v5.59.0

Compare Source

FEATURES:

• resource/aws_kinesis_firehose_delivery_stream: Add secrets_manager_configuration to redshift_configuration, snowflake_configuration, and splunk_configuration (#​38151)
• New Data Source: aws_cloudfront_origin_access_control (#​36301)
• New Data Source: aws_timestreamwrite_database (#​36368)
• New Data Source: aws_timestreamwrite_table (#​36599)
• New Resource: aws_datazone_project (#​38345)
• New Resource: aws_grafana_workspace_service_account (#​38101)
• New Resource: aws_grafana_workspace_service_account_token (#​38101)
• New Resource: aws_rds_certificate (#​35003)
• New Resource: aws_rekognition_stream_processor (#​37536)

ENHANCEMENTS:

• data-source/aws_elasticache_replication_group: Add cluster_mode attribute (#​38002)
• data-source/aws_lakeformation_data_lake_settings: Add allow_full_table_external_data_access attribute (#​34474)
• data-source/aws_msk_cluster: Add broker_node_group_info attribute (#​37705)
• resource/aws_bedrockagent_agent : Add skip_resource_in_use_check argument (#​37586)
• resource/aws_bedrockagent_agent_action_group: Add action_group_executor.custom_control argument (#​37484)
• resource/aws_bedrockagent_agent_action_group: Add function_schema configuration block (#​37484)
• resource/aws_bedrockagent_agent_alias : Add routing_configuration.provisioned_throughput argument (#​37520)
• resource/aws_codebuild_webhook: Add scope_configuration argument (#​38199)
• resource/aws_codepipeline: Add timeout_in_minutes argument to the action configuration block (#​36316)
• resource/aws_db_instance: Add engine_lifecycle_support argument (#​37708)
• resource/aws_ecs_cluster: Add configuration.managed_storage_configuration argument (#​37932)
• resource/aws_elasticache_replication_group: Add cluster_mode argument (#​38002)
• resource/aws_emrserverless_application: Add interactive_configuration argument (#​37889)
• resource/aws_fis_experiment_template: Add experiment_options configuration block (#​36900)
• resource/aws_fsx_lustre_file_system: Add final_backup_tags and skip_final_backup arguments (#​37717)
• resource/aws_fsx_ontap_volume: Add final_backup_tags argument (#​37717)
• resource/aws_fsx_openzfs_file_system: Add delete_options and final_backup_tags arguments (#​37717)
• resource/aws_fsx_windows_file_system: Add final_backup_tags argument (#​37717)
• resource/aws_imagebuilder_image_pipeline: Add execution_role and workflow arguments (#​37317)
• resource/aws_kinesis_firehose_delivery_stream: Add secrets_manager_configuration to http_endpoint_configuration (#​38245)
• resource/aws_kinesisanalyticsv2_application: Support FLINK-1_19 as a valid value for runtime_environment (#​38350)
• resource/aws_lakeformation_data_lake_settings: Add allow_full_table_external_data_access attribute (#​34474)
• resource/aws_lb_target_group: Add target_group_health configuration block (#​37082)
• resource/aws_msk_replicator: Add starting_position argument (#​36968)
• resource/aws_rds_cluster: Add engine_lifecycle_support argument (#​37708)
• resource/aws_rds_global_cluster: Add engine_lifecycle_support argument (#​37708)
• resource/aws_redshift_cluster_snapshot: Set arn from DescribeClusterSnapshots API response (#​37996)
• resource/aws_vpclattice_listener: Support TLS_PASSTHROUGH as a valid value for protocol (#​37964)
• resource/aws_wafv2_web_acl: Add enable_machine_learning to aws_managed_rules_bot_control_rule_set configuration block (#​37006)

BUG FIXES:

• data-source/aws_efs_access_point: Set id the the access point ID, not the file system ID. This fixes a regression introduced in v5.58.0 (#​38372)
• data-source/aws_lb_listener: Correctly set default_action.target_group_arn (#​37348)
• resource/aws_chime_voice_connector_group: Properly handle voice connector groups deleted out of band (#​36774)
• resource/aws_codebuild_project: Fix unsetting concurrent_build_limit (#​37748)
• resource/aws_codepipeline: Mark trigger as Computed (#​36316)
• resource/aws_ecs_service: Change volume_configuration.managed_ebs_volume.throughput from TypeString to TypeInt (#​38109)
• resource/aws_elasticache_replication_group: Allows setting replicas_per_node_group to 0 and sets the maximum to 5. (#​38396)
• resource/aws_elasticache_replication_group: Requires description. (#​38396)
• resource/aws_elasticache_replication_group: When num_cache_clusters is set, prevents setting replicas_per_node_group. (#​38396)
• resource/aws_elasticache_replication_group: num_cache_clusters must be at least 2 when automatic_failover_enabled is true. (#​38396)
• resource/aws_elastictranscoder_pipeline: Properly handle NotFound exceptions during deletion (#​38018)
• resource/aws_elastictranscoder_preset: Properly handle NotFound exceptions during deletion (#​38018)
• resource/aws_lb_target_group: Use the configured ip_address_type value when target_type is instance (#​36423)
• resource/aws_lb_trust_store: Wait until trust store is ACTIVE on resource Create (#​38332)
• resource/aws_pinpoint_app: Fix interface conversion: interface {} is nil, not map[string]interface {} panic when campaign_hook is empty ({}) (#​38323)
• resource/aws_transfer_server: Add supported values TransferSecurityPolicy-FIPS-2024-05, TransferSecurityPolicy-Restricted-2018-11, and TransferSecurityPolicy-Restricted-2020-06 for the security_policy_name argument (#​38425)

v5.58.0

Compare Source

FEATURES:

• New Resource: aws_cloudwatch_log_account_policy (#​38328)
• New Resource: aws_verifiedpermissions_identity_source (#​38181)

ENHANCEMENTS:

• data-source/aws_launch_template: Add network_interfaces.primary_ipv6 attribute (#​37142)
• data-source/aws_mskconnect_connector: Add tags attribute (#​38270)
• data-source/aws_mskconnect_custom_plugin: Add tags attribute (#​38270)
• data-source/aws_mskconnect_worker_configuration: Add tags attribute (#​38270)
• data-source/aws_oam_link: Add link_configuration attribute (#​38277)
• resource/aws_cloudformation_stack_set_instance: Extend deployment_targets argument. (#​37898)
• resource/aws_cloudtrail_event_data_store: Add billing_mode argument (#​38273)
• resource/aws_db_instance: Fix InvalidParameterCombination: A parameter group can't be specified during Read Replica creation for the following DB engine: postgres errors (#​38227)
• resource/aws_ec2_capacity_reservation: Add configurable timeouts (#​36754)
• resource/aws_ec2_capacity_reservation: Retry InsufficientInstanceCapacity errors (#​36754)
• resource/aws_eks_cluster: Add bootstrap_self_managed_addons argument (#​38162)
• resource/aws_fms_policy: Add resource_set_ids attribute (#​38161)
• resource/aws_fsx_ontap_file_system: Add 384, 768, 1536, 3072, and 6144 as valid values for throughput_capacity (#​38308)
• resource/aws_fsx_ontap_file_system: Add 384, 768, and 1536 as valid values for throughput_capacity_per_ha_pair (#​38308)
• resource/aws_fsx_ontap_file_system: Add MULTI_AZ_2 as a valid value for deployment_type (#​38308)
• resource/aws_globalaccelerator_cross_account_attachment: Add cidr_block argument to resource configuration block (#​38196)
• resource/aws_iam_server_certificate: Add configurable delete timeout (#​38212)
• resource/aws_launch_template: Add network_interfaces.primary_ipv6 argument (#​37142)
• resource/aws_mskconnect_connector: Add tags argument and tags_all attribute (#​38270)
• resource/aws_mskconnect_custom_plugin: Add tags argument and tags_all attribute (#​38270)
• resource/aws_mskconnect_worker_configuration: Add tags argument and tags_all attribute (#​38270)
• resource/aws_mskconnect_worker_configuration: Add resource deletion logic (#​38270)
• resource/aws_oam_link: Add link_configuration argument (#​38277)
• resource/aws_rds_cluster: Add ca_certificate_identifier argument and ca_certificate_valid_till attribute (#​37108)
• resource/aws_ssm_association: Add tags argument and tags_all attribute (#​38271)

BUG FIXES:

• aws_dx_lag: Checks for errors other than NotFound when reading. (#​38292)
• aws_dynamodb_kinesis_streaming_destination: Checks for errors other than NotFound when reading. (#​38292)
• aws_ec2_capacity_block_reservation: Checks for errors other than NotFound when reading. (#​38292)
• aws_opensearchserverless_access_policy: Checks for errors other than NotFound when reading. (#​38292)
• aws_opensearchserverless_collection: Checks for errors other than NotFound when reading. (#​38292)
• aws_opensearchserverless_security_config: Checks for errors other than NotFound when reading. (#​38292)
• aws_opensearchserverless_security_policy: Checks for errors other than NotFound when reading. (#​38292)
• aws_opensearchserverless_vpc_endpoint: Checks for errors other than NotFound when reading. (#​38292)
• aws_ram_principal_association: Checks for errors other than NotFound when reading. (#​38292)
• aws_route_table: Checks for errors other than NotFound when reading. (#​38292)
• data-source/aws_ecr_repository: Fix issue where the tags attribute is not set (#​38272)
• data-source/aws_eks_cluster: Add access_config.bootstrap_cluster_creator_admin_permissions attribute (#​38295)
• resource/aws_appstream_fleet: Support 0 as a valid value for idle_disconnect_timeout_in_seconds (#​38274)
• resource/aws_cloudformation_stack_set_instance: Add ForceNew to deployment_targets attributes to ensure a new resource is recreated when the deployment_targets argument is changed, which was not the case previously. (#​37898)
• resource/aws_db_instance: Correctly mark incomplete instances as tainted during creation (#​38252)
• resource/aws_eks_cluster: Set access_config.bootstrap_cluster_creator_admin_permissions to true on Read for clusters with no access_config configured. This allows in-place updates of existing clusters when access_config is configured (#​38295)
• resource/aws_elasticache_serverless_cache: Allow cache_usage_limits.data_storage.maximum, cache_usage_limits.data_storage.minimum, cache_usage_limits.ecpu_per_second.maximum and cache_usage_limits.ecpu_per_second.minimum to be updated in-place (#​38269)
• resource/aws_mskconnect_connector: Fix interface conversion: interface {} is nil, not map[string]interface {} panic when log_delivery.worker_log_delivery is empty ({}) (#​38270)

v5.57.0

Compare Source

FEATURES:

• New Data Source: aws_appstream_image (#​38225)
• New Data Source: aws_cognito_user_pool (#​37399)
• New Data Source: aws_ec2_transit_gateway_peering_attachments (#​25743)
• New Data Source: aws_transfer_connector (#​38213)

ENHANCEMENTS:

• data-source/aws_backup_plan: Add rule attribute (#​37890)
• resource/aws_amplify_domain_association: Add certificate_settings argument (#​37105)
• resource/aws_ec2_transit_gateway_peering_attachment: Add options argument (#​36902)
• resource/aws_iot_authorizer: Add tags argument (#​37152)
• resource/aws_iot_topic_rule: Add cloudwatch_logs.batch_mode and error_action.cloudwatch_logs.batch_mode arguments (#​36772)
• resource/aws_sagemaker_endpoint_configuration: Add support for InputAndOutput in capture_mode (#​37726)

BUG FIXES:

• resource/aws_iot_provisioning_template: Fix pre_provisioning_hook update operation (#​37152)
• resource/aws_iot_topic_rule: Retry IAM eventual consistency errors on Update (#​36286)

v5.56.1

Compare Source

BUG FIXES:

• data-source/aws_cognito_user_pool_client: Fix InvalidParameterException: 2 validation errors detected errors on Read (#​38168)
• resource/aws_cognito_user: Fix a bug that caused resource recreation for resources imported with certain import ID formats (#​38182)
• resource/aws_cognito_user_pool: Fix runtime error: index out of range [0] with length 0 panic when adding lambda_config (#​38184)

v5.56.0

Compare Source

FEATURES:

• New Resource: aws_appfabric_app_authorization_connection (#​38084)
• New Resource: aws_appfabric_ingestion (#​37291)
• New Resource: aws_appfabric_ingestion_destination (#​37627)
• New Resource: aws_networkfirewall_tls_inspection_configuration (#​35168)
• New Resource: aws_networkmonitor_monitor (#​35722)
• New Resource: aws_networkmonitor_probe (#​35722)

ENHANCEMENTS:

• resource/aws_controltower_control: Add parameters argument and arn attribute (#​38071)
• resource/aws_networkfirewall_logging_configuration: Add plan-time validation of firewall_arn (#​35168)
• resource/aws_quicksight_account_subscription: Add iam_identity_center_instance_arn attribute (#​36830)
• resource/aws_route53_resolver_firewall_rule: Add firewall_domain_redirection_action argument (#​37242)
• resource/aws_route53_resolver_firewall_rule: Add q_type argument (#​38074)
• resource/aws_sagemaker_domain: Add default_user_settings.canvas_app_settings.generative_ai_settings configuration block (#​37139)
• resource/aws_sagemaker_domain: Add default_user_settings.code_editor_app_settings.custom_image configuration block (#​37153)
• resource/aws_sagemaker_endpoint_configuration: Add production_variants.inference_ami_version and shadow_production_variants.inference_ami_version arguments (#​38085)
• resource/aws_sagemaker_user_profile: Add user_settings.canvas_app_settings.generative_ai_settings configuration block (#​37139)
• resource/aws_sagemaker_user_profile: Add user_settings.code_editor_app_settings.custom_image configuration block (#​37153)
• resource/aws_sagemaker_workforce: add oidc_config.authentication_request_extra_params and oidc_config.scope arguments (#​38078)
• resource/aws_sagemaker_workteam: Add worker_access_configuration attribute (#​38087)
• resource/aws_wafv2_web_acl: Add sensitivity_level argument to sqli_match_statement configuration block (#​38077)

BUG FIXES:

• data-source/aws_ecs_service: Correctly set tags (#​38067)
• resource/aws_drs_replication_configuration_template: Fix issues preventing creation and deletion (#​38143)

v5.55.0

Compare Source

FEATURES:

• New Resource: aws_drs_replication_configuration_template (#​26399)

ENHANCEMENTS:

• data-source/aws_autoscaling_group: Add mixed_instances_policy.launch_template.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price attribute (#​38003)
• data-source/aws_glue_catalog_table: Add additional_locations argument in storage_descriptor (#​37891)
• data-source/aws_launch_template: Add instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price attribute (#​38003)
• data-source/aws_networkmanager_core_network_policy_document: Add attachment_policies.action.add_to_network_function_group argument (#​38013)
• data-source/aws_networkmanager_core_network_policy_document: Add network_function_groups configuration block (#​38013)
• data-source/aws_networkmanager_core_network_policy_document: Add send-via and send-to as valid values for segment_actions.action (#​38013)
• data-source/aws_networkmanager_core_network_policy_document: Add single-hop and dual-hop as valid values for segment_actions.mode (#​38013)
• data-source/aws_networkmanager_core_network_policy_document: Add when_sent_to and via configuration blocks to segment_actions (#​38013)
• resource/aws_api_gateway_integration: Increase maximum value of timeout_milliseconds from 29000 (29 seconds) to 300000 (5 minutes) (#​38010)
• resource/aws_appsync_api_key: Add api_key_id attribute (#​36568)
• resource/aws_autoscaling_group: Add mixed_instances_policy.launch_template.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price argument (#​38003)
• resource/aws_autoscaling_group: Add plan-time validation of warm_pool.max_group_prepared_capacity and warm_pool.min_size (#​37174)
• resource/aws_docdb_cluster: Add restore_to_point_in_time argument (#​37716)
• resource/aws_dynamodb_table: Adds validation for ttl values. (#​37991)
• resource/aws_ec2_fleet: Add launch_template_config.override.instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price argument (#​38003)
• resource/aws_glue_catalog_table: Add additional_locations argument in storage_descriptor (#​37891)
• resource/aws_glue_job: Add maintenance_window argument (#​37760)
• resource/aws_launch_template: Add instance_requirements.max_spot_price_as_percentage_of_optimal_on_demand_price argument (#​38003)

BUG FIXES:

• data-source/aws_ami: Fix interface conversion: interface {} is types.ProductCodeValues, not string panic (#​37977)
• data-source/aws_networkmanager_core_network_policy_document: Add correct except values to the returned JSON document when segment_actions.share_with_except is configured (#​38013)
• provider: Now falls back to non-FIPS endpoint if use_fips_endpoint is set and no FIPS endpoint is available (#​38057)
• resource/aws_autoscaling_group: Fix bug updating warm_pool.max_group_prepared_capacity to 0 (#​37174)
• resource/aws_dynamodb_table: Fixes perpetual diff when ttl.attribute_name is set when ttl.enabled is not set. (#​37991)
• resource/aws_ec2_network_insights_path: Mark destination as Optional (#​36966)
• resource/aws_lambda_event_source_mapping: Remove the upper limit on scaling_config.maximum_concurrency (#​37980)
• service/transitgateway: Fix resource Read pagination regression causing NotFound errors (#​38011)