Skip to content

Releases: hashicorp/terraform-provider-aws

v2.42.0

13 Dec 19:50
Compare
Choose a tag to compare

FEATURES:

  • New Resource: aws_ecs_capacity_provider [GH-11151]
  • New Resource: aws_media_convert_queue [GH-10041]
  • New Resource: aws_workspaces_ip_group [GH-10904]

ENHANCEMENTS:

  • resource/aws_apigateway_usage_plan: Add tags argument and arn attribute [GH-10566]
  • resource/aws_codebuild_project: Add ARM_CONTAINER as valid environment configuration block compute_type argument value [GH-11206]
  • resource/aws_ecs_cluster: Add capacity_providers argument and default_capacity_provider_strategy configuration block (support ECS Capacity Providers) [GH-11151]
  • resource/aws_ecs_service: Add capacity_provider_strategy configuration block (support ECS Capacity Providers) [GH-11151]
  • resource/aws_emr_cluster: Add step_concurrency_level argument [GH-11196]
  • resource/aws_lb_listener_rule: Support ALB advanced routing rules [GH-8268]

BUG FIXES:

  • provider: Prevent crash in planning IAM Policy equivalency checking with invalid Resource declarations (e.g. a list of list of strings) [GH-11107]
  • resource/aws_eks_cluster: Handle additional InvalidParameterException: Error in role params error during creation for IAM eventual consistency [GH-11127]
  • resource/aws_iam_role: Ignore additional NoSuchEntity errors on deletion [GH-11125]
  • resource/aws_network_interface: Prevent extraneous ModifyNetworkInterfaceAttribute API call during update [GH-11277]
  • resource/aws_security_group: Support ampersand (&) in ingress and egress configuration block description argument value validation [GH-9528]
  • resource/aws_security_group_rule: Support ampersand (&) in description argument value validation [GH-9528]

v2.41.0

04 Dec 03:05
Compare
Choose a tag to compare

FEATURES:

  • New Resource: aws_eks_fargate_profile (#11111)
  • New Resource: aws_lambda_provisioned_concurrency_config (#11129)

ENHANCEMENTS:

  • data-source/aws_route_table: adds attributes gateway_id and associations.gateway_id (#11122)
  • resource/aws_autoscaling_group: Add max_instance_lifetime argument (#10951)
  • resource/aws_autoscaling_group: Add mixed_instances_policy launch_template override configuration block weighted_capacity argument (#11004)
  • resource/aws_codebuild_project: Add Linux GPU worker (#11035)
  • resource/aws_docdb_cluster_instance: Add support for ca_cert_identifier parameter (#11041)
  • resource/aws_emr_cluster: Outputs EMR cluster ARN (#11078)
  • resource/aws_iam_access_key: Remove deprecation from secret and mark secret and ses_smtp_password to sensitive (#10908)
  • resource/aws_iam_user: Delete a user's virtual MFA devices when force_destroy is enabled (#11040)
  • resource/aws_route_table_association: adds attribute gateway_id (#11122)

BUG FIXES:

  • resource/aws_batch_compute_environment: Forces new resource when launch_template contents are changed (#11057)
  • resource/aws_datasync_location_s3: Automatically retry creation for IAM errors due to eventual consistency (#10984)
  • resource/aws_launch_template: Only set associate_public_ip_address on network interfaces if it's explicitly set to avoid problems with multiple network interfaces (#10157)

v2.40.0

27 Nov 00:00
Compare
Choose a tag to compare

NOTES:

  • resource/aws_datasync_task: The DataSync API and SDK have removed BEST_EFFORT as a valid value for the options configuration block posix_permissions argument. The value has been removed from the validation in this resource to match those changes. (#10985)

FEATURES:

  • New Resource: aws_dx_hosted_transit_virtual_interface (#8523)
  • New Resource: aws_dx_hosted_transit_virtual_interface_accepter (#8523)

ENHANCEMENTS:

