chore(deps): update terraform aws to v5.18.1

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
aws (source)	required_provider	minor	5.4.0 -> 5.18.1

---

Release Notes

hashicorp/terraform-provider-aws (aws)

v5.18.1

Compare Source

NOTES:

• documentation: Duplicate CDKTF guides with differing file extensions have been removed to resolve failures in the provider release workflow. (#​33630)

v5.18.0

Compare Source

FEATURES:

• New Data Source: aws_fsx_ontap_file_system (#​32503)
• New Data Source: aws_fsx_ontap_storage_virtual_machine (#​32621)
• New Data Source: aws_fsx_ontap_storage_virtual_machines (#​32624)
• New Data Source: aws_organizations_organizational_unit (#​33408)
• New Resource: aws_opensearch_package (#​33227)
• New Resource: aws_opensearch_package_association (#​33227)

ENHANCEMENTS:

• resource/aws_fsx_ontap_storage_virtual_machine: Remove ForceNew from active_directory_configuration.self_managed_active_directory_configuration.domain_name, active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group and active_directory_configuration.self_managed_active_directory_configuration.organizational_unit_distinguished_name allowing an SVM to join AD after creation (#​33466)

BUG FIXES:

• data-source/aws_sesv2_email_identity: Mark dkim_signing_attributes.domain_signing_private_key as sensitive (#​33477)
• resource/aws_db_instance: Fix so that storage_throughput can be changed when iops and allocated_storage are not changed (#​33529)
• resource/aws_db_option_group: Avoid erroneous differences being reported when an option port and/or version is not set (#​33511)
• resource/aws_fsx_ontap_storage_virtual_machine: Avoid recreating resource when active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group is configured (#​33466)
• resource/aws_fsx_ontap_storage_virtual_machine: Change file_system_id to ForceNew (#​32621)
• resource/aws_s3_bucket_accelerate_configuration: Retry resource Delete on OperationAborted: A conflicting conditional operation is currently in progress against this resource errors (#​33531)
• resource/aws_s3_bucket_policy: Retry resource Delete on OperationAborted: A conflicting conditional operation is currently in progress against this resource errors (#​33531)
• resource/aws_s3_bucket_versioning: Retry resource Delete on OperationAborted: A conflicting conditional operation is currently in progress against this resource errors (#​33531)
• resource/aws_sesv2_email_identity: Mark dkim_signing_attributes.domain_signing_private_key as sensitive (#​33477)

v5.17.0

Compare Source

NOTES:

• data-source/aws_s3_object: Migration to AWS SDK for Go v2 means that the edge case of specifying a single / as the value for key is no longer supported (#​33358)

FEATURES:

• New Resource: aws_shield_application_layer_automatic_response (#​33432)
• New Resource: aws_verifiedaccess_instance (#​33459)

ENHANCEMENTS:

• data-source/aws_s3_object: Add checksum_mode argument and checksum_crc32, checksum_crc32c, checksum_sha1 and checksum_sha256 attributes (#​33358)
• data-source/aws_s3control_multi_region_access_point: Add details.region.bucket_account_id attribute (#​33416)
• resource/aws_s3_object: Add checksum_algorithm argument and checksum_crc32, checksum_crc32c, checksum_sha1 and checksum_sha256 attributes (#​33358)
• resource/aws_s3_object_copy: Add checksum_algorithm argument and checksum_crc32, checksum_crc32c, checksum_sha1 and checksum_sha256 attributes (#​33358)
• resource/aws_s3control_multi_region_access_point: Add details.region.bucket_account_id argument to support cross-account Multi-Region Access Points (#​33416)
• resource/aws_s3control_multi_region_access_point: Add details.region.region attribute (#​33416)
• resource/aws_schemas_schema: Add JSONSchemaDraft4 schema type support (#​35971)
• resource/aws_transfer_connector: Add sftp_config argument and make as2_config optional (#​32741)
• resource/aws_wafv2_web_acl: Retry resource Update on WAFOptimisticLockException errors (#​33432)

BUG FIXES:

• resource/aws_dms_replication_task: Fix error when replication_task_settings is nil (#​33456)
• resource/aws_elasticache_cluster: Fix regression for redis engine types caused by the new transit_encryption_enabled argument (#​33451)
• resource/aws_neptune_cluster: Fix ignored kms_key_arn on restore from DB cluster snapshot (#​33413)
• resource/aws_servicecatalog_product: Allow import on provisioning_artifact_parameters attribute (#​33448)
• resource/aws_subnet: Fix destroy error when there is a lingering ENI for DMS (#​33375)

v5.16.2

Compare Source

FEATURES:

• New Data Source: aws_cognito_identity_pool (#​33053)
• New Resource: aws_verifiedaccess_trust_provider (#​33195)

ENHANCEMENTS:

• resource/aws_autoscaling_group: Change the default values of instance_refresh.preferences.scale_in_protected_instances and instance_refresh.preferences.standby_instances from Wait to the Amazon EC2 Auto Scaling console recommended value of Ignore (#​33382)
• resource/aws_s3control_object_lambda_access_point: Add alias attribute (#​33388)

BUG FIXES:

• resource/aws_autoscaling_group: Fix ValidationError errors when starting Auto Scaling group instance refresh (#​33382)
• resource/aws_iot_topic_rule: Fix InvalidParameter errors on Update with Kafka destinations (#​33360)
• resource/aws_lightsail_certificate: Fix validation of name (#​33405)
• resource/aws_lightsail_database: Fix validation of name (#​33405)
• resource/aws_lightsail_disk: Fix validation of name (#​33405)
• resource/aws_lightsail_instance: Fix validation of name (#​33405)
• resource/aws_lightsail_lb: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_attachment: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_certificate: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_certificate_attachment: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_https_redirection_policy: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_stickiness_policy: Fix validation of lb_name (#​33405)

v5.16.1

Compare Source

BUG FIXES:

• data-source/aws_efs_file_system: Fix Search returned 0 results errors when there are more than 101 file systems in the configured Region (#​33336)
• resource/aws_db_instance_automated_backups_replication: Fix unexpected state errors on resource Create (#​33369)
• resource/aws_glue_catalog_table: Fix removal of metadata_location and table_type parameters when updating Iceberg tables (#​33374)
• resource/aws_service_discovery_instance: Fix validation error "expected to match regular expression" (#​33371)

v5.16.0

Compare Source

NOTES:

• provider: Performance regression introduced in v5.14.0 should be largely mitigated (#​33317)

FEATURES:

• New Resource: aws_shield_drt_access_log_bucket_association (#​33328)
• New Resource: aws_shield_drt_access_role_arn_association (#​33328)

ENHANCEMENTS:

• data-source/aws_api_gateway_api_key: Add customer_id attribute (#​33281)
• data-source/aws_fsx_windows_file_system: Add disk_iops_configuration attribute (#​33303)
• data-source/aws_opensearch_domain: Add software_update_options attribute (#​32234)
• data-source/aws_s3_objects: Add request_payer argument and request_charged attribute (#​33304)
• data-source/aws_s3_objects: Add plan-time validation of encoding_type (#​33304)
• resource/aws_api_gateway_account: Add api_key_version and features attributes (#​33279)
• resource/aws_api_gateway_api_key: Add customer_id argument (#​33281)
• resource/aws_api_gateway_api_key: Allow updating name (#​33281)
• resource/aws_autoscaling_group: Add scale_in_protected_instances and standby_instances attributes to instance_refresh.preferences configuration block (#​33310)
• resource/aws_dms_endpoint: Add redshift-serverless as valid value for engine_name (#​33316)
• resource/aws_elasticache_cluster: Add transit_encryption_enabled argument, enabling in-transit encryption for Memcached clusters inside a VPC (#​26987)
• resource/aws_fsx_windows_file_system: Add disk_iops_configuration configuration block (#​33303)
• resource/aws_glue_catalog_table: Add open_table_format_input configuration block to support open table formats such as Apache Iceberg (#​33274)
• resource/aws_medialive_channel: Implement expand/flatten functions for automatic_input_failover_settings in input_attachments (#​33129)
• resource/aws_opensearch_domain: Add software_update_options attribute (#​32234)
• resource/aws_ssm_association: Add sync_compliance attribute (#​23515)

BUG FIXES:

• data-source/aws_identitystore_group: Restore filter argument to prevent UnknownOperationException errors in certain Regions (#​33311)
• data-source/aws_identitystore_user: Restore filter argument to prevent UnknownOperationException errors in certain Regions (#​33311)
• data-source/aws_s3_objects: Respect configured max_keys value if it's greater than 1000 (#​33304)
• resource/aws_api_gateway_account: Allow setting cloudwatch_role_arn to an empty value and set it correctly on Read, allowing its value to be determined on import (#​33279)
• resource/aws_fsx_ontap_file_system: Increase maximum value of disk_iops_configuration.iops to 160000 (#​33263)
• resource/aws_servicecatalog_principal_portfolio_association: Fix ResourceNotFoundException errors on resource Delete when configured principal_type is IAM_PATTERN (#​32243)

v5.15.0

Compare Source

ENHANCEMENTS:

• data-source/aws_efs_file_system: Add name attribute (#​33243)
• data-source/aws_lakeformation_data_lake_settings: Add read_only_admins attribute (#​33189)
• data-source/aws_opensearch_domain: Add cluster_config.multi_az_with_standby_enabled attribute (#​33031)
• resource/aws_cloudformation_stack_set: Support resource import with call_as = "DELEGATED_ADMIN" via StackSetName,CallAs syntax for import block or terraform import command (#​19092)
• resource/aws_cloudformation_stack_set_instance: Support resource import with call_as = "DELEGATED_ADMIN" via StackSetName,AccountID,Region,CallAs syntax for import block or terraform import command (#​19092)
• resource/aws_datasync_location_fsx_openzfs_file_system: Fix setting protocol: Invalid address to set errors (#​33225)
• resource/aws_efs_file_system: Add name attribute (#​33243)
• resource/aws_fsx_openzfs_file_system: Add endpoint_ip_address_range, preferred_subnet_id and route_table_ids arguments to support the Multi-AZ deployment type (#​33245)
• resource/aws_lakeformation_data_lake_settings: Add read_only_admins argument (#​33189)
• resource/aws_opensearch_domain: Add cluster_config.multi_az_with_standby_enabled argument (#​33031)
• resource/aws_wafv2_rule_group: Add name_prefix argument (#​33206)
• resource/aws_wafv2_web_acl: Add statement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_atp_rule_set.enable_regex_in_path argument (#​33217)

BUG FIXES:

• provider: Correctly use old and new tag values when updating tags that are computed (#​33226)
• resource/aws_appflow_connector_profile: Fix validation on oauth2 in custom_connector_profile (#​33192)
• resource/aws_cloudformation_stack_set: Fix Can only set RetainStacksOnAccountRemoval if AutoDeployment is enabled errors (#​19092)
• resource/aws_cloudwatch_event_bus_policy: Fix error during plan when the associated aws_cloudwatch_event_bus resource is manually deleted (#​33203)
• resource/aws_codeartifact_domain: Change the type of asset_size_bytes to TypeString instead of TypeInt to prevent value out of range panic (#​33220)
• resource/aws_efs_file_system_policy: Retry IAM eventual consistency errors (#​21734)
• resource/aws_fsx_openzfs_file_system: Wait for administrative action completion when updating root volume (#​33245)
• resource/aws_iot_thing_type: Fix error during plan when resource is manually deleted (#​33203)
• resource/aws_kms_key: Fix tag propagation: timeout while waiting for state to become 'TRUE' errors when any tag value is empty ("") (#​33226)
• resource/aws_wafv2_web_acl: Prevent deletion of the AWS-managed ShieldMitigationRuleGroup rule on resource Update (#​33216)

v5.14.0

Compare Source

NOTES:

• data-source/aws_iam_policy_document: In some cases, statement.*.condition blocks with the same test and variable arguments were incorrectly handled by the provider. Since this results in unexpected IAM Policies being submitted to AWS, we have updated the logic to merge values lists in this case. This may cause existing IAM Policy documents to report a difference. However, those policies are likely not what was originally intended. (#​33093)

FEATURES:

• New Resource: aws_datasync_location_azure_blob (#​32632)
• New Resource: aws_datasync_location_fsx_ontap_file_system (#​32632)

ENHANCEMENTS:

• data-source/aws_dms_endpoint: Fix crash when specified endpoint not found (#​33158)
• data-source/aws_dms_replication_instance: Add network_type attribute (#​33158)
• data-source/aws_ec2_network_insights_path: Add destination_arn and source_arn attributes (#​33168)
• resource/aws_dms_replication_instance: Add network_type argument (#​33158)
• resource/aws_ec2_network_insights_path: Add destination_arn and source_arn attributes (#​33168)
• resource/aws_finspace_kx_environment: Add transit_gateway_configuration.*.attachment_network_acl_configuration argument. (#​33123)
• resource/aws_medialive_channel: Updates schemas for selector_settings for audio_selector and selector_settings for caption_selector (#​32714)
• resource/aws_ssoadmin_account_assignment: Add configurable timeouts (#​33121)
• resource/aws_ssoadmin_customer_managed_policy_attachment: Add configurable timeouts (#​33121)
• resource/aws_ssoadmin_managed_policy_attachment: Add configurable timeouts (#​33121)
• resource/aws_ssoadmin_permission_set: Add configurable timeouts (#​33121)
• resource/aws_ssoadmin_permission_set_inline_policy: Add configurable timeouts (#​33121)
• resource/aws_ssoadmin_permissions_boundary_attachment: Add configurable timeouts (#​33121)

BUG FIXES:

• data-source/aws_iam_policy_document: Fix inconsistent handling of condition blocks with duplicated test and variable arguments (#​33093)
• resource/aws_ec2_host: Fixed a bug that caused resource recreation when specifying an outpost_arn without an asset_id (#​33142)
• resource/aws_ec2_network_insights_analysis: Fix setting forward_path_components: Invalid address to set errors (#​33168)
• resource/aws_ec2_network_insights_path: Avoid recreating resource when passing an ARN as source or destination (#​33168)
• resource/aws_ec2_network_insights_path: Retry AnalysisExistsForNetworkInsightsPath errors on resource Delete (#​33168)
• resource/aws_kms_key: Fix tag propagation: timeout while waiting for state to become 'TRUE' errors when ignore_tags has been configured (#​33167)
• resource/aws_licensemanager_license_configuration: Surface InvalidParameterValueException errors during resource Delete (#​32845)
• resource/aws_msk_cluster_policy: Fix Current cluster policy version needed for Update errors (#​33118)
• resource/aws_quicksight_analysis: Change definition.*.parameter_declarations to a set type, preventing persistent differences (#​33120)
• resource/aws_quicksight_analysis: Fixed a bug that caused errors related to the word_orientation argument when using word cloud visuals. (#​33122)
• resource/aws_quicksight_analysis: Skip setting definition.*.parameter_declarations.*.*_parameter_declaration.static_values when empty, preventing persistent differences. (#​33161)
• resource/aws_quicksight_dashboard: Change definition.*.parameter_declarations to a set type, preventing persistent differences (#​33120)
• resource/aws_quicksight_dashboard: Fixed a bug that caused errors related to the word_orientation argument when using word cloud visuals. (#​33122)
• resource/aws_quicksight_dashboard: Skip setting definition.*.parameter_declarations.*.*_parameter_declaration.static_values when empty, preventing persistent differences. (#​33161)
• resource/aws_quicksight_template: Change definition.*.parameter_declarations to a set type, preventing persistent differences (#​33120)
• resource/aws_quicksight_template: Fixed a bug that caused errors related to the word_orientation argument when using word cloud visuals. (#​33122)
• resource/aws_quicksight_template: Skip setting definition.*.parameter_declarations.*.*_parameter_declaration.static_values when empty, preventing persistent differences. (#​33161)
• resource/aws_route53_zone: Skip disabling DNS SEC in unsupported partitions (#​33103)
• resource/aws_s3_object: Mark acl as Computed. This suppresses the diffs shown when migrating resources with no configured acl attribute value from v4.67.0 (or earlier) (#​33138)
• resource/aws_s3_object_copy: Mark acl as Computed. This suppresses the diffs shown when migrating resources with no configured acl attribute value from v4.67.0 (or earlier) (#​33138)
• resource/aws_securityhub_account: Remove default value (SECURITY_CONTROL) for control_finding_generator argument and mark as Computed (#​33095)

v5.13.1

Compare Source

BUG FIXES:

• resource/aws_lambda_layer_version: Change source_code_hash back to ForceNew. This fixes doesn't support update errors (#​33097)
• resource/aws_organizations_organization: Fix current Organization ID (o-xxxxxxxxxx) does not match errors on resource Read (#​33091)

v5.13.0

Compare Source

FEATURES:

• New Resource: aws_msk_cluster_policy (#​32848)
• New Resource: aws_opensearch_vpc_endpoint (#​32435)
• New Resource: aws_ram_sharing_with_organization (#​25433)

ENHANCEMENTS:

• data-source/aws_imagebuilder_image_pipeline: Add image_scanning_configuration attribute (#​33005)
• data-source/aws_ram_resource_share: Add resource_arns attribute (#​22591)
• provider: Adds the s3_us_east_1_regional_endpoint attribute to support using the regional S3 API endpoint in us-east-1. (#​33024)
• resource/aws_appstream_fleet: Retry ConcurrentModificationException errors during creation (#​32958)
• resource/aws_dms_endpoint: Add babelfish as an engine_name option (#​32975)
• resource/aws_imagebuilder_image_pipeline: Add image_scanning_configuration configuration block (#​33005)
• resource/aws_lb: Changes to security_groups for Network Load Balancers force a new resource if either the old or new set of security group IDs is empty (#​32987)
• resource/aws_rds_global_cluster: Add plan-time validation of global_cluster_identifier (#​30996)

BUG FIXES:

• data-source/aws_ecr_repository: Correctly set most_recent_image_tags when only a single image is found (#​31757)
• resource/aws_budgets_budget_action: No longer times out when creating a non-triggered action (#​33015)
• resource/aws_cloudformation_stack: Marks outputs as Computed when there are potential changes. (#​33059)
• resource/aws_cloudwatch_event_rule: Fix ARN-based partner event bus rule ID parsing error (#​30293)
• resource/aws_ecr_registry_scanning_configuration: Correctly delete rules on resource Update (#​31449)
• resource/aws_lambda_layer_version: Fix bug causing new version to be created on every apply when source_code_hash is used but not changed (#​32535)
• resource/aws_lb_listener_certificate: Remove from state when listener not found (#​32412)
• resource/aws_organizations_organization: Ensure that the Organization ID specified in terraform import is the current Organization (#​31796)
• resource/aws_quicksight_analysis: Adjust max length of definition.*.calculated_fields.*.expression to 32000 characters (#​33012)
• resource/aws_quicksight_analysis: Convert definition.*.calculated_fields to a set type, preventing persistent differences (#​33040)
• resource/aws_quicksight_analysis: Convert permissions argument to TypeSet, preventing persistent differences (#​33023)
• resource/aws_quicksight_analysis: Enable font_configuration to be set for table header styles (#​33018)
• resource/aws_quicksight_analysis: Enable font_configuration to be set for table header styles (#​33018)
• resource/aws_quicksight_analysis: Enable font_configuration to be set for table header styles (#​33018)
• resource/aws_quicksight_analysis: Raise limit for maximum allowed visuals blocks per sheet to 50 (#​32856)
• resource/aws_quicksight_dashboard: Adjust max length of definition.*.calculated_fields.*.expression to 32000 characters (#​33012)
• resource/aws_quicksight_dashboard: Convert definition.*.calculated_fields to a set type, preventing persistent differences (#​33040)
• resource/aws_quicksight_dashboard: Convert permissions argument to TypeSet, preventing persistent differences (#​33023)
• resource/aws_quicksight_data_set: Change permission attribute type from TypeList to TypeSet (#​32984)
• resource/aws_quicksight_template: Adjust max items of definition.*.calculated_fields to 500 (#​33012)
• resource/aws_quicksight_template: Adjust max length of definition.*.calculated_fields.*.expression to 32000 characters (#​33012)
• resource/aws_quicksight_template: Convert definition.*.calculated_fields to a set type, preventing persistent differences (#​33040)
• resource/aws_quicksight_template: Convert permissions argument to TypeSet, preventing persistent differences (#​33023)
• resource/aws_s3_bucket_logging: Fix perpetual drift when expected_bucket_owner is configured (#​32989)
• resource/aws_sagemaker_domain: Fix validation on s3_kms_key_id in sharing_settings and kms_key_id (#​32661)
• resource/aws_subnet: Fix allowing IPv6 to be enabled in an update after initial creation with IPv4 only (#​32896)
• resource/aws_wafv2_web_acl: Adds rule_group_reference_statement.rule_action_override.action_to_use.challenge argument (#​31127)

v5.12.0

Compare Source

NOTES:

• data-source/aws_codecatalyst_dev_environment: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#​32886)
• resource/aws_codecatalyst_dev_environment: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#​32366)
• resource/aws_codecatalyst_project: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#​32883)
• resource/aws_codecatalyst_source_repository: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#​32899)

FEATURES:

• New Data Source: aws_codecatalyst_dev_environment (#​32886)
• New Data Source: aws_ec2_transit_gateway_route_table_routes (#​30771)
• New Data Source: aws_msk_vpc_connection (#​31062)
• New Resource: aws_cloudfront_continuous_deployment_policy (#​32936)
• New Resource: aws_codecatalyst_dev_environment (#​32366)
• New Resource: aws_codecatalyst_project (#​32883)
• New Resource: aws_codecatalyst_source_repository (#​32899)
• New Resource: aws_msk_vpc_connection (#​31062)

ENHANCEMENTS:

• data-source/aws_instance: Add metadata_options.http_protocol_ipv6 attribute (#​32759)
• data-source/aws_rds_cluster: Add db_system_id attribute (#​32846)
• provider: Support il-central-1 as a valid AWS Region (#​32878)
• resource/aws_autoscaling_group: Add ignore_failed_scaling_activities argument (#​32914)
• resource/aws_cloudfront_distribution: Add continuous_deployment_policy_id and staging arguments to support continuous deployments (#​32936)
• resource/aws_cloudwatch_composite_alarm: Add actions_suppressor configuration block (#​32751)
• resource/aws_cloudwatch_events_target: Add sagemaker_pipeline_target argument (#​32882)
• resource/aws_fms_admin_account: Add configurable timeouts (#​32860)
• resource/aws_glue_crawler: Add hudi_target argument (#​32898)
• resource/aws_instance: Add http_protocol_ipv6 attribute to metadata_options configuration block (#​32759)
• resource/aws_lambda_event_source_mapping: Increased the maximum number of filters to 10 (#​32890)
• resource/aws_msk_broker: Add bootstrap_brokers_vpc_connectivity_sasl_iam, bootstrap_brokers_vpc_connectivity_sasl_scram and bootstrap_brokers_vpc_connectivity_tls attributes (#​31062)
• resource/aws_msk_broker: Add vpc_connectivity attribute to the broker_node_group_info.connectivity_info configuration block (#​31062)
• resource/aws_rds_cluster: Add db_system_id argument to support RDS Custom engine types (#​32846)
• resource/aws_rds_cluster_instance: Add custom_iam_instance_profile argument to allow RDS Custom users to specify an IAM Instance Profile for the RDS Cluster Instance (#​32846)
• resource/aws_rds_cluster_instance: Update engine plan-time validation to allow for RDS Custom engine types (#​32846)

BUG FIXES:

• data-source/aws_vpclattice_service: Avoid listing tags when the service has been shared to the current account via AWS Resource Access Manager (RAM) (#​32939)
• data-source/aws_vpclattice_service_network: Avoid listing tags when the service network has been shared to the current account via AWS Resource Access Manager (RAM) (#​32939)
• resource/aws_appstream_fleet: Increased upper limit of max_user_duration_in_seconds to 432000 (#​32933)
• resource/aws_cloudfront_distribution: Don't call UpdateDistribution API if only tags are updated (#​32865)
• resource/aws_db_instance: Fix crash creating resource with empty restore_to_point_in_time configuration block (#​32928)
• resource/aws_emr_cluster: Fix to allow empty args for bootstrap_action (#​32956)
• resource/aws_emr_instance_fleet: Fix fleet deletion failing for terminated clusters (#​32866)
• resource/aws_fms_policy: Prevent erroneous diffs on security_service_policy_data.managed_service_data (#​32860)
• resource/aws_instance: Fix InvalidParameterCombination: Network interfaces and an instance-level security groups may not be specified on the same request errors creating Instances with subnet_id configured and launch_template referencing an aws_launch_template with configured vpc_security_group_ids (#​32854)
• resource/aws_lb: Fix to avoid creating a load balancer with same name as an existing load balancer (#​32941)

v5.11.0

Compare Source

FEATURES:

• New Resource: aws_sagemaker_pipeline (#​32527)

ENHANCEMENTS:

• data-source/aws_cloudtrail_service_account: Add service account ID for il-central-1 AWS Region (#​32840)
• data-source/aws_db_cluster_snapshot: Add tags argument (#​31602)
• data-source/aws_db_instance: Add ability to filter by tags (#​32740)
• data-source/aws_db_instances: Add ability to filter by tags (#​32740)
• data-source/aws_db_snapshot: Add tags argument (#​31600)
• data-source/aws_elb_hosted_zone_id: Add hosted zone ID for il-central-1 AWS Region (#​32840)
• data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for il-central-1 AWS Region (#​32840)
• data-source/aws_s3_bucket: Add hosted zone ID for il-central-1 AWS Region (#​32840)
• data-source/aws_vpclattice_service: Add ability to find by name (#​32177)
• resource/aws_finspace_kx_cluster: Adjusted savedown_storage_configuration.size minimum value to 10 GB. (#​32800)
• resource/aws_lambda_function: Add support for python3.11 runtime value (#​32729)
• resource/aws_lambda_layer_version: Add support for python3.11 compatible_runtimes value (#​32729)
• resource/aws_networkfirewall_rule_group: Add support for REJECT action in stateful rule actions (#​32746)
• resource/aws_route_table: Allow an existing local route to be adopted or imported and the target to be updated (#​32794)
• resource/aws_sagemaker_endpoint: Add deployment_config.rolling_update_policy argument (#​32418)
• resource/aws_sagemaker_endpoint: Make deployment_config.blue_green_update_policy optional (#​32418)

BUG FIXES:

• data-source/aws_ecs_task_execution: Fixed bug that incorrectly mapped the value of container_overrides.memory to container_overrides.memory_reservation (#​32793)
• resource/aws_db_instance_automated_backups_replication: Fix unexpected state 'Pending' errors on resource Create (#​31600)
• resource/aws_ec2_transit_gateway_vpc_attachment: Change transit_gateway_default_route_table_association and transit_gateway_default_route_table_propagation to Computed (#​32821)
• resource/aws_emr_studio_session_mapping: Fix InvalidRequestException: IdentityId is invalid errors reading resources created with identity_name (#​32416)
• resource/aws_quicksight_analysis: Fix an error related to setting the value for definition.sheets.visuals.insight_visual.insight_configuration.computation (#​32791)
• resource/aws_quicksight_analysis: Fixed a bug that incorrectly determined the valid select_all_options values for custom_filter_configuration, custom_filter_list_configuration, filter_list_configuration, numeric_equality_filter, and numeric_range_filter (#​32822)
• resource/aws_quicksight_dashboard: Fix an error related to setting the value for definition.sheets.visuals.insight_visual.insight_configuration.computation (#​32791)
• resource/aws_quicksight_template: Fix an error related to setting the value for definition.sheets.visuals.insight_visual.insight_configuration.computation (#​32791)
• resource/aws_quicksight_template: Fixed a bug that incorrectly determined the valid select_all_options values for custom_filter_configuration, custom_filter_list_configuration, filter_list_configuration, numeric_equality_filter, and numeric_range_filter (#​32822)
• resource/aws_sfn_state_machine: Fix Provider produced inconsistent final plan errors for publish (#​32844)

v5.10.0

Compare Source

FEATURES:

• New Resource: aws_iam_security_token_service_preferences (#​32091)

ENHANCEMENTS:

• data-source/aws_nat_gateway: Add secondary_allocation_ids, secondary_private_ip_addresses and secondary_private_ip_address_count attributes (#​31778)
• data-source/aws_transfer_server: Add structured_log_destinations attribute (#​32654)
• resource/aws_batch_compute_environment: compute_resources.allocation_strategy, compute_resources.bid_percentage, compute_resources.ec2_configuration.image_id_override, compute_resources.ec2_configuration.image_type, compute_resources.ec2_key_pair, compute_resources.image_id, compute_resources.instance_role, compute_resources.launch_template.launch_template_id
  , compute_resources.launch_template.launch_template_name, compute_resources.tags and compute_resources.type can now be updated in-place (#​30438)
• resource/aws_glue_job: Add command.runtime attribute (#​32528)
• resource/aws_grafana_workspace: Allow grafana_version to be updated in-place (#​32679)
• resource/aws_kms_grant: Allow usage of service principal as grantee and revoker (#​32595)
• resource/aws_medialive_channel: Adds schemas for caption_descriptions, global_configuration, motion_graphics_configuration, and nielsen_configuration support to encoder settings (#​32233)
• resource/aws_nat_gateway: Add secondary_allocation_ids, secondary_private_ip_addresses and secondary_private_ip_address_count arguments (#​31778)
• resource/aws_nat_gateway: Add configurable timeouts (#​31778)
• resource/aws_networkfirewall_firewall_policy: Add firewall_policy.policy_variables configuration block to support Suricata HOME_NET variable override (#​32400)
• resource/aws_sagemaker_domain: Add default_user_settings.canvas_app_settings.workspace_settings attribute (#​32526)
• resource/aws_sagemaker_user_profile: Add user_settings.canvas_app_settings.workspace_settings attribute (#​32526)
• resource/aws_transfer_server: Add structured_log_destinations argument (#​32654)

BUG FIXES:

• resource/aws_account_primary_contact: Correct plan-time validation of phone_number (#​32715)
• resource/aws_apigatewayv2_authorizer: Skip setting authorizer TTL when there are no identity sources (#​32629)
• resource/aws_elasticache_parameter_group: Remove from state on resource Read if deleted outside of Terraform (#​32669)
• resource/aws_elasticsearch_domain: Omit ebs_options.throughput and ebs_options.iops for unsupported volume types (#​32659)
• resource/aws_finspace_kx_cluster: database.cache_configurations.db_paths argument is now optional (#​32579)
• resource/aws_finspace_kx_cluster: database.cache_configurations argument is now optional (#​32579)
• resource/aws_lambda_invocation: Fix plan failing with deferred input values (#​32706)
• resource/aws_lightsail_domain_entry: Add support for AAAA type value (#​32664)
• resource/aws_opensearch_domain: Correctly handle off_peak_window_options.off_peak_window.window_start_time value of 00:00 (#​32716)
• resource/aws_quicksight_analysis: Fix exception thrown when setting the value for definition.sheets.visuals.pie_chart_visual.chart_configuration.data_labels.measure_label_visibility (#​32668)
• resource/aws_quicksight_analysis: Grid layout optimized_view_port_width argument changed to Optional (#​32644)
• resource/aws_quicksight_dashboard: Fix exception thrown when setting the value for definition.sheets.visuals.pie_chart_visual.chart_configuration.data_labels.measure_label_visibility (#​32668)
• resource/aws_quicksight_dashboard: Grid layout optimized_view_port_width argument changed to Optional (#​32644)
• resource/aws_quicksight_template: Fix exception thrown when setting the value for definition.sheets.visuals.pie_chart_visual.chart_configuration.data_labels.measure_label_visibility (#​32668)
• resource/aws_quicksight_template: Grid layout optimized_view_port_width argument changed to Optional (#​32644)
• resource/aws_vpclattice_access_log_subscription: Avoid recreating resource when passing a non-wildcard CloudWatch Logs log group ARN as destination_arn (#​32186)
• resource/aws_vpclattice_access_log_subscription: Avoid recreating resource when passing an ARN as resource_identifier (#​32186)
• resource/aws_vpclattice_service_network_service_association: Avoid recreating

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication