default value (#25233)secondary_sources.auth
andsource.auth
attributes have been removed (#31483)hours_of_operation_arn
attribute has been removed (#31484)quick_connect_ids_associated
attribute has been removed (#31376)queue_configs_associated
attribute has been removed (#31376)name
- usedb_name
instead (#31232)security_group_names
attribute has been removed (#30966)id
is no longer the AWS databaseidentifier
-id
is now thedbi-resource-id
. Refer toidentifier
instead ofid
to use the database's identifier (#31232)enable_classiclink
andenable_classiclink_dns_support
attributes have been removed (#30966)s3_settings.ignore_headers_row
has been removed (#30452)snapshot_identifier
change now properly forces replacement (#29409)status
attribute has been removed (#31223)security_groups
attribute has been removed (#31396)status
attribute has been removed (#31223)capacity_providers
anddefault_capacity_provider_strategy
attributes have been removed (#31346)standard
domain is no longer supported (#30966)standard
domain is no longer supported (#30966)security_group_names
attribute has been removed (#30966)availability_zones
,number_cache_clusters
,replication_group_description
arguments -- usepreferred_cache_cluster_azs
,num_cache_clusters
, anddescription
, respectively, instead (#31008)cluster_mode
configuration block -- use top-levelnum_node_groups
andreplicas_per_node_group
instead (#31008)s3_configuration
attribute from the root of the resource.s3_configuration
is now a part of the following blocks:elasticsearch_configuration
,opensearch_configuration
,redshift_configuration
,splunk_configuration
, andhttp_endpoint_configuration
(#31138)s3
as an option fordestination
. Useextended_s3
instead (#31138)extended_s3_configuration.0.s3_backup_configuration.0.buffer_size
andextended_s3_configuration.0.s3_backup_configuration.0.buffer_interval
toextended_s3_configuration.0.s3_backup_configuration.0.buffering_size
andextended_s3_configuration.0.s3_backup_configuration.0.buffering_interval
, respectively (#31141)redshift_configuration.0.s3_backup_configuration.0.buffer_size
andredshift_configuration.0.s3_backup_configuration.0.buffer_interval
toredshift_configuration.0.s3_backup_configuration.0.buffering_size
andredshift_configuration.0.s3_backup_configuration.0.buffering_interval
, respectively (#31141)s3_configuration.0.buffer_size
ands3_configuration.0.buffer_internval
tos3_configuration.0.buffering_size
ands3_configuration.0.buffering_internval
, respectively (#31141)vpc_classic_link_id
andvpc_classic_link_security_groups
attributes have been removed (#30966)ipv6_address
attribute has been removed (#31489)statemux_settings
attribute has been removed. Usestatmux_settings
argument instead (#31034)broker_node_group_info.ebs_volume_size
attribute has been removed (#31324)snapshot_identifier
change now properly forces replacement (#29409)policy_document
argument -- useaws_networkmanager_core_network_policy_attachment
resource instead (#30875)engine
argument is now required and has no default (#31112)snapshot_identifier
change now properly forces replacement (#29409)engine
argument is now required and has no default (#31112)cluster_security_groups
attribute has been removed (#30966)instance_id
can no longer be set in configurations. Usenetwork_interface_id
instead, for example, settingnetwork_interface_id
toaws_instance.test.primary_network_interface_id
. (#30804)route.*.instance_id
can no longer be set in configurations. Useroute.*.network_interface_id
instead, for example, settingnetwork_interface_id
toaws_instance.test.primary_network_interface_id
. (#30804)rotation_enabled
,rotation_lambda_arn
androtation_rules
attributes have been removed (#31487)provisioning_artifact_parameters
arguments now properly trigger a replacement. This fixes incorrect behavior, but may technically be breaking for configurations expecting non-functional in-place updates. (#31061)enable_classiclink
andenable_classiclink_dns_support
attributes have been removed (#30966)allow_classic_link_to_remote_vpc
andallow_vpc_to_remote_classic_link
attributes have been removed (#30966)allow_classic_link_to_remote_vpc
andallow_vpc_to_remote_classic_link
attributes have been removed (#30966)allow_classic_link_to_remote_vpc
andallow_vpc_to_remote_classic_link
attributes have been removed (#30966)statement.managed_rule_group_statement.excluded_rule
andstatement.rule_group_reference_statement.excluded_rule
attributes have been removed (#31374)redacted_fields.all_query_arguments
,redacted_fields.body
andredacted_fields.single_query_argument
attributes have been removed (#31486)NOTES:
description
instead of thereplication_group_description
argument (#31008)num_cache_clusters
instead of thenumber_cache_clusters
argument (#31008)kibana_endpoint
attribute has been deprecated. All configurations usingkibana_endpoint
should be updated to use thedashboard_endpoint
attribute instead (#31490)tags_all
attribute has been deprecated and will be removed in a future version (#31162)aws_redshift_service_account
data source has been deprecated and will be removed in a future version. AWS documentation states that a service principal name should be used instead of an AWS account ID in any relevant IAM policy (#31006)tags_all
attribute has been deprecated and will be removed in a future version (#31162)minimum_compression_size
set to pass the value as a string. Valid values remain the same. (#30969)lb_target_group_arn
instead ofalb_target_group_arn
which has been removed (#30828)source_ids
using theid
attribute ofaws_db_instance
must be updated to useidentifier
instead - for example,source_ids = [aws_db_instance.example.id]
must be updated tosource_ids = [aws_db_instance.example.identifier]
(#31232)replicate_source_db
using theid
attribute ofaws_db_instance
must be updated to useidentifier
instead - for example,replicate_source_db = aws_db_instance.example.id
must be updated toreplicate_source_db = aws_db_instance.example.identifier
(#31232)id
is, namely, a DBI Resource ID now versus DB Identifier previously, has far-reaching consequences. Configurations that refer to, for example,aws_db_instance.example.id
will now have errors and must be changed to useidentifier
instead, for example,aws_db_instance.example.identifier
(#31232)db_instance_identifier
using theid
attribute ofaws_db_instance
must be updated to useidentifier
instead - for example,db_instance_identifier = aws_db_instance.example.id
must be updated todb_instance_identifier = aws_db_instance.example.identifier
(#31232)db_instance_identifier
using theid
attribute ofaws_db_instance
must be updated to useidentifier
instead - for example,db_instance_identifier = aws_db_instance.example.id
must be updated todb_instance_identifier = aws_db_instance.example.identifier
(#31232)db_instance_identifier
using theid
attribute ofaws_db_instance
must be updated to useidentifier
instead - for example,db_instance_identifier = aws_db_instance.example.id
must be updated todb_instance_identifier = aws_db_instance.example.identifier
(#31232)snapshot_identifier
attribute will now trigger a replacement, rather than an in-place update. This corrects the previous behavior which resulted in a successful apply, but did not actually restore the cluster from the designated snapshot. (#29409)vpn_gateway_id
attribute has been deprecated. All configurations usingvpn_gateway_id
should be updated to use theassociated_gateway_id
attribute instead (#31384)description
instead of thereplication_group_description
argument (#31008)num_cache_clusters
instead of thenumber_cache_clusters
argument (#31008)preferred_cache_cluster_azs
instead of theavailability_zones
argument (#31008)num_node_groups
andreplicas_per_node_group
instead ofcluster_mode.0.num_node_groups
andcluster_mode.0.replicas_per_node_group
, respectively (#31008)log_group_name
attribute has been deprecated. All configurations usinglog_group_name
should be updated to use thelog_destination
attribute instead (#31382)auto_enable
argument has been deprecated. Use theauto_enable_organization_members
argument instead. (#30736)snapshot_identifier
attribute will now trigger a replacement, rather than an in-place update. This corrects the previous behavior which resulted in a successful apply, but did not actually restore the cluster from the designated snapshot. (#29409)aws_networkmanager_core_network_policy_attachment
resource instead of thepolicy_document
argument (#30875)engine_version
attribute no longer has a default value. When omitted, the underlying AWS API will use the latest OpenSearch engine version. (#31568)kibana_endpoint
attribute has been deprecated. All configurations usingkibana_endpoint
should be updated to use thedashboard_endpoint
attribute instead (#31490)snapshot_identifier
attribute will now trigger a replacement, rather than an in-place update. This corrects the previous behavior which resulted in a successful apply, but did not actually restore the cluster from the designated snapshot. (#29409)engine
argument must be updated to includeengine
as it is now required. Previously, not includingengine
was equivalent toengine = "aurora"
and created a MySQL-5.6-compatible cluster (#31112)engine
argument must be updated to includeengine
as it is now required. Previously, not includingengine
was equivalent toengine = "aurora"
and created a MySQL-5.6-compatible cluster instance (#31112)instance_id
can no longer be set in configurations, usenetwork_interface_id
instead. For example, setnetwork_interface_id
toaws_instance.test.primary_network_interface_id
. (#30804)route.*.instance_id
can no longer be set in configurations, useroute.*.network_interface_id
instead. For example, setnetwork_interface_id
toaws_instance.test.primary_network_interface_id
. (#30804)instance_id
attribute has been deprecated. All configurations usinginstance_id
should be updated to use thetargets
attribute instead (#31380)ENHANCEMENTS:
computed
tags
on resources (#30793)default_tags
and resourcetags
to include zero values""
(#30793)default_tags
can now be included and will be overwritten by resourcetags
(#30793)identifier
andidentifier_prefix
will no longer cause the database instance to be destroyed and recreated (#31232)vpc
attribute. Usedomain
instead (#31567)auto_enable_organization_members
attribute (#30736)s3_configuration
toelasticsearch_configuration
,opensearch_configuration
,redshift_configuration
,splunk_configuration
, andhttp_endpoint_configuration
(#31138)engine_version
default value (#31568)rule_action_override
onrule_group_reference_statement
(#31374)BUG FIXES:
instance_warmup_period
of0
in theauto_scaling_group_provider.managed_scaling
configuration block (#24005)metadata_options
to allow default condition (#30545)acl
default in order to work with S3 buckets that have ACL disabled (#27197)acl
default in order to work with S3 buckets that have ACL disabled (#27197)provisioning_artifact_parameters
arguments now properly trigger a replacement (#31061)vpcPeeringConnectionOptionsEqual
(#30966)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.
7b262cbef5
todd72b98f0f
dd72b98f0f
to6cf78fd88f
6cf78fd88f
to9c09f36586
9c09f36586
toe770b4856d
e770b4856d
to495f1315f7
495f1315f7
to713902dc01
713902dc01
to4915f102c5
4915f102c5
toffa93c51f3
ffa93c51f3
to8cec4bf78d
8cec4bf78d
to9607882ce6
9607882ce6
to9e71ed71f4
9e71ed71f4
to9567d80022
9567d80022
to39a05095f5
39a05095f5
toa7801ab775
a7801ab775
to8a33587d6d
8a33587d6d
to4fc1e7f9da
4fc1e7f9da
tod8ced0f10a
d8ced0f10a
to1147849d9a
1147849d9a
tod0a92dd89a
d0a92dd89a
to26e256ffb9
26e256ffb9
to333d433e9f
333d433e9f
tocb80ebabb7
cb80ebabb7
tob475bbde13
b475bbde13
to737a928d00
737a928d00
to7cf7b17c65
7cf7b17c65
toda4fbbbc78
da4fbbbc78
to044545b7be
044545b7be
to03876900b4
03876900b4
to312b52a796
312b52a796
toe6f25bedbf
e6f25bedbf
toa018dcf807
a018dcf807
toee0566b358
ee0566b358
toa947e68ae4
a947e68ae4
toc362f17e06
c362f17e06
toea8faeee3b
ea8faeee3b
to664eafa893
664eafa893
to51b9c81ad5
51b9c81ad5
to1f6bb1701e
1f6bb1701e
to038f9beb00
038f9beb00
to29cfc82031
29cfc82031
toc90320206a
c90320206a
toaac2bace3b
aac2bace3b
to95f92debd8
95f92debd8
to4b842e0f86
4b842e0f86
to7e539564b7
7e539564b7
to134abf7f8d
134abf7f8d
tocf1e0ffb94
cf1e0ffb94
toc52b6ae489
c52b6ae489
tocba6e200c3
cba6e200c3
to2d99c4c8a7
2d99c4c8a7
to3c8afaf873
3c8afaf873
tof87d17ccdf
f87d17ccdf
toc04c113756
c04c113756
to0a29eff318
0a29eff318
to374649a57b
374649a57b
to162b8ff7a7
162b8ff7a7
to8dfe64f199
8dfe64f199
toc149429ef1
c149429ef1
to2455a37654
2455a37654
to1e2f0aa5a7
1e2f0aa5a7
to8eb54350f4
8eb54350f4
toa3ed5d4e41
a3ed5d4e41
tof1303996ff
f1303996ff
to58cdb86e54
58cdb86e54
to97eae4f39c
97eae4f39c
to15f6372d1c
15f6372d1c
tod26e42be6d
d26e42be6d
to99a63654c8
99a63654c8
to281b76a649
281b76a649
to0b72f32bba
0b72f32bba
to33cdbc0e8c
33cdbc0e8c
to8ec66caa3f
8ec66caa3f
to0d52752d4d
0d52752d4d
to433a68550d
433a68550d
toa94a0f82df
a94a0f82df
to5dd2fe0189
5dd2fe0189
to1dfa4a82dd
1dfa4a82dd
toa7a5388d53
a7a5388d53
to4a8755499d
4a8755499d
to1e5e2ed816
1e5e2ed816
to9a6dfb1008
9a6dfb1008
tod62826026a
d62826026a
tof820fc4f10
f820fc4f10
toeac203a276
eac203a276
to999ba0a49a
999ba0a49a
to054b1ae341
054b1ae341
toe1e4d51fe0
e1e4d51fe0
to99da62e2bc
99da62e2bc
tod1352bc5d9
d1352bc5d9
tod4cdc89cac
d4cdc89cac
to087ad52ab8
087ad52ab8
to6a4a9ec851
6a4a9ec851
to94f2316fc2
94f2316fc2
toa63a2f2158
a63a2f2158
to560ec0a2a1
560ec0a2a1
to7fbef2a86b
7fbef2a86b
tocbde5d6182
cbde5d6182
to03865782d0
03865782d0
to6f72835eec
6f72835eec
to1ddcfd943d
1ddcfd943d
to90b3b92033
90b3b92033
to81ab54e707
81ab54e707
tof9497e3893
View command line instructions
Checkout
From your project repository, check out a new branch and test the changes.Merge
Merge the changes and update on Forgejo.Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.