chore(deps): update terraform aws to v5 #42
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
~> 4.0
->~> 5.0
Release Notes
hashicorp/terraform-provider-aws (aws)
v5.74.0
Compare Source
FEATURES:
aws_lb_listener_rule
(#39865)aws_opensearch_authorize_vpc_endpoint_access
(#39846)aws_ssmquicksetup_configuration_manager
(#39931)ENHANCEMENTS:
distribution.s3_export_configuration
attribute (#35492)block_device_mapping.0.ebs.0.delete_on_termination: '' expected type 'bool', got unconvertible type 'string'
errors (#39928)termination_hook_enabled
argument (#35482)zonal_shift_config
argument (#39852)distribution.s3_export_configuration
argument (#35492)container_recipe_arn
andimage_recipe_arn
to be updated in-place (#39117)replication_specification
argument (#36331)efa-only
as a valid value fornetwork_interfaces.interface_type
(#39882)TransferSecurityPolicy-Restricted-2024-06
as a valid value forsecurity_policy_name
(#39871)BUG FIXES:
master_password
on resource Create whensnapshot_identifier
is configured (#38193)component.parameter.name
,component.parameter.value
,target_repository.repository_name
, andtarget_repository.service
to ForceNew (#39117)interface conversion: interface {} is nil, not map[string]interface {}
panic whengeolocation_routing_policy
is empty (#39944)approval_rule.approve_after_days
validation to allow a maximum value of360
(#39949)decoding JSON: unexpected end of JSON input
errors when updating from usingrule_json
to usingrule
(#39283)rule_json
(#39878)v5.73.0
Compare Source
FEATURES:
aws_ssm_patch_baselines
(#39779)aws_imagebuilder_lifecycle_policy
(#35674)aws_resiliencehub_resiliency_policy
(#38913)aws_sagemaker_hub
(#39807)aws_sagemaker_mlflow_tracking_server
(#39796)ENHANCEMENTS:
valkey
as valid value forproduct_description
(#39745)parameters
map attribute to readCROSS_ACCOUNT_VERSION
(#39826)enable_zonal_shift
attribute (#39585)min_size
andmax_size
(#39843)zonal_config
argument (#34850)approximate_creation_date_time_precision
argument (#38098)valkey
as valid value forengine
(#39745)engine_version
(#39745)engine_version
(#39745)valkey
as valid value forengine
(#39745)valkey
as valid value forengine
(#39745)iceberg_configuration
argument (#39844)parameters
map argument enablingCROSS_ACCOUNT_VERSION
to be set (#39826)enable_zonal_shift
argument (#39585)tcp_idle_timeout_seconds
argument (#39585)name
argument (#39798)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)default_user_settings.jupyter_lab_app_settings.app_lifecycle_management
,default_user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,default_user_settings.jupyter_lab_app_settings.emr_settings
,default_space_settings.jupyter_lab_app_settings.app_lifecycle_management
,default_space_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,default_space_settings.jupyter_lab_app_settings.emr_settings
,default_user_settings.auto_mount_home_efs
,default_user_settings.canvas_app_settings.emr_serverless_settings
,default_user_settings.studio_web_portal_settings.hidden_instance_types
,default_user_settings.code_editor_app_settings.app_lifecycle_management
,default_user_settings.code_editor_app_settings.built_in_lifecycle_config_arn
, andtag_propagation
arguments (#39774)app_network_access_type
andapp_security_group_management
to be updated in-place (#39774)feature_definition.collection_config
,feature_definition.collection_type
, andthroughput_config
arguments (#39805)space_settings.code_editor_app_settings.app_lifecycle_management
andspace_settings.jupyter_lab_app_settings.app_lifecycle_management
arguments (#39800)user_settings.auto_mount_home_efs
,user_settings.canvas_app_settings.emr_serverless_settings
,user_settings.code_editor_app_settings.app_lifecycle_management
,user_settings.code_editor_app_settings.built_in_lifecycle_config_arn
,user_settings.jupyter_lab_app_settings.app_lifecycle_management
,user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,user_settings.jupyter_lab_app_settings.emr_settings
anduser_settings.studio_web_portal_settings.hidden_instance_types
arguments (#39774)BUG FIXES:
name
. This fixes a regression introduced in v5.72.0 causingmultiple WorkSpaces Bundles matched; use additional constraints to reduce matches to a single WorkSpaces Bundle
errors (#39777)on_demand_throughput
is excluded (#39784)policy
content is written to state (#39842)InvalidParameterValue: This API supports only cross-engine upgrades to Valkey engine currently
errors on Update (#39745)policy
content is written to state (#39842)policy
content is written to state (#39842)policy
content is written to state (#39842)InvalidParameterValueException: Invalid RowLevelPermissionDataSet. Namespace parameter should not be specified for Version 2
errors on Create and Update (#39778)ttl=0
(#39728)policy
content is written to state (#39842)policy
content is written to state (#39842)v5.72.1
Compare Source
FEATURES:
aws_iam_group_policy_attachments_exclusive
(#39732)aws_iam_user_policy_attachments_exclusive
(#39731)ENHANCEMENTS:
scope
argument (#39744)BUG FIXES:
billing_mode
is set toPAY_PER_REQUEST
withoutglobal_secondary_index
updates (#39752)AGGREGATOR
indexes as tainted on Create (#39744)v5.72.0
Compare Source
NOTES:
managed_policy_arns
argument is deprecated. Use theaws_iam_role_policy_attachments_exclusive
resource instead. (#39718)FEATURES:
aws_iam_role_policy_attachments_exclusive
(#39718)ENHANCEMENTS:
saml_properties
attribute (#39060)source_flow_config.source_connector_properties.sapo_data.pagination_config
andsource_flow_config.source_connector_properties.sapo_data.parallelism_config
attributes (#38932)aws:RequestTag
conditions (#39648)appsync_target
configuration block (#37773)on_demand_throughput
andglobal_secondary_index.on_demand_throughput
arguments (#37799)serverlessv2_scaling_configuration.max_capacity
andserverlessv2_scaling_configuration.min_capacity
from128
to256
(#39697)storage-optimization
status as success when creating or updating cluster DB instances (#39691)saml_properties
configuration block (#39060)BUG FIXES:
arn
for automation documents (#39705)schema
has emptystring_attribute_constraints
ornumber_attribute_constraints
(#20386)arn
for automation documents (#39705)v5.70.0
Compare Source
NOTES:
aws_simpledb_domain
resource has been deprecated and will be removed in a future version. Use Amazon DynamoDB instead (#39536)aws_worklink_fleet
resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)aws_worklink_website_certificate_authority_association
resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)FEATURES:
aws_backup_logically_air_gapped_vault
(#39098)aws_ec2_transit_gateway_default_route_table_association
(#39496)aws_ec2_transit_gateway_default_route_table_propagation
(#39517)aws_iam_group_policies_exclusive
(#39554)aws_iam_user_policies_exclusive
(#39544)aws_securityhub_standards_control_association
(#39511)ENHANCEMENTS:
start_time
attribute (#39557)prepare_agent
argument (#39486)vector_ingestion_configuration.custom_transformation_configuration
argument (#39556)endpoint_configuration.attachment_arn
argument (#39507)tags
argument andtags_all
attribute (#39535)arn
attribute (#39535)tags
argument andtags_all
attribute (#39535)transition_default_minimum_object_size
argument (#39578)BUG FIXES:
customer_encryption_key_arn
not being passed during update (#39565)prompt_override_configuration
not being passed when not modified (#39565)knowledge_base_configuration
andstorage_configuration
to ForceNew (#39567)security_group_referencing_support
argument and mark as Computed. This suppresses the diffs shown for resources created with v5.68.0 (or earlier) (#39519)policy_version
computed attribute changing (#39528)policy_version
computed attribute changing (#39528)sheets.filter_controls.list.cascading_control_configuration
andsheets.parameter_controls.list.cascading_control_configuration
attributes (#39453)v5.69.0
Compare Source
NOTES:
(account-id).ddb.(region).amazonaws.com
instead ofdynamodb.(region).amazonaws.com
. If your network configuration blocks outgoing traffic to DynamoDB based on DNS names or endpoint URLs, you must adjust your configuration, because the service's DNS name will change. You may instead disable account-based endpoints for DynamoDB by settingaccount_id_endpoint_mode = disabled
in a shared config file or setting theAWS_ACCOUNT_ID_ENDPOINT_MODE
environment variable todisabled
(#39505)1.23.1
. The issue with AWS Network Firewall dropping TLS handshakeClientHello
messages after the v5.65.0 upgrade to Go1.23.0
, temporarily resolved by the v5.67.0 downgrade to Go1.22.7
, has been addressed by removing theX25519Kyber768Draft00
key exchange mechanism from the HTTP client used to make AWS API calls (#39432)ENHANCEMENTS:
tags
attribute (#39402)security_group_referencing_support
attribute (#34542)security_group_referencing_support
attribute (#34542)failure_code
andfailure_reason
attributes (#38995)guardrail_configuration
argument (#39440)tags
argument andtags_all
attribute (#39402)security_group_referencing_support
argument (#34542)security_group_referencing_support
argument (#34542)security_group_referencing_support
argument (#34542)volume_configuration.managed_ebs_volume.tag_specifications
attribute (#38662)display_name
to be updated in-place (#39416)credentials.secret_arn
argument (#29034)BUG FIXES:
security_group_ids
. This requires a call to the EC2DescribeVpcEndpoints
API (#39454)ap-southeast-5
Region (#39389)name
attribute. (#38993)name
attribute. (#38993)ConcurrentModificationException
s during role creation (#39429)AccessDeniedException: Lambda code scanning is not supported in ...
errors (#38254)AccessDeniedException
errors during creation (#38254)name
andvpc_id
to ForceNew (#39454)security_group_ids
. This requires a call to the EC2DescribeVpcEndpoints
API (#39454)v5.68.0
Compare Source
NOTES:
inline_policy
argument is deprecated. Use theaws_iam_role_policy
resource instead. If Terraform should exclusively manage all inline policy associations (the current behavior of this argument), use theaws_iam_role_policies_exclusive
resource as well. (#39203)composite_slot_type_setting
block, thesubslots
argument has been renamedsub_slots
. See the linked pull request for additional justification on this change. The previous misnaming effectively made this argument unusable, therefore a breaking change in a minor version was deemed acceptable. (#39353)FEATURES:
aws_elasticache_reserved_cache_node_offering
(#29832)aws_securityhub_standards_control_associations
(#39334)aws_synthetics_runtime_version
(#39180)aws_synthetics_runtime_versions
(#39180)aws_appsync_source_api_association
(#39323)aws_elasticache_reserved_cache_node
(#29832)aws_iam_role_policies_exclusive
(#39203)aws_pinpointsmsvoicev2_opt_out_list
(#25036)aws_pinpointsmsvoicev2_phone_number
(#25036)aws_sesv2_account_suppression_attributes
(#39325)ENHANCEMENTS:
iam_role_arn
argument tos3_action
configuration block (#39364)name
length to 255 characters (#39315)BUG FIXES:
assume_role.role_arn
to be an empty string when there is a singleassume_role
entry. (#39328)environment_variables
argument (#39397)Managed by DynamoDB
encryption setting (#31284)engine_version
mismatch with RabbitMQ 3.13 and ActiveMQ 5.18 and above (#39024)endpoint_management = "CUSTOMER"
(#39394)policy
(#39322)v5.67.0
Compare Source
BREAKING CHANGES:
value_selection_setting.advanced_recognition_setting
block, theaudio_recognition_setting
argument has been renamedaudio_recognition_strategy
(#39254)NOTES:
1.22.6
. A small number of users have reported failed or hanging network connections using the version of the Terraform AWS provider which was first built with Go1.23.0
(v5.65.0
). At this point, maintainers have been unable to reproduce failures, but enough distinct users have reported issues that we are going to attempt downgrading to Go1.22.6
for the next provider release. We will continue to coordinate with users and AWS in an attempt to identify the root cause, using this upcoming release with a reverted Go build version as a data point. (#39256)value_selection_setting.advanced_recognition_setting
block, theaudio_recognition_setting
argument has been renamedaudio_recognition_strategy
. See the linked pull request for additional justification on this change. The previous misnaming effectively made this argument unusable, therefore a breaking change in a minor version was deemed acceptable. (#39254)FEATURES:
aws_codebuild_fleet
(#39237)aws_cloudformation_stack_instances
(#36794)aws_codebuild_fleet
(#39237)aws_computeoptimizer_enrollment_status
(#35349)aws_computeoptimizer_recommendation_preferences
(#35349)aws_costoptimizationhub_enrollment_status
(#36440)aws_costoptimizationhub_preferences
(#36526)aws_datazone_asset_type
(#38812)aws_datazone_environment_profile
(#38581)aws_lambda_function_recursion_config
(#39153)ENHANCEMENTS:
domain
andtags
as Optional. This enables certificates to be matched based on tags (#31453)encryption_type
andkms_key_id
attributes (#39212)user_pool_tags
in favor of standardtags
. (#39260)assume_role
now accepts multiple elements. (#39255)cache_config
argument (#39215)mode
argument (#39206)hsm2m.medium
as a valid value forhsm_type
(#39206)fleet
attribute inenvironment
configuration block (#39237)snowflake_configuration.buffering_internal
andsnowflake_configuration.buffering_size
arguments (#39214)READER_PRO
,AUTHOR_PRO
, andADMIN_PRO
as valid values for theuser_role
argument (#39220)default_user_settings.domain_settings.docker_settings
configuration block (#35416)default_user_settings.studio_web_portal_settings
,default_space_settings.jupyter_lab_app_settings
,default_space_settings.space_storage_settings
,default_space_settings.custom_posix_user_config
, anddefault_space_settings.custom_file_system_config
configuration blocks (#38457)production_variants.managed_instance_scaling
andshadow_production_variants.managed_instance_scaling
configuration blocks (#35479)primary_container.inference_specification_name
andcontainer.inference_specification_name
arguments (#35873)primary_container.model_data_source.s3_data_source.model_access_config
,primary_container.multi_model_config
,container.model_data_source.s3_data_source.model_access_config
, andcontainer.multi_model_config
configuration blocks (#35873)user_settings.studio_web_portal_settings
configuration block (#38567)definition
using the AWS Step Functions Validation API (#39229)BUG FIXES:
created_at
as an RFC3339 formatted timestamp (#24183)created_at
as an RFC3339 formatted timestamp (#24183)check_certificate_revovation_status
is ignored due to bad autoflex field mapping (#39211)aggregation_period
not set. (#39279)permissions.actions
MaxItems
from16
to20
. This fixes a regression introduced in v5.66.0 (#39226)vpc_connection_id
regular expression validator. This fixes a regression introduced in v5.66.0 (#39231)default_user_settings.domain_settings
to include missingsecurity_group_ids
andr_studio_server_pro_domain_settings
values (#35416)suppression_options.suppressed_reasons
to be an empty list ([]
) in order to disable the suppression list (#29671)event_destination.matching_event_types
fromTypeList
toTypeSet
as order is not significant (#36897)load_balancer_options.subnet_ids
(#39196)v5.66.0
Compare Source
FEATURES:
aws_glue_registry
(#37953)aws_organizations_organizational_unit_descendant_organizational_units
(#39120)aws_quicksight_analysis
(#31737)aws_datazone_environment
(#38811)ENHANCEMENTS:
tags
attribute (#38959)tags
attribute (#39092)api_type
andmerged_api_execution_role_arn
arguments (#39159)vector_ingestion_configuration.chunking_configuration.semantic_chunking_configuration
,vector_ingestion_configuration.chunking_configuration.hierarchical_chunking_configuration
, andvector_ingestion_configuration.parsing_configuration
configuration blocks (#39138)skip_deletion_protection
attribute (#38811)backup_retention_period
andpreferred_backup_window
attributes (#38452)parameters.databricks
argument (#31737)notification_settings
argument (#39108)InService
timeouts to 60 minutes (#39090)rate_based_statement.limit
minimum from100
to10
(#39107)rate_based_statement.limit
minimum from100
to10
(#39107)BUG FIXES:
segment_actions.via.with_edge_override.use_edge
to be nested set of edges, matching JSON (#39142)segment_actions.via.with_edge_override.use_edge
. Usesegment_actions.via.with_edge_override.use_edge_location
instead (#39142)null
value. (#38869)role_arn
as Optional (#38900)slot_type_values
validator which limited configurations to 1 element (#39126)theme_arn
argument on create and update when configured (#31737)role_arns
as Optional and send an empty list if unconfigured (#39108)run_config.timeout_in_seconds
default value to allow creation of resources with a frequency less than 14 minutes (#35177)v5.65.0
Compare Source
NOTES:
FEATURES:
aws_shield_protection
(#37524)aws_glue_catalog_table_optimizer
(#38052)ENHANCEMENTS:
ap-southeast-5
AWS Region (#39052)ap-southeast-5
AWS Region (#39052)ap-southeast-5
AWS Region (#39052)ap-southeast-5
as a valid AWS Region (#39049)password_policy.password_history_size
argument (#39043)process
argument (#25468)SUCCEEDED_WITH_ISSUES
status as success when upgrading cluster (#38086)io2
as a valid value forebs_config.type
(#37740)io2
as a valid value forinstance_type_configs.ebs_config.type
(#37740)io2
as a valid value forinstance_type_configs.ebs_config.type
(#37740)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.