chore(deps): update terraform-aws - autoclosed #769

renovate · 2024-11-21T16:26:45Z

This PR contains the following updates:

Package	Type	Update	Change
aws (source)	required_provider	minor	`5.70.0` -> `5.76.0`
terraform-aws-modules/eks/aws (source)	module	minor	`20.24.2` -> `20.29.0`
terraform-aws-modules/vpc/aws (source)	module	minor	`~> 5.13.0` -> `~> 5.16.0`

Release Notes

hashicorp/terraform-provider-aws (aws)

`v5.76.0`

Compare Source

FEATURES:

New Resource: aws_vpc_security_group_vpc_association (#40069)

ENHANCEMENTS:

resource/aws_medialive_channel: Add missing h265 codec settings (#40071)

BUG FIXES:

resource/aws_api_gateway_integration: Fix BadRequestException: Invalid mapping expression specified and NotFoundException: Invalid parameter name specified errors when making updates to request_parameters and/or cache_key_parameters (#40124)
resource/aws_api_gateway_method: Fix BadRequestException: Invalid mapping expression specified and NotFoundException: Invalid parameter name specified errors when making updates to request_parameters (#40124)
resource/aws_autoscaling_group: Handle eventual consistency issues that occur when using a launch_template that is updated causing ValidationError: You must use a valid fully-formed launch template. (#40088)
resource/aws_eip: Properly surface errors during deletion when ipam_pool_id is set (#40082)
resource/aws_elasticache_reserved_cache_node: Fix Provider returned invalid result object after apply errors (#40090)
resource/aws_iam_group_policies_exclusive: Add validation to prevent null values in policy_names (#40076)
resource/aws_iam_group_policy_attachments_exclusive: Add validation to prevent null values in policy_arns (#40076)
resource/aws_iam_instance_profile: Handle eventual consistency issues that occur when this resource is updated and has dependents (#40088)
resource/aws_iam_role_policies_exclusive: Add validation to prevent null values in policy_names (#40076)
resource/aws_iam_role_policy_attachments_exclusive: Add validation to prevent null values in policy_arns (#40076)
resource/aws_iam_user_policies_exclusive: Add validation to prevent null values in policy_names (#40076)
resource/aws_iam_user_policy_attachments_exclusive: Add validation to prevent null values in policy_arns (#40076)
resource/aws_launch_template: Handle eventual consistency issues that occur when this resource is updated and has dependents (#40088)

`v5.75.1`

Compare Source

ENHANCEMENTS:

data-source/aws_cloudwatch_event_bus: Add description attribute (#39980)
resource/aws_api_gateway_account: Add attribute reset_on_delete to properly reset CloudWatch Role ARN on deletion. (#40004)
resource/aws_cloudwatch_event_bus: Add description argument (#39980)

BUG FIXES:

resource/aws_api_gateway_deployment: Rolls back validation of canary_settings and stage_description when stage_name not set. (#40067)
resource/aws_dynamodb_table: Allow table TTL to be disabled by allowing ttl[0].attribute_name to be set when ttl[0].enabled is false (#40046)
resource/aws_sagemaker_domain: Fix issue causing a ValidationException on updates when RStudio is disabled on the domain (#40049)

`v5.75.0`

Compare Source

BREAKING CHANGES:

resource/aws_api_gateway_stage: Add canary_settings.deployment_id attribute as required (#39929)

NOTES:

provider: validation of arguments implementing the custom ARNType will properly surface validation errors (#40008)
resource/aws_api_gateway_stage: deployment_id was added to canary_settings as a required attribute. This breaking change was necessary to make canary_settings functional. Without this change all canary traffic was routed to the main deployment (#39929)

FEATURES:

New Data Source: aws_spot_datafeed_subscription (#39647)

ENHANCEMENTS:

data-source/aws_batch_job_definition: Add init_containers, share_process_namespace, and image_pull_secrets attributes (#40019)
resource/aws_batch_job_definition: Add init_containers and share_process_namespace arguments (#40019)
resource/aws_batch_job_definition: Increase maximum number of containers arguments to 10 (#40019)
resource/aws_eks_addon: Add pod_identity_association argument (#38357)
resource/aws_iam_user_login_profile: Mark the password argument as sensitive (#39991)

BUG FIXES:

resource/aws_api_gateway_deployment: Fix destroy error when canary stage still exists on resource (#39929)
resource/aws_codedeploy_deployment_group: Remove maximum items limit on the alarm_configuration.alarms argument (#39971)
resource/aws_eks_addon: Handle ResourceNotFound exceptions during resource destruction (#38357)
resource/aws_elasticache_reserved_cache_node: Fix Value Conversion Error during resource creation (#39945)
resource/aws_lb_listener: Fix errors when updating the tcp_idle_timeout_seconds argument for gateway load balancers (#40039)
resource/aws_lb_listener: Remove the default tcp_idle_timeout_seconds value, preventing ModifyListenerAttributes API calls when a value is not explicitly configured (#40039)
resource/aws_vpc_ipam_pool: Fix bug when public_ip_source = "amazon": The request can only contain PubliclyAdvertisable if the AddressFamily is IPv6 and PublicIpSource is byoip. (#40042)

`v5.74.0`

Compare Source

FEATURES:

New Data Source: aws_lb_listener_rule (#39865)
New Resource: aws_opensearch_authorize_vpc_endpoint_access (#39846)
New Resource: aws_ssmquicksetup_configuration_manager (#39931)

ENHANCEMENTS:

data-source/aws_imagebuilder_distribution_configuration: Add distribution.s3_export_configuration attribute (#35492)
data-source/aws_imagebuilder_image_recipe: Fix block_device_mapping.0.ebs.0.delete_on_termination: '' expected type 'bool', got unconvertible type 'string' errors (#39928)
resource/aws_codedeploy_deployment_group: Add termination_hook_enabled argument (#35482)
resource/aws_eks_cluster: Add zonal_shift_config argument (#39852)
resource/aws_imagebuilder_distribution_configuration: Add distribution.s3_export_configuration argument (#35492)
resource/aws_imagebuilder_image_pipeline: Allow container_recipe_arn and image_recipe_arn to be updated in-place (#39117)
resource/aws_keyspaces_keyspace: Add replication_specification argument (#36331)
resource/aws_launch_template: Add efa-only as a valid value for network_interfaces.interface_type (#39882)
resource/aws_transfer_server: Add TransferSecurityPolicy-Restricted-2024-06 as a valid value for security_policy_name (#39871)

BUG FIXES:

resource/aws_docdb_cluster: Use master_password on resource Create when snapshot_identifier is configured (#38193)
resource/aws_imagebuilder_container_recipe: Change component.parameter.name, component.parameter.value, target_repository.repository_name, and target_repository.service to ForceNew (#39117)
resource/aws_route53_record: Fix interface conversion: interface {} is nil, not map[string]interface {} panic when geolocation_routing_policy is empty (#39944)
resource/aws_ssm_patch_baseline: Update approval_rule.approve_after_days validation to allow a maximum value of 360 (#39949)
resource/aws_wafv2_web_acl: Fix decoding JSON: unexpected end of JSON input errors when updating from using rule_json to using rule (#39283)
resource/aws_wafv2_web_acl: Fix unmarshal error for incompatible types in rule_json (#39878)

`v5.73.0`

Compare Source

FEATURES:

New Data Source: aws_ssm_patch_baselines (#39779)
New Resource: aws_imagebuilder_lifecycle_policy (#35674)
New Resource: aws_resiliencehub_resiliency_policy (#38913)
New Resource: aws_sagemaker_hub (#39807)
New Resource: aws_sagemaker_mlflow_tracking_server (#39796)

ENHANCEMENTS:

data-source/aws_elasticache_reserved_cache_node_offering: Support valkey as valid value for product_description (#39745)
data-source/aws_lakeformation_data_lake_settings: Add parameters map attribute to read CROSS_ACCOUNT_VERSION (#39826)
data-source/aws_lb: Add enable_zonal_shift attribute (#39585)
resource/aws_apprunner_auto_scaling_configuration_version: Remove the upper limit on min_size and max_size (#39843)
resource/aws_batch_job_definition: Ensure that new revisions are created with tags (#39797)
resource/aws_codedeploy_deployment_config: Add zonal_config argument (#34850)
resource/aws_dynamodb_kinesis_streaming_destination: Add approximate_creation_date_time_precision argument (#38098)
resource/aws_elasticache_cluster: Support valkey as valid value for engine (#39745)
resource/aws_elasticache_global_replication_group: Support Valkey versions for engine_version (#39745)
resource/aws_elasticache_replication_group: Support Valkey versions for engine_version (#39745)
resource/aws_elasticache_replication_group: Support valkey as valid value for engine (#39745)
resource/aws_elasticache_serverless_cache: Support valkey as valid value for engine (#39745)
resource/aws_kinesis_firehose_delivery_stream: Add iceberg_configuration argument (#39844)
resource/aws_lakeformation_data_lake_settings: Add parameters map argument enabling CROSS_ACCOUNT_VERSION to be set (#39826)
resource/aws_lb: Add enable_zonal_shift argument (#39585)
resource/aws_lb_listener: Add tcp_idle_timeout_seconds argument (#39585)
resource/aws_route53profiles_association: Add regex and string length validation for name argument (#39798)
resource/aws_s3_bucket_object: Remove the call to kms:DescribeKey for the S3 default AWS managed key (alias/aws/s3) on Read (#39782)
resource/aws_s3_object: Remove the call to kms:DescribeKey for the S3 default AWS managed key (alias/aws/s3) on Read (#39782)
resource/aws_s3_object_copy: Remove the call to kms:DescribeKey for the S3 default AWS managed key (alias/aws/s3) on Read (#39782)
resource/aws_sagemaker_domain: Add default_user_settings.jupyter_lab_app_settings.app_lifecycle_management, default_user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn, default_user_settings.jupyter_lab_app_settings.emr_settings, default_space_settings.jupyter_lab_app_settings.app_lifecycle_management, default_space_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn, default_space_settings.jupyter_lab_app_settings.emr_settings, default_user_settings.auto_mount_home_efs, default_user_settings.canvas_app_settings.emr_serverless_settings, default_user_settings.studio_web_portal_settings.hidden_instance_types, default_user_settings.code_editor_app_settings.app_lifecycle_management, default_user_settings.code_editor_app_settings.built_in_lifecycle_config_arn, and tag_propagation arguments (#39774)
resource/aws_sagemaker_domain: Allow app_network_access_type and app_security_group_management to be updated in-place (#39774)
resource/aws_sagemaker_feature_group: Add feature_definition.collection_config, feature_definition.collection_type, and throughput_config arguments (#39805)
resource/aws_sagemaker_space: Add space_settings.code_editor_app_settings.app_lifecycle_management and space_settings.jupyter_lab_app_settings.app_lifecycle_management arguments (#39800)
resource/aws_sagemaker_user_profile: Add user_settings.auto_mount_home_efs, user_settings.canvas_app_settings.emr_serverless_settings, user_settings.code_editor_app_settings.app_lifecycle_management, user_settings.code_editor_app_settings.built_in_lifecycle_config_arn, user_settings.jupyter_lab_app_settings.app_lifecycle_management, user_settings.jupyter_lab_app_settings.built_in_lifecycle_config_arn, user_settings.jupyter_lab_app_settings.emr_settings and user_settings.studio_web_portal_settings.hidden_instance_types arguments (#39774)

BUG FIXES:

data-source/aws_workspaces_bundle: Return the first matching bundle when searching by name. This fixes a regression introduced in v5.72.0 causing multiple WorkSpaces Bundles matched; use additional constraints to reduce matches to a single WorkSpaces Bundle errors (#39777)
resource/aws_dynamodb_table: Fix validation error when optional attribute in on_demand_throughput is excluded (#39784)
resource/aws_ecr_repository_policy: Fix persistent validation errors when malformed policy content is written to state (#39842)
resource/aws_elasticache_serverless_cache: Fix InvalidParameterValue: This API supports only cross-engine upgrades to Valkey engine currently errors on Update (#39745)
resource/aws_iam_policy: Fix persistent validation errors when malformed policy content is written to state (#39842)
resource/aws_iam_role_policy: Fix persistent validation errors when malformed policy content is written to state (#39842)
resource/aws_kms_key: Fix persistent validation errors when malformed policy content is written to state (#39842)
resource/aws_quicksight_data_set: Fix InvalidParameterValueException: Invalid RowLevelPermissionDataSet. Namespace parameter should not be specified for Version 2 errors on Create and Update (#39778)
resource/aws_route53_record: Allow creation of records with ttl=0 (#39728)
resource/aws_s3_bucket_policy: Fix persistent validation errors when malformed policy content is written to state (#39842)
resource/aws_secretsmanager_secret: Fix persistent validation errors when malformed policy content is written to state (#39842)
resource/aws_security_group_rule: Remove from state when rule not found. This fixes a regression introduced in v5.60.0 (#39834)

`v5.72.1`

Compare Source

FEATURES:

New Resource: aws_iam_group_policy_attachments_exclusive (#39732)
New Resource: aws_iam_user_policy_attachments_exclusive (#39731)

ENHANCEMENTS:

resource/aws_resourceexplorer2_view: Add scope argument (#39744)

BUG FIXES:

data-source/aws_batch_job_definition: Properly handles ignored tags. (#39734)
data-source/aws_cognito_user_pool: Properly handles ignored tags. (#39734)
resource/aws_cognito_user_pool: Properly handles ignored tags. (#39734)
resource/aws_dynamodb_table: Fix crash when billing_mode is set to PAY_PER_REQUEST without global_secondary_index updates (#39752)
resource/aws_dynamodb_table_replica: Properly handles default and ignored tags. (#39734)
resource/aws_resourceexplorer2_index: Correctly mark incomplete AGGREGATOR indexes as tainted on Create (#39744)

`v5.72.0`

Compare Source

NOTES:

This version contains all the features, enhancements, and bug fixes from the v5.71.0 release which was removed from the Terraform Registry (#39692)
resource/aws_iam_role: The managed_policy_arns argument is deprecated. Use the aws_iam_role_policy_attachments_exclusive resource instead. (#39718)

FEATURES:

New Resource: aws_iam_role_policy_attachments_exclusive (#39718)

ENHANCEMENTS:

data-source/aws_workspaces_directory: Add saml_properties attribute (#39060)
resource/aws_appflow_flow: Add source_flow_config.source_connector_properties.sapo_data.pagination_config and source_flow_config.source_connector_properties.sapo_data.parallelism_config attributes (#38932)
resource/aws_cloudwatch_event_rule: Add tags to AWS API request on Update to support ABAC aws:RequestTag conditions (#39648)
resource/aws_cloudwatch_event_target: Add appsync_target configuration block (#37773)
resource/aws_dynamodb_table: Add on_demand_throughput and global_secondary_index.on_demand_throughput arguments (#37799)
resource/aws_rds_cluster: Increase maximum value of serverlessv2_scaling_configuration.max_capacity and serverlessv2_scaling_configuration.min_capacity from 128 to 256 (#39697)
resource/aws_rds_cluster_instance: Treat storage-optimization status as success when creating or updating cluster DB instances (#39691)
resource/aws_workspaces_directory: Add saml_properties configuration block (#39060)

BUG FIXES:

data-source/aws_ssm_document: Correct arn for automation documents (#39705)
resource/aws_cognito_user_pool: Fixes error when schema has empty string_attribute_constraints or number_attribute_constraints (#20386)
resource/aws_ssm_document: Correct arn for automation documents (#39705)