Update Terraform google to v3.90.1

[renovate]

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package	Type	Update	Change
google (source)	provider	minor	3.58.0 -> 3.90.1

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

hashicorp/terraform-provider-google (google)

v3.90.1

Compare Source

DEPRECATIONS:

• container: fixed an overly-broad deprecation on master_auth, constraining it to master_auth.username and master_auth.password

v3.90.0

Compare Source

DEPRECATIONS:

• container: deprecated workload_identity_config.0.identity_namespace and it will be removed in a future major release as it has been deprecated in the API. Use workload_identity_config.0.workload_pool instead. Switching your configuration from one value to the other will trigger a diff at plan time, and a spurious update. (#​10327)
• container: deprecated the following google_container_cluster fields: instance_group_urls and master_auth (#​10356)

IMPROVEMENTS:

• container: added node_config.0.guest_accelerator.0.gpu_partition_size field to google_container_node_pool (#​10339)
• container: added workload_identity_config.0.workload_pool to google_container_cluster (#​10327)
• container_cluster: Updated monitoring_config to accept WORKLOAD (#​10321)
• provider: Added links to nested types documentation for manually generated pages (#​10333)

BUG FIXES:

• cloudrun: fixed a permadiff on the field template.spec.containers.ports.name of the google_cloud_run_service resource (#​10340)
• composer: removed config.node_config.zone requirement on google_composer_environment (#​10353)
• compute: fixed permadiff for failover_policy on google_compute_region_backend_service (#​10316)
• compute: fixed to make description updatable without recreation on google_compute_instance_group_manager (#​10329)
• container: fixed a permadiff on google_container_node_pool.workload_metadata_config.mode (#​10313)
• iam: fixed request batching bug where failed requests would show unnecessary backslash escaping to the user. (#​10303)
• securitycenter: fixed bug where google_scc_notification_config.streaming_config.filter was not updating. (#​10315)

v3.89.0

Compare Source

DEPRECATIONS:

• compute: deprecated the enable_display field in google_compute_instance_template in the google (GA) provider. It will only be available in the google-beta provider in a future release, as the underlying feature is in beta. (#​10281)

BUG FIXES:

• compute: fixed bug where google_compute_router_peer could not set an advertised route priority of 0, causing permadiff. (#​10292)
• container: fixed a crash on monitoring_config of google_container_cluster (#​10290)
• iam: fixed request batching bug where failed requests would show unnecessary backslash escaping to the user. (#​10303)
• storage: fixed a bug to better handle eventual consistency among google_storage_bucket resources. (#​10287)

v3.88.0

Compare Source

NOTES:

• reorganized documentation to group all Compute Engine and Monitoring (Stackdriver) resources together. (#​10205)

DEPRECATIONS:

• container: deprecated workload_metadata_configuration.node_metadata in favor of workload_metadata_configuration.mode in google_container_cluster (#​10238)
• dataproc: deprecated the google_dataproc_workflow_template.version field, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#​10183)
• runtimeconfig: deprecated the Runtime Configurator service in the google (GA) provider including google_runtimeconfig_config, google_runtimeconfig_variable, google_runtimeconfig_config_iam_policy, google_runtimeconfig_config_iam_binding, google_runtimeconfig_config_iam_member, data.google_runtimeconfig_config. They will only be available in the google-beta provider in a future release, as the underlying service is in beta. (#​10232)
  BREAKING CHANGES:
• gke_hub: made the config_membership field in google_gke_hub_feature required, disallowing invalid configurations (#​10199)
• gke_hub: made the configmanagement, feature, location, membership fields in google_gke_hub_feature_membership required, disallowing invalid configurations (#​10199)

FEATURES:

• New Data Source: google_service_networking_peered_dns_domain (#​10229)
• New Data Source: google_sourcerepo_repository (#​10203)
• New Data Source: google_storage_bucket (#​10190)
• New Resource: google_pubsub_lite_reservation (#​10263)
• New Resource: google_service_networking_peered_dns_domain (#​10229)

IMPROVEMENTS:

• composer: added support for composer v2 fields workloads_config and cloud_composer_network_ipv4_cidr_block to composer_environment (10269)
• compute: added external IPv6 support on google_compute_subnetwork and google_compute_instance.network_interfaces (#​10189)
• container: added support for workload_metadata_configuration.mode in google_container_cluster (#​10238)
• eventarc: added support for uid output field, cloud_function destination to google_eventarc_trigger (#​10199)
• gke_hub: added support for gcp_service_account_email when configuring Git sync in google_gke_hub_feature_membership (#​10199)
• gke_hub: added support for resource_state, state outputs to google_gke_hub_feature (#​10199)
• pubsub: Added support for references to google_pubsub_lite_reservation to google_pubsub_lite_topic. (#​10263)

BUG FIXES:

• monitoring: fixed typo in google_monitoring_uptime_check_config where NOT_MATCHES_REGEX could not be specified. (#​10249)

v3.87.0

Compare Source

3.87.0 (October 04, 2021)

DEPRECATIONS:

• dataproc: deprecated the google_dataproc_workflow_template.version field, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#​10183)

FEATURES:

• New Resource: google_org_policy_policy (#​10111)

IMPROVEMENTS:

• cloudbuild: added field service_account to google_cloudbuild_trigger (#​10159)
• composer: added field scheduler_count to google_composer_environment (#​10158)
• compute: Disabled recreation of GCE instances when updating resource_policies property (#​10173)
• container: added support for logging_config and monitoring_config to google_container_cluster (#​10125)
• kms: added support for import_only to google_kms_crypto_key (#​10157)
• networkservices: boosted the default timeout for google_network_services_edge_cache_origin from 30m to 60m (#​10182)

BUG FIXES:

• container: fixed an issue where a node pool created with error (eg. GKE_STOCKOUT) would not be captured in state (#​10137)
• filestore: Allowed updating reserved_ip_range on google_filestore_instance via recreation of the instance (#​10146)
• serviceusage: enabled the service api to retry on failed operation calls in anticipation of transient errors that occur when first enabling the service. (#​10171)

v3.86.0

Compare Source

IMPROVEMENTS:

• healthcare: promoted google_healthcare_hl7_v2_store.parseConfig.version to GA (#​10099)

BUG FIXES:

• dns: fixed an issue in google_dns_record_set where rrdatas could not be updated (#​10089)
• dns: fixed an issue in google_dns_record_set where creating the resource would result in an 409 error (#​10089)
• platform: fixed a bug in wrongly writing to state when creation failed on google_organization_policy (#​10082)

v3.85.0

Compare Source

IMPROVEMENTS:

• bigtable: enabled support for user_project_override in google_bigtable_instance and google_bigtable_table (#​10060)
• compute: added iap fields to google_compute_region_backend_service (#​10038)
• compute: allowed passing an IP address to the nextHopIlb field of google_compute_route resource (#​10048)
• iam: added disabled field to google_service_account resource (#​10033)
• provider: added links to nested types documentation within a resource (#​10063)
• storage: added field path to google_storage_transfer_job (#​10047)

BUG FIXES:

• appengine: fixed bug where deployment.container.image would update to an old version even if in ignore_changes (#​10058)
• bigquery: fixed a bug where destination_encryption_config.kms_key_name stored the version rather than the key name. (#​10068)
• redis: extended the default timeouts on google_redis_instance (#​10037)
• serviceusage: fixed an issue in google_project_service where users could not reenable services that were disabled outside of Terraform. (#​10045)

v3.84.0

Compare Source

FEATURES:

• New Data Source: google_secret_manager_secret (#​9983)

IMPROVEMENTS:

• compute: added update support to google_compute_service_attachment (#​9982)

BUG FIXES:

• container: fixed a bug in failing to remove maintenance_exclusion on google_container_cluster (#​10025)
• compute: fixed an issue in google_compute_router_nat where removing log_config resulted in a perma-diff (#​9950)
• compute: fixed advanced_machine_features error messages in google_compute_instance (#​10023)
• eventarc: fixed bug where resources deleted outside of Terraform would cause errors (#​9997)
• functions: fixed an error message on google_cloudfunctions_function (#​10011)
• logging: fixed the data type for bucket_options.linear_buckets.width on google_logging_metric (#​9985)
• osconfig: fixed import on google_os_config_guest_policies (#​10019)
• storage: fixed an undetected change on days_since_noncurrent_time of google_storage_bucket (#​10024)

v3.83.0: 3.83.0

Compare Source

FEATURES:

• New Resource: google_privateca_certificate_template (#​9905)

IMPROVEMENTS:

• privateca: added certificate_template to google_privateca_certificate. (#​9915)
• compute: allowed setting ip_address field of google_compute_router_peer (#​9913)
• compute: promoted google_compute_service_attachment to ga (#​9914)
• compute: promoted role and purpose fields in google_compute_subnetwork to ga (#​9914)
• kms: added support for destroy_scheduled_duration to google_kms_crypto_key (#​9911)

BUG FIXES:

• endpoints: fixed a timezone discrepancy in config_id on google_endpoints_service (#​9912)
• cloudbuild: marked google_cloudbuild_trigger as requiring one of branch_name/tag_name/commit_sha within build.source.repo_source (#​9952)
• compute: fixed a crash on enable field of google_compute_router_peer (#​9940)
• compute: fixed a permanent diff for next_hop_instance_zone on google_compute_route when next_hop_instance was set to a self link (#​9931)
• compute: fixed an issue in google_compute_router_nat where removing log_config resulted in a perma-diff (#​9950)
• privateca: fixed a permadiff bug for publishing_options on google_privateca_ca_pool when both attributes set false (#​9926)
• spanner: fixed instance updates to processing units (#​9933)
• storage: added support for timeouts on google_storage_bucket_object (#​9937)

v3.82.0

Compare Source

FEATURES:

• New Resource: google_privateca_certificate_template (#​9905)
• New Resource: google_compute_firewall_policy (#​9887)
• New Resource: google_compute_firewall_policy_association (#​9887)
• New Resource: google_compute_firewall_policy_rule (#​9887)

IMPROVEMENTS:

• sql: added field collation to google_sql_database_instance (#​9888)

BUG FIXES:

• apigateway: fixed import functionality for all apigateway resources (#​9871)
• dns: fixed not-exists error message on data source google_dns_managed_zone (#​9898)
• healthcare: fixed bug where changes to google_healthcare_hl7_v2_store.parser_config subfields would error with "...parser_config.version field is immutable..." (#​9900)
• os_config: fixed imports for google_os_config_guest_policies (#​9872)
• pubsub: added polling to google_pubsub_schema to deal with eventually consistent deletes (#​9863)
• secretmanager: fixed an issue where replication fields would not update in google_secret_manager_secret (#​9894)
• service_usage: fixed imports on google_service_usage_consumer_quota_override (#​9876)
• sql: fixed a permadiff bug for type when BUILT_IN on google_sql_user (#​9864)
• sql: fixed bug in google_sql_user with CLOUD_IAM_USERs on POSTGRES. (#​9859)

v3.81.0

Compare Source

IMPROVEMENTS:

• compute: Added enable attribute to google_compute_router_peer (#​9776)
• compute: added support for L3_DEFAULT as ip_protocol for google_compute_forwarding_rule and UNSPECIFIED as protocol for google_compute_region_backend_service to support network load balancers that forward all protocols and ports. (#​9799)
• compute: added support for security_settings to google_compute_backend_service (#​9797)
• essentialcontacts: promoted google_essential_contacts_contact to GA (#​9822)
• gkehub: added google_gke_hub_membership support for both //container.googleapis.com/${google_container_cluster.my-cluster.id} and google_container_cluster.my-cluster.id in endpoint.0.gke_cluster.0.resource_link (#​9765)
• provider: Added provider support for request_reason (#​9794)
• provider: added support for billing_project across all resources. If user_project_override is set to true and a billing_project is set, the X-Goog-User-Project header will be sent for all resources. (#​9852)

BUG FIXES:

• assuredworkloads: fixed resource deletion so google_assured_workloads_workload can delete what it creates (#​9835)
• bigquery: fixed the permadiff bug on location of the google_bigquery_dataset (#​9810)
• composer: fixed environment version regexp to explicitly require . (dot) instead of any character after 'preview' (example: composer-2.0.0-preview.0-airflow-2.1.1) (#​9804)
• compute: changed wait_for_instances in google_compute_instance_group_manager and google_compute_region_instance_group_manager to no longer block plan / refresh, waiting on managed instance statuses during apply instead (#​9832)
• compute: fixed a bug where negative_caching_policy cannot be set always revalidate on google_compute_backend_service (#​9821)
• compute: fixed instances where compute resource calls would have their urls appended with a redundant /projects after the host (#​9834)
• firestore: removed diff for server generated field __name__ on google_firestore_index (#​9820)
• privateca: fixed the creation of subordinate google_privateca_certificate_authority with max_issuer_path_length = 0. (#​9856)
• privateca: Fixed null for ignore_active_certificates_on_deletion on the imported google_privateca_certificate_authority (#​9781)

v3.80.0

Compare Source

FEATURES:

• New Resource: google_dialogflow_cx_environment (#​9738)

IMPROVEMENTS:

• gkehub: added support for both //container.googleapis.com/${google_container_cluster.my-cluster.id} and google_container_cluster.my-cluster.id references in google_gke_hub_membership.endpoint.0.gke_cluster.0.resource_link (#​9765)
• kms: added name field to google_kms_crypto_key_version datasource (#​9762)

BUG FIXES:

• apigee: fixed update behavior on google_apigee_envgroup (#​9740)
• privateca: fixed a failure to create google_privateca_certificate_authority of type SUBORDINATE due to an invalid attempt to activate it on creation. (#​9761)

v3.79.0

Compare Source

NOTES:

• spanner: The num_nodes field on google_spanner_instance will have its default removed in a future major release, and either num_nodes or processing_units will be required. (#​9716)

FEATURES:

• New Resource: google_dialogflow_cx_entity_type (#​9717)
• New Resource: google_dialogflow_cx_page (#​9683)

IMPROVEMENTS:

• spanner: added processing_units to google_spanner_instance (#​9716)
• storage: added support for customer_encryption on resource_storage_bucket_object (#​9704)

v3.78.0

Compare Source

FEATURES:

• New Resource: google_gke_hub_membership (#​9616)

IMPROVEMENTS:

• servicenetworking: added support for user_project_override and billing_project to google_service_networking_connection (#​9668)

BUG FIXES:

• storagetransfer: Fixed a crash on azure_blob_storage_data_source for google_storage_transfer_job (#​9644)
• sql: fixed bug that wouldn't insert the google_sql_user in state for iam users. (#​9625)
• storage: fixed a crash when azure_credentials was defined in google_storage_transfer_job (#​9671)

v3.77.0: 3.77.0

Compare Source

3.77.0 (July 26, 2021)

FEATURES:

• New Resource: google_scc_notification_config (#​9578)

IMPROVEMENTS:

• compute: fixed a permadiff bug in log_config field of google_compute_region_backend_service (#​9568)
• dlp: added crypto_replace_ffx_fpe_config and crypto_replace_ffx_fpe_config as primitive transformation types to google_data_loss_prevention_deidentify_template (#​9572)

BUG FIXES:

• bigquerydatatransfer: fixed a bug where destination_dataset_id was required, it is now optional. (#​9605)
• billing: Fixed ordering of budget_filter. projects on google_billing_budget (#​9598)
• compute: removed default value of 0.8 from google_backend_service.backend.max_utilization and it will now default from API. All max_connections_xxx and max_rate_xxx will also default from API as these are all conditional on balancing mode. (#​9587)
• sql: fixed bug where the provider would retry on an error if the database instance name couldn't be reused. (#​9591)

v3.76.0

Compare Source

FEATURES:

• New Resource: google_dialogflow_cx_flow (#​9551)
• New Resource: google_dialogflow_cx_intent (#​9537)
• New Resource: google_dialogflow_cx_version (#​9554)
• New Resource: google_network_services_edge_cache_keyset (#​9540)
• New Resource: google_network_services_edge_cache_origin (#​9540)
• New Resource: google_network_services_edge_cache_service (#​9540)

IMPROVEMENTS:

• apigee: Added SLASH_22 support for peering_cidr_range on google_apigee_instance (#​9558)
• cloudbuild: Added pubsub_config and webhook_config parameter to google_cloudbuild_trigger. (#​9541)

BUG FIXES:

• pubsub: fixed pubsublite update issues (#​9544)

v3.75.0

Compare Source

FEATURES:

• New Resource: google_privateca_ca_pool (#​9480)
• New Resource: google_privateca_certificate (#​9480)
• New Resource: google_privateca_certificate_authority (#​9480)

IMPROVEMENTS:

• bigquery: added kms_key_version as an output on bigquery_table.encryption_configuration and the destination_encryption_configuration blocks of bigquery_job.query, bigquery_job.load, and bigquery_copy. (#​9500)
• compute: added advanced_machine_features to google_compute_instance (#​9470)
• compute: promoted all cdn_policy sub fields in google_compute_backend_service, google_compute_region_backend_service and google_compute_backend_bucket to GA (#​9432)
• dlp: Added replace_with_info_type_config to dlp_deidentify_template. (#​9446)
• storage: added temporary_hold and event_based_hold attributes to google_storage_bucket_object (#​9487)

BUG FIXES:

• bigquery: Fixed permadiff due to lowercase mode/type in google_bigquery_table.schema (#​9499)
• billing: made all_updates_rule.* fields updatable on google_billing_budget (#​9473)
• billing: made amount.specified_amount.units updatable on google_billing_budget (#​9465)
• compute: fixed perma-diff in google_compute_instance (#​9460)
• storage: fixed handling of object paths that contain slashes for google_storage_object_access_control (#​9502)

v3.74.0

Compare Source

FEATURES:

• New Resource: google_app_engine_service_network_settings (#​9414)
• New Resource: google_vertex_ai_dataset (#​9411)
• New Resource: google_cloudbuild_worker_pool (#​9417)

IMPROVEMENTS:

• bigtable: added cluster.kms_key_name field to google_bigtable_instance (#​9393)
• compute: promoted all cdn_policy sub fields in google_compute_backend_service, google_compute_region_backend_service and google_compute_backend_bucket to GA (#​9432)
• secretmanager: added ttl, expire_time, topics and rotation fields to google_secret_manager_secret (#​9398)

BUG FIXES:

• container: allowed setting node_config.service_account at the same time as enable_autopilot = true for google_container_cluster (#​9399)
• container: fixed issue where creating a node pool with a name that already exists would import that resource. google_container_node_pool (#​9424)
• dataproc: fixed crash when creating google_dataproc_workflow_template with secondary_worker_config empty except for num_instances = 0 (#​9381)
• filestore: fixed an issue in google_filestore_instance where creating two instances simultaneously resulted in an error. (#​9396)
• sql: added support for binary_logging on replica instances for googe_sql_database_instance (#​9428)

v3.73.0

Compare Source

FEATURES:

• New Resource: google_dialogflow_cx_agent (#​9338)

IMPROVEMENTS:

• provider: added support for mtls authentication (#​9382)
• compute: added advanced_machine_features fields to google_compute_instance_template (#​9363)
• compute: promoted custom_response_headers to GA for google_compute_backend_service and google_compute_backend_bucket (#​9374)
• redis: allowed redis_version to be upgraded on google_redis_instance (#​9378)
• redis: promoted fields transit_encryption_mode and server_ca_certs to GA on google_redis_instance (#​9378)

BUG FIXES:

• apigee: added SLASH_23 support for peering_cidr_range on google_apigee_instance (#​9343)
• cloudrun: fixed a bug where plan would should a diff on google_cloud_run_service if the order of the template.spec.containers.env list was re-ordered outside of terraform. (#​9340)
• container: added user_project_override support to the ContainerOperationWaiter used by google_container_cluster (#​9379)

v3.72.0: 3.72.0

Compare Source

IMPROVEMENTS:

• compute: added support for IPsec-encrypted Interconnect in the form of new fields on google_compute_router, google_compute_ha_vpn_gateway, google_compute_interconnect_attachment and google_compute_address(#​9288)
• container: Allowed specifying a cluster id field for google_container_node_pool.cluster to ensure that a node pool is recreated if the associated cluster is recreated. (#​9309)
• storagetransfer: added support for azure_blob_storage_data_source to google_storage_transfer_job (#​9311)

BUG FIXES:

• bigquery: Fixed google_bigquery_table.schema handling of policyTags (#​9302)
• bigtable: fixed bug that would error if creating multiple bigtable gc policies at the same time (#​9305)
• compute: fixed bug where encryption showed a perma-diff on resources created prior to the feature being released. (#​9303)

v3.71.0

Compare Source

FEATURES:

• New Resource: google_dialogflow_fulfillment (#​9253)

IMPROVEMENTS:

• compute: added reservation_affinity to google_compute_instance and google_compute_instance_template (#​9256)
• compute: added support for wait_for_instances_status on google_compute_instance_group_manager and google_compute_region_instance_group_manager (#​9231)
• compute: added support for output-only status field on google_compute_instance_group_manager and google_compute_region_instance_group_manager (#​9231)
• compute: promoted log_config field of google_compute_health_check and google_compute_region_health_check to GA (#​9274)
• compute: set the default value for log_config.enable on google_compute_region_health_check to avoid permanent diff on plan/apply. (#​9274)

BUG FIXES:

• composer: fixed a check that did not allow for preview versions in google_composer_environment (#​9255)
• storage: fixed error when matches_storage_class is set empty on google_storage_bucket (#​9221)
• vpcaccess: fixed permadiff when max_throughput is not set on google_vpc_access_connector (#​9282)

v3.70.0

Compare Source

IMPROVEMENTS:

• compute: added provisioned_iops to google_compute_disk (#​9193)
• compute: promoted distribution_policy_target_shape field in google_compute_region_instance_group_manager to GA. (#​9186)
• sql: added field disk_autoresize_limit to sql_database_instance (#​9203)

BUG FIXES:

• cloudrun: fixed a bug where resources would return successfully due to responses based on a previous version of the resource (#​9213)
• storage: fixed error when matches_storage_class is set empty on google_storage_bucket (#​9221)

v3.69.0

Compare Source

IMPROVEMENTS:

• compute: added "description" field to "google_compute_resource_policy" resource (#​9176)
• compute: added "instance_schedule_policy" field to "google_compute_resource_policy" resource (#​9176)
• compute: promoted field autoscaling_policy.scaling_schedules on google_compute_autoscaler and google_compute_region_autoscaler to ga (#​9165)
• compute: promoted autoscaling_policy.cpu_utilization.predictive_method on google_compute_autoscaler and google_compute_region_autoscaler to ga. (#​9156)

BUG FIXES:

• cloudidentity: fixed recreation on the initial_group_config of google_cloud_identity_group (#​9143)
• compute: added mutex in google_compute_metadata_item to reduce retries + quota errors (#​9168)
• container: fixed bug where enable_shielded_nodes could not be false on resource google_container_cluster (#​9131)

v3.68.0

Compare Source

FEATURES:

• New Resource: google_pubsub_schema (#​9116)

IMPROVEMENTS:

• compute: added initial_size in resource google_compute_node_group to account for scenarios where size may change under the hood (#​9078)
• compute: added support for setting kms_key_name on google_compute_machine_image (#​9107)
• dataflow: enabled updates for google_dataflow_flex_template_job (#​9123)

BUG FIXES:

• compute: fixed bug where, when an organization security policy association was removed outside of terraform, the next plan/apply would fail. (#​9095)
• container: added validation to check that both node_version and remove_default_node_pool cannot be set on google_container_cluster (#​9100)
• dns: suppressed spurious diffs due to case changes in DS records (#​9099)

v3.67.0

Compare Source

FEATURES:

• New Resource: google_memcache_instance (#​8982)

NOTES:

• all: changed default HTTP request timeout from 30 seconds to 120 seconds (#​8966)
  DEPRECATIONS:
• compute: deprecated distribution_policy_target_shape in google_compute_region_instance_group_manager Use the google-beta provider to continue using this field (#​8970)
• compute: deprecated min_ready_sec in google_compute_region_instance_group_manager & google_compute_instance_group_manager Use the google-beta provider to continue using this field (#​8970)
• container: deprecated pod_security_policy_config field on resource google_container_cluster. Use the google-beta provider to continue using this field (#​8970)

BREAKING CHANGES:

• bigquery: updating dataset_id or project_id in google_bigquery_dataset will now recreate the resource (#​8973)

IMPROVEMENTS:

• accesscontextmanager: added support for require_verified_chrome_os in basic access levels. (#​9071)
• billingbudget: added support for import of google_billing_budget (#​8990)
• cloud_identity: added support for initial_group_config to the google_cloud_identity_group resource (#​9035)
• cloudrun: added support to bind secrets from Secret Manager to environment variables or files to google_cloud_run_service (#​9073)
• compute: added initial_size to account for scenarios where size may change under the hood in resource google_compute_node_group (#​9078)
• healthcare: added support for stream_configs in google_healthcare_dicom_store (#​8986)
• secretmanager: added support for setting a CMEK on google_secret_manager_secret (#​9046)
• spanner: added force_destroy to google_spanner_instance to delete instances that have backups enabled. (#​9076)
• spanner: added support for setting a CMEK on google_spanner_database (#​8966)
• workflows: marked source_contents and service_account as updatable on google_workflows_workflow (#​9018)

BUG FIXES:

• bigquery: fixed dataset_id to force new resource if name is changed. (#​8973)
• cloudrun: fixed permadiff on google_cloud_run_domain_mapping.metadata.labels (#​8971)
• composer: changed google_composer_environment.master_ipv4_cidr_block to draw default from the API (#​9017)
• container: fixed container node pool not removed from the state when received 404 error on delete call for the resource google_container_node_pool (#​9034)
• dns: fixed empty rrdatas list on google_dns_record_set for AAAA records (#​9029)
• kms: fixed indirectly force replacement via skip_initial_version_creation on google_kms_crypto_key (#​8988)
• logging: fixed metric_descriptor.labels can't be updated on 'google_logging_metric' (#​9057)
• pubsub: fixed diff for minimum_backoff & maximum_backoff on google_pubsub_subscription (#​9048)
• resourcemanager: fixed broken handling of IAM conditions for google_organization_iam_member, google_organization_iam_binding, and google_organization_iam_policy (#​9047)
• serviceusage: added google_project_service.service validation to reject invalid service domains that don't contain a period (#​8987)
• storage: fixed bug where role_entity user wouldn't update if the role changed. (#​9008)

v3.66.1

Compare Source

BUG FIXES:

• compute: fixed bug where terraform would crash if updating from no service_account.scopes to more. (#​9032)

v3.66.0

Compare Source

NOTES:

• all: changed default HTTP request timeout from 30 seconds to 120 seconds (#​8966)

BREAKING CHANGES:

• datacatalog: updating parent in google_data_catalog_tag will now recreate the resource (#​8964)

FEATURES:

• New Data Source: google_compute_ha_vpn_gateway (#​8952)
• New Resource: google_dataproc_workflow_template (#​8962)

IMPROVEMENTS:

• bigquery: Added BigTable source format in BigQuery table (#​8923)
• cloudfunctions: removed bounds on the supported memory range in google_cloudfunctions_function.available_memory_mb (#​8946)
• compute: marked scheduling.0.node_affinities as updatable in google_compute_instance (#​8927)
• dataproc: added shielded_instance_config fields to google_dataproc_cluster (#​8910)
• spanner: added support for setting a CMEK on google_spanner_database (#​8966)

BUG FIXES:

• compute: fixed error when creating empty scopes on google_compute_instance (#​8953)
• container: fixed a bug that allowed specifying node_config on google_container_cluster when

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.