  • data-source/aws_eks_cluster: Add vpc_config nested block cluster_security_group_id attribute (#11002)
  • resource/aws_cloudwatch_metric_alarm: Add threshold_metric_id argument (support Anomaly Detection metrics) (#9828)
  • resource/aws_codebuild_project: Add support for BUILD_GENERAL1_2XLARGE CodeBuild compute type [GH11015]
  • resource/aws_dx_private_virtual_interface: Support tagging-on-create (#9572)
  • resource/aws_dx_private_virtual_interface: Validate Virtual Interface type on import (#9572)
  • resource/aws_dx_public_virtual_interface: Validate Virtual Interface type on import (#9572)
  • resource/aws_ebs_snapshot: Support tagging-on-create and in-place tags updates (#10935)
  • resource/aws_ebs_snapshot_copy: Support tagging-on-create and in-place tags updates (#10936)
  • resource/aws_eks_cluster: Add vpc_config configuration block cluster_security_group_id attribute (#11002)
  • resource/aws_lambda_function: Support waiting for function creation and configuration updates (#11016)

BUG FIXES:

  • data-source/aws_iam_group: Ensure users attribute populates fully when group contains more than 100 users (#10993)
  • resource/aws_default_route_table: Return helpful not found error on resource creation instead of generic Provider produced inconsistent result after apply error when given invalid default_route_table_id argument value (#10981)
  • resource/aws_default_route_table: Propose resource recreation for missing Default Route Table on refresh instead of returning an error (#10981)

v2.39.0

21 Nov 14:59
Compare
Choose a tag to compare

FEATURES:

  • New Data Source: aws_guardduty_detector (#10463)
  • New Resource: aws_glue_workflow (#10891)

ENHANCEMENTS:

  • provider: Support for EC2 Metadata secure tokens (#10940)
  • resource/aws_glue_job: Add number_of_workers and worker_type arguments (#9115)
  • resource/aws_glue_job: Add tags argument and arn attribute (#10968)
  • resource/aws_glue_trigger: Add workflow_name argument (#9762)
  • resource/aws_glue_trigger: Add actions configuration block crawler_name argument (#10190)
  • resource/aws_glue_trigger: Add predicate conditions configuration block crawler_name and crawl_state arguments (#10190)
  • resource/aws_glue_trigger: Add tags argument and arn attribute (#10967)
  • resource/aws_iam_group_policy: Add IAM Policy JSON difference suppression and validation to policy argument (#9660)
  • resource/aws_lambda_event_source_mapping: Add maximum_batching_window_in_seconds argument (#10051)
  • resource/aws_lambda_function: Support java11, nodejs12.x, and python3.8 as valid runtime argument values in validation (#10938)
  • resource/aws_lambda_layer_version: Support java11, nodejs12.x, and python3.8 as valid compatible_runtimes argument values in validation (#10938)
  • resource/aws_resourcegroups_group: Add tags argument (#10640)

BUG FIXES:

  • data_source/aws_instance: Fixes a bug where multiple EBS volumes would get collapsed and only one would return (#10045)
  • resource/aws_appmesh_virtual_node: Allow FQDN values in service_discovery aws_cloud_map configuration block namespace_name and service_name argument validations (#9788)
  • resource/aws_batch_compute_environment: Propose resource recreation when updating compute_resources configuration block tags argument (#10937)
  • resource/aws_iam_instance_profile: Remove requirement to specify a role, as it is not required by the API (#10525)
  • resource/aws_opsworks_application: Fixes issue where terraform apply continuously suggests applying changes to ssh_key or password in app_source property (#10175)
  • resource/aws_opsworks_stack: Fixes issue where terraform apply continuously suggests applying changes to ssh_key or password in custom_cookbooks_source property (#10175)

v2.38.0

18 Nov 21:51
Compare
Choose a tag to compare

FEATURES:

  • New Resource: aws_eks_node_group (#10916)

v2.37.0

18 Nov 15:48
Compare
Choose a tag to compare

ENHANCEMENTS:

  • resource/aws_api_gateway_rest_api: Add tags argument and arn attribute (#10581)
  • resource/aws_cloudtrail: support Tag on create (#10818)
  • resource/aws_db_instance: Add ca_cert_identifier argument (#10490)
  • resource/aws_dlm_lifecycle_policy: Add tags argument and arn attribute (#10864)
  • resource/aws_efs_file_system: Add AFTER_7_DAYS as a valid lifecycle_policy configuratio block transition_to_ia argument value (#10825)
  • resource/aws_glue_crawler: Add tags argument (#10805)
  • resource/aws_s3_bucket_inventory: Add IntelligentTieringAccessTier as valid value for optional_fields argument (#10746)
  • resource/aws_waf_geo_match_set: Support resource import and add arn attribute (#10480)
  • resource/aws_waf_regex_match_set: Support resource import and add arn attribute (#10481)
  • resource/aws_waf_regex_pattern_set: Support resource import and add arn attribute (#10482)
  • resource/aws_waf_size_constraint_set: Support resource import and add arn attribute (#10484)
  • resource/aws_waf_xss_match_set: Support resource import and add arn attribute (#10485)
  • resource/aws_wafregional_rate_based_rule: Add tags argument and arn attribute (#10897)
  • resource/aws_wafregional_rule_group: Add tags argument and arn attribute (#10896)
  • resource/aws_wafregional_rule: Add tags argument and arn attribute (#10895)
  • resource/aws_wafregional_web_acl: Add tags argument (#10889)
  • resource/aws_wafregional_web_acl_association: Support resource import (#10538)

BUG FIXES:

  • data-source/aws_iam_policy_document: Prevent panic when combining single principal identifier with multiple principal identifiers (#10780)
  • data-source/aws_iam_policy_document: Prevent losing identifier elements when combining single and multiple principals identifiers (#10844)
  • resource/aws_servicequotas_service_quota: Remove resource from Terraform state on NoSuchResourceException error (#10735)

v2.36.0

14 Nov 21:36
Compare
Choose a tag to compare

ENHANCEMENTS:

  • data-source/aws_iam_group: Add users attribute (#7132)
  • resource/aws_apigateway_stage: Add arn attribute (#10570)
  • resource/aws_apigateway_usage_plan: Add tags argument and arn attribute (#10566)
  • resource/aws_s3_bucket: Retry reading tags on NoSuchBucket errors due to eventual inconsistency (#10863)
  • resource/aws_waf_rule: Add arn attribute (#10798)
  • resource/aws_waf_rule_group: Add arn attribute (#10799)

v2.35.0

07 Nov 21:56
Compare
Choose a tag to compare

NOTES:

  • provider: New ignore_tag_prefixes and ignore_tags arguments are being tested as a public preview for ignoring tags across all resources under a provider. Support for the functionality must be added to individual resources in the codebase and is only implemented for the aws_subnet and aws_vpc resources at this time. Until a general availability announcement, no compatibility promises are made with these provider arguments and their functionality. (#10418)

FEATURES:

  • New Data Source: aws_qldb_ledger (#10394)
  • New Resource: aws_qldb_ledger (#10394)

ENHANCEMENTS:

  • data-source/aws_db_cluster_snapshot: Add tags attribute (#10488)
  • data-source/aws_db_instance: Add tags attribute (#10550)
  • data-source/aws_vpc_endpoint: Add filter and tags arguments (#10503)
  • provider: Add ignore_tag_prefixes and ignore_tags arguments (in public preview, see note above) (#10418)
  • resource/aws_acmpca_certificate_authority: Support tagging on creation (#10736)
  • resource/aws_api_gateway_api_key: Add tags argument and arn attribute (#10568)
  • resource/aws_api_gateway_client_certificate: Add tags argument and arn attribute (#10569)
  • resource/aws_api_gateway_domain_name: Add tags argument and arn attribute (#10567)
  • resource/aws_api_gateway_vpc_link: Add tags argument and arn attribute (#10561)
  • resource/aws_cloudwatch_log_group: Support tagging on creation (#10753)
  • resource/aws_db_cluster_snapshot: Add tags argument (#10488)
  • resource/aws_ec2_fleet: Support in-place tags updates (#10761)
  • resource/aws_launch_template: Support tagging on creation (#10759)
  • resource/aws_mq_broker: Support in-place security_groups updates (#10442)
  • resource/aws_storagegateway_cached_iscsi_volume: Add tags argument (#10613)
  • resource/aws_storagegateway_gateway: Add tags argument (#10588)
  • resource/aws_storagegateway_nfs_file_share: Add tags argument (#10722)
  • resource/aws_subnet: Support provider-wide ignore tags (in public preview, see note above) (#10418)
  • resource/aws_swf_domain: Add tags argument and arn attribute (#10763)
  • resource/aws_vpc: Support provider-wide ignore tags (in public preview, see note above) (#10418)
  • resource/aws_waf_rate_based_rule: Add tags argument and arn attribute (#10479)

BUG FIXES:

  • data-source/aws_route53_resolver_rule: Do not retrieve tags for rules shared with the AWS account that owns the data source (#10348)
  • resource/aws_api_gateway_authorizer: Set authorizer_result_ttl_in_seconds argument default to 300 to match API default which properly allows setting to 0 for disabling caching (#9605)
  • resource/aws_autoscaling_group: Batch ELB attachments and detachments by 10 to prevent API and rate limiting errors (#10445)
  • resource/aws_s3_bucket_public_access_block: Remove from Terraform state when S3 Bucket is already destroyed (#10534)
  • resource/aws_ssm_maintenance_window_task: Prevent crashes with empty configuration blocks (#10713)

v2.34.0

31 Oct 18:13
Compare
Choose a tag to compare

ENHANCEMENTS:

  • resource/aws_ecr_repository: Add image_scanning_configuration configuration block (support image scanning on push) (#10671)
  • resource/aws_elasticache_replication_group: Add kms_key_id argument (support KMS encryption) (#10380)
  • resource/aws_flow_log: Add log_format argument (#10374)
  • resource/aws_glue_job: Add glue_version argument (#10237)
  • resource/aws_storagegateway_smb_file_share: Add tags argument (#10620)

BUG FIXES:

  • resource/aws_backup_plan: Correctly handle changes to recovery_point_tags arguments (#10641)
  • resource/aws_backup_plan: Prevent diffs didn't match errors with rule configuration blocks (#10641)
  • resource/aws_cloudhsm_v2_cluster: Ensure multiple tag configurations are applied correctly (#10309)
  • resource/aws_cloudhsm_v2_cluster: Perform drift detection with tags (#10309)
  • resource/aws_dx_gateway_association: Fix backwards compatibility issue with missing dx_gateway_association_id attribute (#8776)
  • resource/aws_s3_bucket: Bypass MethodNotAllowed errors for Object Lock Configuration on read (support AWS C2S) (#10657)

v2.33.0

17 Oct 09:28
Compare
Choose a tag to compare

FEATURES:

  • New Data Source: aws_waf_rate_based_rule (#10124)
  • New Data Source: aws_wafregional_rate_based_rule (#10125)
  • New Resource: aws_quicksight_user (#10401)

ENHANCEMENTS:

  • resource/aws_glue_classifier: Add csv_classifier configuration block (support CSV classifiers) (#9824)
  • resource/aws_waf_byte_match_set: Support resource import (#10477)
  • resource/aws_waf_rate_based_rule: Support resource import (#10475)
  • resource/aws_waf_rule: Add tags argument (#10408)
  • resource/aws_waf_rule_group: Add tags argument (#10408)
  • resource/aws_waf_web_acl: Add tags argument (#10408)

BUG FIXES:

  • resource/aws_gamelift_fleet: Increase default deletion timeout to 20 minutes to match service timing (#10443)