chore(deps): Update Terraform aws to v5 #22
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
>= 2.0, < 3
->< 6
Release Notes
hashicorp/terraform-provider-aws (aws)
v5.81.0
Compare Source
FEATURES:
aws_servicecatalogappregistry_attribute_group
(#38188)aws_ssm_parameter
(#40313)aws_bedrock_inference_profile
(#40294)aws_cloudwatch_log_anomaly_detector
(#40437)aws_ecr_account_setting
(#40219)aws_msk_single_scram_secret_association
(#37056)aws_servicecatalogappregistry_attribute_group
(#38183)aws_servicecatalogappregistry_attribute_group_association
(#38290)ENHANCEMENTS:
policy
anddomain_name_id
attributes (#40364)tags
attribute (#38243)delivery_options.max_delivery_seconds
andtracking_options.https_policy
attributes (#40194)domain_name_id
argument (#40447)policy
argument anddomain_name_id
attribute (#40364)PRIVATE
as a valid value forendpoint_configuration.types
argument, enabling custom domain name support for private REST API endpoints (#40364)completion_duration_minutes
argument (#40336)configuration.retention_configuration
andconfiguration.orphan_file_deletion_configuration
attributes. (#40199)enable_primary_ipv6
argument to add support for enabling primary IPv6 addresses on EC2 instances (#36425)shard_count
would not exceed the AWS account's shard quota when the data stream capacity mode isPROVISIONED
, preventing the provider from retrying for 1 hour in the case that the quota is exceeded. This functionality requires thekinesis:DescribeLimits
IAM permission (#40499)kinesis:DescribeLimits
IAM permission (#40499)topic_replication.topic_name_configuration
argument (#40101)enable_primary_ipv6
argument to add support for enabling primary IPv6 addresses for network interfaces (#36425)stateful_engine_options.flow_timeouts
argument (#39996)serverlessv2_scaling_configuration.seconds_until_auto_pause
argument (#40441)tags
argument andtags_all
attribute (#40470)notebook-al2-v3
value forplatform_identifier
(#40484)tags
argument andtags_all
attribute (#38243)delivery_options.max_delivery_seconds
andtracking_options.https_policy
arguments (#40194)BUG FIXES:
InvalidArgumentException: NextToken and StreamName cannot be provided together
errors when the data stream has more than 1000 shards (#40499)rule
fromTypeSet
toTypeList
as order is significant (#40521)throughput_capacity
validation to allow values up to12228
(#40468)logging_configuration.log_destination_config
s (#40092)InvalidDBClusterStateFault
errors when deleting clusters that are members of a global cluster (#40333)InvalidParameterValue: Serverless v2 maximum capacity 0.0 isn't valid. The maximum capacity must be at least 1.0.
errors when removingserverlessv2_scaling_configuration
in an update (#40511)storage_type
when restoring from S3 (#40471)storage_type
when restoring from snapshot (#40471)storage_type
when restoring to a point in time (#40471)database_name
as Computed. This prevents resource recreation when the source cluster specifies adatabase_name
(#40469)v5.80.0
Compare Source
FEATURES:
aws_codeconnections_connection
(#40300)aws_codeconnections_host
(#40300)aws_s3tables_namespace
(#40420)aws_s3tables_table
(#40420)aws_s3tables_table_bucket
(#40420)aws_s3tables_table_bucket_policy
(#40420)aws_s3tables_table_policy
(#40420)ENHANCEMENTS:
instruction
max length for validation to 8000 (#40279)deletion_protection_enabled
argument (#35359)serverlessv2_scaling_configuration.max_capacity
andserverlessv2_scaling_configuration.min_capacity
minimum values to0
to support Amazon Aurora Serverless v2 scaling to 0 ACUs (#40230)LocalZone
as a valid value forlocation.type
, enabling support for Amazon S3 Express One Zone in AWS Dedicated Local Zones (#40339)BUG FIXES:
tags_all
when planning. (#40305)deserialization failed, failed to decode response body with invalid JSON
errors on Read (#40419)v5.79.0
Compare Source
FEATURES:
aws_vpc_block_public_access_exclusion
(#40235)aws_vpc_block_public_access_options
(#40233)ENHANCEMENTS:
compute_config
,storage_config
, andkubernetes_network_config.elastic_load_balancing
arguments for EKS Auto Mode (#40370)remote_network_config
argument for EKS Auto Mode (#40371)metrics_config
argument (#40322)provisioned_poller_config
argument (#40303)supported_regions
argument (#40346)BUG FIXES:
disk_iops_configuration.iops
from350000
to400000
fordeployment_type = "SINGLE_AZ_2"
(#40359)v5.78.0
Compare Source
NOTES:
FEATURES:
aws_iam_organizations_features
(#40164)ENHANCEMENTS:
engine
attribute (#40224)cluster_configuration.engine
attribute (#40224)engine
argument (#40224)cluster_configuration.engine
attribute (#40224)BUG FIXES:
product_description
(e.g., "postgresql") is a substring of multiple products, fixError: multiple RDS Reserved Instance Offerings matched; use additional constraints to reduce matches to a single RDS Reserved Instance Offering
(#40281)Warning: AWS account ID not found for provider
whenskip_requesting_account_id
istrue
(#40264)eksProperties
orecsProperties
block (#40172)content_policy_config.filters_config
s are specified. (#40304)sns_topic_arns
changes (#40253)sns_topic_arns
changes (#40291)storage_type
fromio1
orio2
togp3
, fix bug causing errorInvalidParameterCombination: You must specify both the storage size and iops when modifying the storage size or iops on a DB instance that has iops
(#37257)gp3
volume'sallocated_storage
to a value larger than the threshold value forengine
, fix bug causing errorInvalidParameterCombination: You must specify both the storage size and iops when modifying the storage size or iops on a DB instance that has iops
(#28847)v5.77.0
Compare Source
NOTES:
aws_kms_secrets
,aws_lambda_invocation
, andaws_secretsmanager_secret_version
now support ephemeral values. (#40009)FEATURES:
aws_kms_secrets
(#40009)aws_lambda_invocation
(#39988)aws_secretsmanager_secret_version
(#40009)aws_rds_instance_state
(#40180)ENHANCEMENTS:
most_recent
is true and certain filter criteria are missing (#40211)availability_zone_rebalancing
attribute (#40225)availability_zone_rebalancing
attribute (#40225)versionConsistency
argument tocontainer_definitions
(#40216)nodejs22.x
runtime
value (#40277)nodejs22.x
compatible_runtimes
value (#40277)endpoint
argument to point to the writer DB instance in the current primary cluster (#39960)BUG FIXES:
tags
from theDescribeSubnets
response, removing the need for theec2:DescribeTags
IAM permission (#40144)schema
element (#40195)pod_identity_association
is modified (#40168)pod_identity_association
is changed (#40168)v5.76.0
Compare Source
FEATURES:
aws_vpc_security_group_vpc_association
(#40069)ENHANCEMENTS:
python3.13
runtime
value (#40277)python3.13
compatible_runtimes
value (#40277)BUG FIXES:
BadRequestException: Invalid mapping expression specified
andNotFoundException: Invalid parameter name specified
errors when making updates torequest_parameters
and/orcache_key_parameters
(#40124)BadRequestException: Invalid mapping expression specified
andNotFoundException: Invalid parameter name specified
errors when making updates torequest_parameters
(#40124)launch_template
that is updated causingValidationError: You must use a valid fully-formed launch template.
(#40088)ipam_pool_id
is set (#40082)Provider returned invalid result object after apply
errors (#40090)policy_names
(#40076)policy_arns
(#40076)policy_names
(#40076)policy_arns
(#40076)policy_names
(#40076)policy_arns
(#40076)v5.75.1
Compare Source
ENHANCEMENTS:
description
attribute (#39980)reset_on_delete
to properly reset CloudWatch Role ARN on deletion. (#40004)description
argument (#39980)BUG FIXES:
canary_settings
andstage_description
whenstage_name
not set. (#40067)ttl[0].attribute_name
to be set whenttl[0].enabled
is false (#40046)ValidationException
on updates when RStudio is disabled on the domain (#40049)v5.75.0
Compare Source
BREAKING CHANGES:
canary_settings.deployment_id
attribute asrequired
(#39929)NOTES:
ARNType
will properly surface validation errors (#40008)deployment_id
was added tocanary_settings
as arequired
attribute. This breaking change was necessary to makecanary_settings
functional. Without this change all canary traffic was routed to the main deployment (#39929)FEATURES:
aws_spot_datafeed_subscription
(#39647)ENHANCEMENTS:
init_containers
,share_process_namespace
, andimage_pull_secrets
attributes (#40019)init_containers
andshare_process_namespace
arguments (#40019)containers
arguments to 10 (#40019)pod_identity_association
argument (#38357)password
argument as sensitive (#39991)BUG FIXES:
alarm_configuration.alarms
argument (#39971)ResourceNotFound
exceptions during resource destruction (#38357)Value Conversion Error
during resource creation (#39945)tcp_idle_timeout_seconds
argument for gateway load balancers (#40039)tcp_idle_timeout_seconds
value, preventingModifyListenerAttributes
API calls when a value is not explicitly configured (#40039)public_ip_source = "amazon"
:The request can only contain PubliclyAdvertisable if the AddressFamily is IPv6 and PublicIpSource is byoip.
(#40042)v5.74.0
Compare Source
FEATURES:
aws_lb_listener_rule
(#39865)aws_opensearch_authorize_vpc_endpoint_access
(#39846)aws_ssmquicksetup_configuration_manager
(#39931)ENHANCEMENTS:
distribution.s3_export_configuration
attribute (#35492)block_device_mapping.0.ebs.0.delete_on_termination: '' expected type 'bool', got unconvertible type 'string'
errors (#39928)termination_hook_enabled
argument (#35482)zonal_shift_config
argument (#39852)distribution.s3_export_configuration
argument (#35492)container_recipe_arn
andimage_recipe_arn
to be updated in-place (#39117)replication_specification
argument (#36331)efa-only
as a valid value fornetwork_interfaces.interface_type
(#39882)TransferSecurityPolicy-Restricted-2024-06
as a valid value forsecurity_policy_name
(#39871)BUG FIXES:
master_password
on resource Create whensnapshot_identifier
is configured (#38193)component.parameter.name
,component.parameter.value
,target_repository.repository_name
, andtarget_repository.service
to ForceNew (#39117)interface conversion: interface {} is nil, not map[string]interface {}
panic whengeolocation_routing_policy
is empty (#39944)approval_rule.approve_after_days
validation to allow a maximum value of360
(#39949)decoding JSON: unexpected end of JSON input
errors when updating from usingrule_json
to usingrule
(#39283)rule_json
(#39878)v5.73.0
Compare Source
FEATURES:
aws_ssm_patch_baselines
(#39779)aws_imagebuilder_lifecycle_policy
(#35674)aws_resiliencehub_resiliency_policy
(#38913)aws_sagemaker_hub
(#39807)aws_sagemaker_mlflow_tracking_server
(#39796)ENHANCEMENTS:
valkey
as valid value forproduct_description
(#39745)parameters
map attribute to readCROSS_ACCOUNT_VERSION
(#39826)enable_zonal_shift
attribute (#39585)min_size
andmax_size
(#39843)zonal_config
argument (#34850)approximate_creation_date_time_precision
argument (#38098)valkey
as valid value forengine
(#39745)engine_version
(#39745)engine_version
(#39745)valkey
as valid value forengine
(#39745)valkey
as valid value forengine
(#39745)iceberg_configuration
argument (#39844)parameters
map argument enablingCROSS_ACCOUNT_VERSION
to be set (#39826)enable_zonal_shift
argument (#39585)tcp_idle_timeout_seconds
argument (#39585)name
argument (#39798)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)kms:DescribeKey
for the S3 default AWS managed key (alias/aws/s3
) on Read (#39782)default_user_settings.jupyter_lab_app_settings.app_lifecycle_management
,default_user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,default_user_settings.jupyter_lab_app_settings.emr_settings
,default_space_settings.jupyter_lab_app_settings.app_lifecycle_management
,default_space_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,default_space_settings.jupyter_lab_app_settings.emr_settings
,default_user_settings.auto_mount_home_efs
,default_user_settings.canvas_app_settings.emr_serverless_settings
,default_user_settings.studio_web_portal_settings.hidden_instance_types
,default_user_settings.code_editor_app_settings.app_lifecycle_management
,default_user_settings.code_editor_app_settings.built_in_lifecycle_config_arn
, andtag_propagation
arguments (#39774)app_network_access_type
andapp_security_group_management
to be updated in-place (#39774)feature_definition.collection_config
,feature_definition.collection_type
, andthroughput_config
arguments (#39805)space_settings.code_editor_app_settings.app_lifecycle_management
andspace_settings.jupyter_lab_app_settings.app_lifecycle_management
arguments (#39800)user_settings.auto_mount_home_efs
,user_settings.canvas_app_settings.emr_serverless_settings
,user_settings.code_editor_app_settings.app_lifecycle_management
,user_settings.code_editor_app_settings.built_in_lifecycle_config_arn
,user_settings.jupyter_lab_app_settings.app_lifecycle_management
,user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn
,user_settings.jupyter_lab_app_settings.emr_settings
anduser_settings.studio_web_portal_settings.hidden_instance_types
arguments (#39774)BUG FIXES:
name
. This fixes a regression introduced in v5.72.0 causingmultiple WorkSpaces Bundles matched; use additional constraints to reduce matches to a single WorkSpaces Bundle
errors (#39777)on_demand_throughput
is excluded (#39784)policy
content is written to state (#39842)InvalidParameterValue: This API supports only cross-engine upgrades to Valkey engine currently
errors on Update (#39745)policy
content is written to state (#39842)policy
content is written to state (#39842)policy
content is written to state (#39842)InvalidParameterValueException: Invalid RowLevelPermissionDataSet. Namespace parameter should not be specified for Version 2
errors on Create and Update (#39778)ttl=0
(#39728)policy
content is written to state (#39842)policy
content is written to state (#39842)v5.72.1
Compare Source
FEATURES:
aws_iam_group_policy_attachments_exclusive
(#39732)aws_iam_user_policy_attachments_exclusive
(#39731)ENHANCEMENTS:
scope
argument (#39744)BUG FIXES:
billing_mode
is set toPAY_PER_REQUEST
withoutglobal_secondary_index
updates (#39752)AGGREGATOR
indexes as tainted on Create (#39744)v5.72.0
Compare Source
NOTES:
managed_policy_arns
argument is deprecated. Use theaws_iam_role_policy_attachments_exclusive
resource instead. (#39718)FEATURES:
aws_iam_role_policy_attachments_exclusive
(#39718)ENHANCEMENTS:
saml_properties
attribute (#39060)source_flow_config.source_connector_properties.sapo_data.pagination_config
andsource_flow_config.source_connector_properties.sapo_data.parallelism_config
attributes (#38932)aws:RequestTag
conditions (#39648)appsync_target
configuration block (#37773)on_demand_throughput
andglobal_secondary_index.on_demand_throughput
arguments (#37799)serverlessv2_scaling_configuration.max_capacity
andserverlessv2_scaling_configuration.min_capacity
from128
to256
(#39697)storage-optimization
status as success when creating or updating cluster DB instances (#39691)saml_properties
configuration block (#39060)BUG FIXES:
arn
for automation documents (#39705)schema
has emptystring_attribute_constraints
ornumber_attribute_constraints
(#20386)arn
for automation documents (#39705)v5.70.0
Compare Source
NOTES:
aws_simpledb_domain
resource has been deprecated and will be removed in a future version. Use Amazon DynamoDB instead (#39536)aws_worklink_fleet
resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)aws_worklink_website_certificate_authority_association
resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)FEATURES:
aws_backup_logically_air_gapped_vault
(#39098)aws_ec2_transit_gateway_default_route_table_association
(#39496)aws_ec2_transit_gateway_default_route_table_propagation
(#39517)aws_iam_group_policies_exclusive
(#39554)aws_iam_user_policies_exclusive
(#39544)aws_securityhub_standards_control_association
(#39511)ENHANCEMENTS:
start_time
attribute (#39557)prepare_agent
argument (#39486)vector_ingestion_configuration.custom_transformation_configuration
argument (#39556)endpoint_configuration.attachment_arn
argument (#39507)tags
argument andtags_all
attribute (#39535)arn
attribute (#39535)tags
argument andtags_all
attribute (#39535)transition_default_minimum_object_size
argument (#39578)BUG FIXES:
customer_encryption_key_arn
not being passed during update (#39565)prompt_override_configuration
not being passed when not modified (#39565)knowledge_base_configuration
andstorage_configuration
to ForceNew (#39567)security_group_referencing_support
argument and mark as Computed. This suppresses the diffs shown for resources created with v5.68.0 (or earlier) (#39519)policy_version
computed attribute changing (#39528)policy_version
computed attribute changing (#39528)sheets.filter_controls.list.cascading_control_configuration
andsheets.parameter_controls.list.cascading_control_configuration
attributes (#39453)v5.69.0
Compare Source
NOTES:
(account-id).ddb.(region).amazonaws.com
instead ofdynamodb.(region).amazonaws.com
. If your network configuration blocks outgoing traffic to DynamoDB based on DNS names or endpoint URLs, you must adjust your configuration, because the service's DNS name will change. You may instead disable account-based endpoints for DynamoDB by settingaccount_id_endpoint_mode = disabled
in a shared config file or setting theAWS_ACCOUNT_ID_ENDPOINT_MODE
environment variable todisabled
(#39505)1.23.1
. The issue with AWS Network Firewall dropping TLS handshakeClientHello
messages after the v5.65.0 upgrade to Go1.23.0
, temporarily resolved by the v5.67.0 downgrade to Go1.22.7
, has been addressed by removing theX25519Kyber768Draft00
key exchange mechanism from the HTTP client used to make AWS API calls (#39432)ENHANCEMENTS:
tags
attribute (#39402)security_group_referencing_support
attribute (#34542)security_group_referencing_support
attribute (#34542)failure_code
andfailure_reason
attributes (#38995)guardrail_configuration
argument (#39440)tags
argument andtags_all
attribute (#39402)security_group_referencing_support
argument (#34542)security_group_referencing_support
argument ([#34542](https://redirect.github.coConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.