FEATURES:
aws_lb_listener_rule (#39865)aws_opensearch_authorize_vpc_endpoint_access (#39846)aws_ssmquicksetup_configuration_manager (#39931)ENHANCEMENTS:
distribution.s3_export_configuration attribute (#35492)block_device_mapping.0.ebs.0.delete_on_termination: '' expected type 'bool', got unconvertible type 'string' errors (#39928)termination_hook_enabled argument (#35482)zonal_shift_config argument (#39852)distribution.s3_export_configuration argument (#35492)container_recipe_arn and image_recipe_arn to be updated in-place (#39117)replication_specification argument (#36331)efa-only as a valid value for network_interfaces.interface_type (#39882)TransferSecurityPolicy-Restricted-2024-06 as a valid value for security_policy_name (#39871)BUG FIXES:
master_password on resource Create when snapshot_identifier is configured (#38193)component.parameter.name, component.parameter.value, target_repository.repository_name, and target_repository.service to ForceNew (#39117)interface conversion: interface {} is nil, not map[string]interface {} panic when geolocation_routing_policy is empty (#39944)approval_rule.approve_after_days validation to allow a maximum value of 360 (#39949)decoding JSON: unexpected end of JSON input errors when updating from using rule_json to using rule (#39283)rule_json (#39878)FEATURES:
aws_ssm_patch_baselines (#39779)aws_imagebuilder_lifecycle_policy (#35674)aws_resiliencehub_resiliency_policy (#38913)aws_sagemaker_hub (#39807)aws_sagemaker_mlflow_tracking_server (#39796)ENHANCEMENTS:
valkey as valid value for product_description (#39745)parameters map attribute to read CROSS_ACCOUNT_VERSION (#39826)enable_zonal_shift attribute (#39585)min_size and max_size (#39843)zonal_config argument (#34850)approximate_creation_date_time_precision argument (#38098)valkey as valid value for engine (#39745)engine_version (#39745)engine_version (#39745)valkey as valid value for engine (#39745)valkey as valid value for engine (#39745)iceberg_configuration argument (#39844)parameters map argument enabling CROSS_ACCOUNT_VERSION to be set (#39826)enable_zonal_shift argument (#39585)tcp_idle_timeout_seconds argument (#39585)name argument (#39798)kms:DescribeKey for the S3 default AWS managed key (alias/aws/s3) on Read (#39782)kms:DescribeKey for the S3 default AWS managed key (alias/aws/s3) on Read (#39782)kms:DescribeKey for the S3 default AWS managed key (alias/aws/s3) on Read (#39782)default_user_settings.jupyter_lab_app_settings.app_lifecycle_management, default_user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn, default_user_settings.jupyter_lab_app_settings.emr_settings, default_space_settings.jupyter_lab_app_settings.app_lifecycle_management, default_space_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn, default_space_settings.jupyter_lab_app_settings.emr_settings, default_user_settings.auto_mount_home_efs, default_user_settings.canvas_app_settings.emr_serverless_settings, default_user_settings.studio_web_portal_settings.hidden_instance_types, default_user_settings.code_editor_app_settings.app_lifecycle_management, default_user_settings.code_editor_app_settings.built_in_lifecycle_config_arn, and tag_propagation arguments (#39774)app_network_access_type and app_security_group_management to be updated in-place (#39774)feature_definition.collection_config, feature_definition.collection_type, and throughput_config arguments (#39805)space_settings.code_editor_app_settings.app_lifecycle_management and space_settings.jupyter_lab_app_settings.app_lifecycle_management arguments (#39800)user_settings.auto_mount_home_efs, user_settings.canvas_app_settings.emr_serverless_settings, user_settings.code_editor_app_settings.app_lifecycle_management, user_settings.code_editor_app_settings.built_in_lifecycle_config_arn, user_settings.jupyter_lab_app_settings.app_lifecycle_management, user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn, user_settings.jupyter_lab_app_settings.emr_settings and user_settings.studio_web_portal_settings.hidden_instance_types arguments (#39774)BUG FIXES:
name. This fixes a regression introduced in v5.72.0 causing multiple WorkSpaces Bundles matched; use additional constraints to reduce matches to a single WorkSpaces Bundle errors (#39777)on_demand_throughput is excluded (#39784)policy content is written to state (#39842)InvalidParameterValue: This API supports only cross-engine upgrades to Valkey engine currently errors on Update (#39745)policy content is written to state (#39842)policy content is written to state (#39842)policy content is written to state (#39842)InvalidParameterValueException: Invalid RowLevelPermissionDataSet. Namespace parameter should not be specified for Version 2 errors on Create and Update (#39778)ttl=0 (#39728)policy content is written to state (#39842)policy content is written to state (#39842)FEATURES:
aws_iam_group_policy_attachments_exclusive (#39732)aws_iam_user_policy_attachments_exclusive (#39731)ENHANCEMENTS:
scope argument (#39744)BUG FIXES:
billing_mode is set to PAY_PER_REQUEST without global_secondary_index updates (#39752)AGGREGATOR indexes as tainted on Create (#39744)NOTES:
managed_policy_arns argument is deprecated. Use the aws_iam_role_policy_attachments_exclusive resource instead. (#39718)FEATURES:
aws_iam_role_policy_attachments_exclusive (#39718)ENHANCEMENTS:
saml_properties attribute (#39060)source_flow_config.source_connector_properties.sapo_data.pagination_config and source_flow_config.source_connector_properties.sapo_data.parallelism_config attributes (#38932)aws:RequestTag conditions (#39648)appsync_target configuration block (#37773)on_demand_throughput and global_secondary_index.on_demand_throughput arguments (#37799)principal to be an AWS federated-user arn (#33298)serverlessv2_scaling_configuration.max_capacity and serverlessv2_scaling_configuration.min_capacity from 128 to 256 (#39697)storage-optimization status as success when creating or updating cluster DB instances (#39691)saml_properties configuration block (#39060)BUG FIXES:
This Terraform AWS Provider version has been removed from the Terraform Registry due to archive has incorrect checksum errors while installing the provider on some platforms.
The next planned Terraform AWS Provider release is v5.72.0, scheduled for the morning (EST) of October 17, 2024.
FEATURES:
aws_bedrock_inference_profile (#39342)aws_bedrock_inference_profiles (#39342)aws_elasticache_serverless_cache (#39590)aws_prometheus_default_scraper_configuration (#35280)aws_route53profiles_profiles (#38172)aws_backup_restore_testing_plan (#37039)aws_backup_restore_testing_selection (#37039)aws_datazone_user_profile (#38810)aws_pinpointsmsvoicev2_configuration_set (#39620)aws_route53profiles_association (#38172)aws_route53profiles_profile (#38172)aws_route53profiles_resource_association (#38172)ENHANCEMENTS:
rule.schedule_expression_timezone attribute (#33653)ipam_pool_id attribute (#39604)private_dns_names attribute (#39659)rule.schedule_expression_timezone argument (#33653)update_policy.job_execution_timeout_minutes (#39583)container_properties.environment (#21834)ipam_pool_id argument in support of public IPAM pools (#39604)resolver_endpoint_type argument
resource/aws_route53_resolver_rule: Add ipv6 optional argument to the target_ip object (#30167)enable_private_gua argument (#39600)ip_source and ipv6_address_attribute attributes (#39600)BUG FIXES:
empty result errors reading vaults in certain Regions (#39670)security_group_names causing resource replacement after import (#39591)volume_tags, root_block_device.*.tags, and ebs_block_device.*.tags where tags overlapped with default tags. These are now handled consistently with top-level tags throughout the provider. Specifically, tags defined in both locations are no longer removed, preventing erroneous differences. (#37441)workforce_name as Optional (#39630)criteria.aws_account_id, criteria.generator_id, criteria.resource_id, and criteria.title max length from 20 to 100 (#39616)publicly_advertisable to ForceNew (#39600)InvalidParameterCombination: The request can only contain PubliclyAdvertisable if the AddressFamily is IPv6 and PublicIpSource is byoip errors (#39600)NOTES:
aws_simpledb_domain resource has been deprecated and will be removed in a future version. Use Amazon DynamoDB instead (#39536)aws_worklink_fleet resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)aws_worklink_website_certificate_authority_association resource has been deprecated and will be removed in a future version. Use Amazon WorkSpaces Secure Browser instead (#39538)FEATURES:
aws_backup_logically_air_gapped_vault (#39098)aws_ec2_transit_gateway_default_route_table_association (#39496)aws_ec2_transit_gateway_default_route_table_propagation (#39517)aws_iam_group_policies_exclusive (#39554)aws_iam_user_policies_exclusive (#39544)aws_securityhub_standards_control_association (#39511)ENHANCEMENTS:
start_time attribute (#39557)prepare_agent argument (#39486)vector_ingestion_configuration.custom_transformation_configuration argument (#39556)endpoint_configuration.attachment_arn argument (#39507)tags argument and tags_all attribute (#39535)arn attribute (#39535)tags argument and tags_all attribute (#39535)transition_default_minimum_object_size argument (#39578)BUG FIXES:
customer_encryption_key_arn not being passed during update (#39565)prompt_override_configuration not being passed when not modified (#39565)knowledge_base_configuration and storage_configuration to ForceNew (#39567)security_group_referencing_support argument and mark as Computed. This suppresses the diffs shown for resources created with v5.68.0 (or earlier) (#39519)policy_version computed attribute changing (#39528)policy_version computed attribute changing (#39528)sheets.filter_controls.list.cascading_control_configuration and sheets.parameter_controls.list.cascading_control_configuration attributes (#39453)NOTES:
(account-id).ddb.(region).amazonaws.com instead of dynamodb.(region).amazonaws.com. If your network configuration blocks outgoing traffic to DynamoDB based on DNS names or endpoint URLs, you must adjust your configuration, because the service's DNS name will change. You may instead disable account-based endpoints for DynamoDB by setting account_id_endpoint_mode = disabled in a shared config file or setting the AWS_ACCOUNT_ID_ENDPOINT_MODE environment variable to disabled (#39505)1.23.1. The issue with AWS Network Firewall dropping TLS handshake ClientHello messages after the v5.65.0 upgrade to Go 1.23.0, temporarily resolved by the v5.67.0 downgrade to Go 1.22.7, has been addressed by removing the X25519Kyber768Draft00 key exchange mechanism from the HTTP client used to make AWS API calls (#39432)ENHANCEMENTS:
tags attribute (#39402)security_group_referencing_support attribute (#34542)security_group_referencing_support attribute (#34542)failure_code and failure_reason attributes (#38995)guardrail_configuration argument (#39440)tags argument and tags_all attribute (#39402)security_group_referencing_support argument (#34542)security_group_referencing_support argument (#34542)security_group_referencing_support argument (#34542)volume_configuration.managed_ebs_volume.tag_specifications attribute (#38662)display_name to be updated in-place (#39416)credentials.secret_arn argument (#29034)BUG FIXES:
security_group_ids. This requires a call to the EC2 DescribeVpcEndpoints API (#39454)ap-southeast-5 Region (#39389)name attribute. (#38993)name attribute. (#38993)ConcurrentModificationExceptions during role creation (#39429)AccessDeniedException: Lambda code scanning is not supported in ... errors (#38254)AccessDeniedException errors during creation (#38254)name and vpc_id to ForceNew (#39454)security_group_ids. This requires a call to the EC2 DescribeVpcEndpoints API (#39454)NOTES:
inline_policy argument is deprecated. Use the aws_iam_role_policy resource instead. If Terraform should exclusively manage all inline policy associations (the current behavior of this argument), use the aws_iam_role_policies_exclusive resource as well. (#39203)composite_slot_type_setting block, the subslots argument has been renamed sub_slots. See the linked pull request for additional justification on this change. The previous misnaming effectively made this argument unusable, therefore a breaking change in a minor version was deemed acceptable. (#39353)FEATURES:
aws_elasticache_reserved_cache_node_offering (#29832)aws_securityhub_standards_control_associations (#39334)aws_synthetics_runtime_version (#39180)aws_synthetics_runtime_versions (#39180)aws_appsync_source_api_association (#39323)aws_elasticache_reserved_cache_node (#29832)aws_iam_role_policies_exclusive (#39203)aws_pinpointsmsvoicev2_opt_out_list (#25036)aws_pinpointsmsvoicev2_phone_number (#25036)aws_sesv2_account_suppression_attributes (#39325)ENHANCEMENTS:
iam_role_arn argument to s3_action configuration block (#39364)name length to 255 characters (#39315)BUG FIXES:
assume_role.role_arn to be an empty string when there is a single assume_role entry. (#39328)environment_variables argument (#39397)Managed by DynamoDB encryption setting (#31284)engine_version mismatch with RabbitMQ 3.13 and ActiveMQ 5.18 and above (#39024)endpoint_management = "CUSTOMER" (#39394)policy (#39322)BREAKING CHANGES:
value_selection_setting.advanced_recognition_setting block, the audio_recognition_setting argument has been renamed audio_recognition_strategy (#39254)NOTES:
1.22.6. A small number of users have reported failed or hanging network connections using the version of the Terraform AWS provider which was first built with Go 1.23.0 (v5.65.0). At this point, maintainers have been unable to reproduce failures, but enough distinct users have reported issues that we are going to attempt downgrading to Go 1.22.6 for the next provider release. We will continue to coordinate with users and AWS in an attempt to identify the root cause, using this upcoming release with a reverted Go build version as a data point. (#39256)value_selection_setting.advanced_recognition_setting block, the audio_recognition_setting argument has been renamed audio_recognition_strategy. See the linked pull request for additional justification on this change. The previous misnaming effectively made this argument unusable, therefore a breaking change in a minor version was deemed acceptable. (#39254)FEATURES:
aws_codebuild_fleet (#39237)aws_cloudformation_stack_instances (#36794)aws_codebuild_fleet (#39237)aws_computeoptimizer_enrollment_status (#35349)aws_computeoptimizer_recommendation_preferences (#35349)aws_costoptimizationhub_enrollment_status (#36440)aws_costoptimizationhub_preferences (#36526)aws_datazone_asset_type (#38812)aws_datazone_environment_profile (#38581)aws_lambda_function_recursion_config (#39153)ENHANCEMENTS:
domain and tags as Optional. This enables certificates to be matched based on tags (#31453)encryption_type and kms_key_id attributes (#39212)user_pool_tags in favor of standard tags. (#39260)assume_role now accepts multiple elements. (#39255)cache_config argument (#39215)mode argument (#39206)hsm2m.medium as a valid value for hsm_type (#39206)fleet attribute in environment configuration block (#39237)snowflake_configuration.buffering_internal and snowflake_configuration.buffering_size arguments (#39214)READER_PRO, AUTHOR_PRO, and ADMIN_PRO as valid values for the user_role argument (#39220)default_user_settings.domain_settings.docker_settings configuration block (#35416)default_user_settings.studio_web_portal_settings, default_space_settings.jupyter_lab_app_settings, default_space_settings.space_storage_settings, default_space_settings.custom_posix_user_config, and default_space_settings.custom_file_system_config configuration blocks (#38457)production_variants.managed_instance_scaling and shadow_production_variants.managed_instance_scaling configuration blocks (#35479)primary_container.inference_specification_name and container.inference_specification_name arguments (#35873)primary_container.model_data_source.s3_data_source.model_access_config, primary_container.multi_model_config, container.model_data_source.s3_data_source.model_access_config, and ``container.multi_model_config` configuration blocks (#35873)user_settings.studio_web_portal_settings configuration block (#38567)definition using the AWS Step Functions Validation API (#39229)BUG FIXES:
created_at as an RFC3339 formatted timestamp (#24183)created_at as an RFC3339 formatted timestamp (#24183)check_certificate_revovation_status is ignored due to bad autoflex field mapping (#39211)aggregation_period not set. (#39279)permissions.actions MaxItems from 16 to 20. This fixes a regression introduced in v5.66.0 (#39226)vpc_connection_id regular expression validator. This fixes a regression introduced in v5.66.0 (#39231)default_user_settings.domain_settings to include missing security_group_ids and r_studio_server_pro_domain_settings values (#35416)suppression_options.suppressed_reasons to be an empty list ([]) in order to disable the suppression list (#29671)event_destination.matching_event_types from TypeList to TypeSet as order is not significant (#36897)load_balancer_options.subnet_ids (#39196)FEATURES:
aws_glue_registry (#37953)aws_organizations_organizational_unit_descendant_organizational_units (#39120)aws_quicksight_analysis (#31737)aws_datazone_environment (#38811)ENHANCEMENTS:
tags attribute (#38959)tags attribute (#39092)api_type and merged_api_execution_role_arn arguments (#39159)vector_ingestion_configuration.chunking_configuration.semantic_chunking_configuration, vector_ingestion_configuration.chunking_configuration.hierarchical_chunking_configuration, and vector_ingestion_configuration.parsing_configuration configuration blocks (#39138)skip_deletion_protection attribute (#38811)backup_retention_period and preferred_backup_window attributes (#38452)parameters.databricks argument (#31737)notification_settings argument (#39108)InService timeouts to 60 minutes (#39090)rate_based_statement.limit minimum from 100 to 10 (#39107)rate_based_statement.limit minimum from 100 to 10 (#39107)BUG FIXES:
segment_actions.via.with_edge_override.use_edge to be nested set of edges, matching JSON (#39142)segment_actions.via.with_edge_override.use_edge. Use segment_actions.via.with_edge_override.use_edge_location instead (#39142)null value. (#38869)role_arn as Optional (#38900)slot_type_values validator which limited configurations to 1 element (#39126)theme_arn argument on create and update when configured (#31737)role_arns as Optional and send an empty list if unconfigured (#39108)run_config.timeout_in_seconds default value to allow creation of resources with a frequency less than 14 minutes (#35177)NOTES:
FEATURES:
aws_shield_protection (#37524)aws_glue_catalog_table_optimizer (#38052)ENHANCEMENTS:
ap-southeast-5 AWS Region (#39052)ap-southeast-5 AWS Region (#39052)ap-southeast-5 AWS Region (#39052)ap-southeast-5 as a valid AWS Region (#39049)password_policy.password_history_size argument (#39043)process argument (#25468)SUCCEEDED_WITH_ISSUES status as success when upgrading cluster (#38086)io2 as a valid value for ebs_config.type (#37740)io2 as a valid value for instance_type_configs.ebs_config.type (#37740)io2 as a valid value for instance_type_configs.ebs_config.type (#37740)job_run_queuing_enabled argument (#39027)kms_key_arn argument (#39055)false on update if policy_document is empty (#38675)BUG FIXES:
auto_branch_creation_config (#39041)domain_name to ForceNew (#38086)instance_count value of 0 on create when configured (#37740)BadRequestException: The request is rejected because an invalid or out-of-range value is specified as an input parameter errors on resource Create (#39084)data_cells_filter permissions (#39026)neptune_cluster_parameter_group_name as Computed (#38980)neptune_parameter_group_name as Computed (#38980)ValidationException: Parameter ARN is not supported for this operation errors when deleting resources imported by ARN (#39067)ENHANCEMENTS:
dashboard_endpoint_v2, domain_endpoint_v2_hosted_zone_id, and endpoint_v2 attributes (#38456)suspended_state configuration block (#38942)restore_source_table_arn attribute (#38953)dashboard_endpoint_v2, domain_endpoint_v2_hosted_zone_id, and endpoint_v2 attributes (#38456)BUG FIXES:
id attribute when deployment_targets does not include organizational unit IDs. (#38969)action is configured (#38994)enabled_http_endpoint) to be enabled and disabled for provisioned engine mode and serverlessv2 (#38997)FEATURES:
ENHANCEMENTS:
job_state_time_limit_action attribute (#38784)ecs_properties argument (#37871)job_state_time_limit_action argument (#38784)BUG FIXES:
id parsing errors (#38924)logical_table_map.data_transforms.project_operation.projected_columns with null list elements (#38886)reputation_metrics_enabled is set to true (#38921)FEATURES:
aws_bedrockagent_agent_versions (#38792)aws_bedrock_guardrail (#38757)aws_cloudtrail_organization_delegated_admin_account (#38817)aws_datazone_environment_profile (#35603)aws_datazone_form_type (#38746)aws_datazone_glossary_term (#38706)aws_pinpoint_email_template (#33266)ENHANCEMENTS:
logging_configuration.log_destination_config MaxItems from 2 to 3 (#38824)BUG FIXES:
sdkdiags.AppendErrorf function calls (#38854)sdkdiags.AppendErrorf function calls (#38854)sdkdiags.AppendErrorf function calls (#38854)name and name_prefix (#38194)sdkdiags.AppendErrorf function calls (#38854)service_registries item (#38883)container_definitions diffs on healthCheck's default values (#38872)container_definitions.dockerLabels (#38804)nulls from container_definition array fields (#38870)replicas_per_node_group if node groups are empty (#38797)sdkdiags.AppendErrorf function calls (#38854)network_access_control block is configured (#38775)vpc_configuration block is configured (#38775)attribute_payload block is configured (#38776)configuration.bgp_configurations on Read (#38798)encrypted on snapshot restore, when enabled (#38828)sdkdiags.AppendErrorf function calls (#38854)sdkdiags.AppendErrorf function calls (#38854)sdkdiags.AppendErrorf function calls (#38854)FEATURES:
aws_rds_cluster_parameter_group (#38416)aws_secretsmanager_secret_versions (#35411)aws_ebs_snapshot_block_public_access (#38641)aws_rds_integration (#35199)ENHANCEMENTS:
application/x-sql (#38737)application/x-sql (#38737)default_tags to be set by environment variables (#33339)ignore_tags.keys and ignore_tags.key_prefixes to be set by environment variables (#35264)skip_destroy argument (#29663)skip_destroy argument (#29663)secret_arn (#37213)force_delete argument (#38707)grafana_token argument (#38743)target_health_state.unhealthy_draining_interval argument (#38654)sub_slot_setting attribute (#38698)BUG FIXES:
ROOT as a valid value for prefix (#38685)name max length validation to 128 (#37539)eks_properties for job updates (#38716)retry_strategy for job updates (#38716)timeout for job updates (#38716)created_date attribute (#38689)ROOT as a valid value for prefix (#38685)launch_specifications argument (#38773)PreconditionFailedException on delete for resources deleted out-of-band (#38661)PreconditionFailedException on delete for resources deleted out-of-band (#38661)PreconditionFailedException on delete for resources deleted out-of-band (#38661)$.network-function-groups: null found, array expected errors when creating resource with create_base_policy argument (#38642)revision_id and state_machine_version_arn as Computed on update if publish is true (#38657)NOTES:
FEATURES:
aws_ecr_repository_creation_template (#38597)aws_chatbot_slack_channel_configuration (#38124)aws_chatbot_teams_channel_configuration (#38630)aws_datazone_glossary (#38602)aws_ecr_repository_creation_template (#38597)aws_timestreaminfluxdb_db_instance (#37963)ENHANCEMENTS:
upgrade_policy attribute (#38573)repository_name values. See documentation for details (#38575)enhanced_metrics_config configuration block (#38570)upgrade_storage_config argument (#36904)ipv6_cidr_block sizes between /44 and /60 in increments of /4 (#35614)ipv6_netmask_length values between 44 and 60 in increments of 4 (#35614)upgrade_policy configuration block (#38573)log_configuration.include_execution_data argument (#38569)performance_insights_enabled, performance_insights_kms_key_id, and performance_insights_retention_period arguments (#29415)restore_to_point_in_time.source_cluster_resource_id argument (#38540)restore_to_point_in_time.source_cluster_identifier as Optional (#38540)encryption_configuration configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions Activity resources (#38574)encryption_configuration configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions State Machine resources (#38574)json attribute value (#35950)ipv6_cidr_block sizes between /44 and /60 in increments of /4 (#35614)ipv6_netmask_length values between 44 and 60 in increments of 4 (#35614)assign_generated_ipv6_cidr_block and ipv6_pool arguments (#27274)ipv6_cidr_block sizes between /44 and /60 in increments of /4 (#35614)ipv6_netmask_length values between 44 and 60 in increments of 4 (#35614)tags to the AuthorizeSecurityGroupEgress EC2 API call instead of making a separate CreateTags call (#35614)tags to the AuthorizeSecurityGroupIngress EC2 API call instead of making a separate CreateTags call (#35614)rule_json attribute to allow raw JSON for rules. (#38309)BUG FIXES:
CoreNetworkPolicyException when putting policy with single wildcard in when_sent_to (#38595)index_name character length validation (#38509)container_definitions start with a lowercase letter (#38622)type argument on create when configured (#38640)policy content to prevent persistent differences (#38604)target_parameters if the configured value has not changed (#38598)domain_dns_ips to use single DNS server IP (#36500)domain_settings.r_studio_server_pro_domain_settings.r_studio_package_manager_url argument on create (#38547)description on Read (#38618)netmask_length on Read (#38618)NOTES:
FEATURES:
ENHANCEMENTS:
kms_key_identifier attribute (#38492)tags attribute (#38483)metadata_catalog_config attribute (#37566)prefix_hierarchy attribute to destination_flow_config.s3.s3_output_format_config (#37566)eks_properties.*.pod_properties.*.image_pull_secret argument (#38517)operation_preferences.concurrency_mode argument (#38498)kms_key_identifier argument (#38492)tags argument and tags_all attribute (#38483)shared_accounts argument (#34885)shared_accounts argument (#34843)AZURECOSMOS, AZURESQL, BIGQUERY, OPENSEARCH, and SNOWFLAKE as valid values for the connection_type argument and SparkProperties as a valid value for the connection_properties argument (#37731)inline_policy fails to create (#38477)scaling_configuration.seconds_before_timeout argument (#38451)event_destination.event_bridge_destination configuration block (#38458)runtime error: invalid memory address or nil pointer dereference panic when reading a non-existent table (#38512)BUG FIXES:
tags on Read (#38343)tags on Read (#38343)rule argument on update (#38449)scope_configuration.domain argument (#38513)error marshaling prior state: a number is required when upgrading from v5.58.0 to v5.59.0 (#38490)Provider produced inconsistent final plan errors when container_definitions is unknown (#38471)error marshaling prior state when upgrading from v4.67.0 to v5.59.0 (#38476)tags on Read (#38343)ca_certificate_identifier as Computed (#38437)copy_tags_to_snapshot value when restore_to_point_in_time is set (#34044)apply_immediately is true. This fixes InvalidParameterCombination errors when updating engine_version (#38437)FEATURES:
secrets_manager_configuration to redshift_configuration, snowflake_configuration, and splunk_configuration (#38151)aws_cloudfront_origin_access_control (#36301)aws_timestreamwrite_database (#36368)aws_timestreamwrite_table (#36599)aws_datazone_project (#38345)aws_grafana_workspace_service_account (#38101)aws_grafana_workspace_service_account_token (#38101)aws_rds_certificate (#35003)aws_rekognition_stream_processor (#37536)ENHANCEMENTS:
cluster_mode attribute (#38002)allow_full_table_external_data_access attribute (#34474)broker_node_group_info attribute (#37705)skip_resource_in_use_check argument (#37586)action_group_executor.custom_control argument (#37484)function_schema configuration block (#37484)routing_configuration.provisioned_throughput argument (#37520)scope_configuration argument (#38199)timeout_in_minutes argument to the action configuration block (#36316)engine_lifecycle_support argument (#37708)configuration.managed_storage_configuration argument (#37932)cluster_mode argument (#38002)interactive_configuration argument (#37889)experiment_options configuration block (#36900)final_backup_tags and skip_final_backup arguments (#37717)final_backup_tags argument (#37717)delete_options and final_backup_tags arguments (#37717)final_backup_tags argument (#37717)execution_role and workflow arguments (#37317)secrets_manager_configuration to http_endpoint_configuration (#38245)FLINK-1_19 as a valid value for runtime_environment (#38350)allow_full_table_external_data_access attribute (#34474)target_group_health configuration block (#37082)starting_position argument (#36968)engine_lifecycle_support argument (#37708)engine_lifecycle_support argument (#37708)arn from DescribeClusterSnapshots API response (#37996)TLS_PASSTHROUGH as a valid value for protocol (#37964)enable_machine_learning to aws_managed_rules_bot_control_rule_set configuration block (#37006)BUG FIXES:
id the the access point ID, not the file system ID. This fixes a regression introduced in v5.58.0 (#38372)default_action.target_group_arn (#37348)concurrent_build_limit (#37748)trigger as Computed (#36316)volume_configuration.managed_ebs_volume.throughput from TypeString to TypeInt (#38109)replicas_per_node_group to 0 and sets the maximum to 5. (#38396)description. (#38396)num_cache_clusters is set, prevents setting replicas_per_node_group. (#38396)num_cache_clusters must be at least 2 when automatic_failover_enabled is true. (#38396)ip_address_type value when target_type is instance (#36423)ACTIVE on resource Create (#38332)interface conversion: interface {} is nil, not map[string]interface {} panic when campaign_hook is empty ({}) (#38323)TransferSecurityPolicy-FIPS-2024-05, TransferSecurityPolicy-Restricted-2018-11, and TransferSecurityPolicy-Restricted-2020-06 for the security_policy_name argument (#38425)FEATURES:
aws_cloudwatch_log_account_policy (#38328)aws_verifiedpermissions_identity_source (#38181)ENHANCEMENTS:
network_interfaces.primary_ipv6 attribute (#37142)tags attribute (#38270)tags attribute (#38270)tags attribute (#38270)link_configuration attribute (#38277)deployment_targets argument. (#37898)billing_mode argument (#38273)InvalidParameterCombination: A parameter group can't be specified during Read Replica creation for the following DB engine: postgres errors (#38227)InsufficientInstanceCapacity errors (#36754)bootstrap_self_managed_addons argument (#38162)resource_set_ids attribute (#38161)384, 768, 1536, 3072, and 6144 as valid values for throughput_capacity (#38308)384, 768, and 1536 as valid values for throughput_capacity_per_ha_pair (#38308)MULTI_AZ_2 as a valid value for deployment_type (#38308)cidr_block argument to resource configuration block (#38196)delete timeout (#38212)network_interfaces.primary_ipv6 argument (#37142)tags argument and tags_all attribute (#38270)tags argument and tags_all attribute (#38270)tags argument and tags_all attribute (#38270)link_configuration argument (#38277)ca_certificate_identifier argument and ca_certificate_valid_till attribute (#37108)tags argument and tags_all attribute (#38271)BUG FIXES:
tags attribute is not set (#38272)access_config.bootstrap_cluster_creator_admin_permissions attribute (#38295)0 as a valid value for idle_disconnect_timeout_in_seconds (#38274)ForceNew to deployment_targets attributes to ensure a new resource is recreated when the deployment_targets argument is changed, which was not the case previously. (#37898)access_config.bootstrap_cluster_creator_admin_permissions to true on Read for clusters with no access_config configured. This allows in-place updates of existing clusters when access_config is configured (#38295)cache_usage_limits.data_storage.maximum, cache_usage_limits.data_storage.minimum, cache_usage_limits.ecpu_per_second.maximum and cache_usage_limits.ecpu_per_second.minimum to be updated in-place (#38269)interface conversion: interface {} is nil, not map[string]interface {} panic when log_delivery.worker_log_delivery is empty ({}) (#38270)FEATURES:
aws_appstream_image (#38225)aws_cognito_user_pool (#37399)aws_ec2_transit_gateway_peering_attachments (#25743)aws_transfer_connector (#38213)ENHANCEMENTS:
rule attribute (#37890)certificate_settings argument (#37105)options argument (#36902)tags argument (#37152)cloudwatch_logs.batch_mode and error_action.cloudwatch_logs.batch_mode arguments (#36772)InputAndOutput in capture_mode (#37726)BUG FIXES: