Update Terraform google to v7

[renovate]

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package	Type	Update	Change
google (source)	provider	major	3.58.0 -> 7.2.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

hashicorp/terraform-provider-google (google)

v7.2.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_python_package (#​24267)
• New Data Source: google_backup_dr_data_source_references (#​24268)
• New Resource: google_discovery_engine_acl_config (#​24276)
• New Resource: google_saas_runtime_unit_kind (#​24236)

IMPROVEMENTS:

• chronicle: made the scope_info field in google_chronicle_reference_list configurable (#​24250)
• compute: added header_action to path_matcher and default_service level on google_compute_region_url_map resource (#​24253)
• container: added secret_manager_config.rotation_config field to google_container_cluster resource (#​24244)
• container: added new fields memory_manager and topology_manager to google_container_cluster.node_config.kubelet_config and google_container_node_pool.node_config.kubelet_config (#​24277)
• sql: added final_backup_description and final_backup_config fields to google_sql_database_instance resource (#​24273)
• storage: added aws_s3_compatible_data_source to google_storage_transfer_job resource (#​24241)

BUG FIXES:

• provider: fixed an issue with universe_domain where the provider tried to connect to "googleapis.com" for user email logging when universe_domain was set (#​24238)
• container: fixed a faulty diff for arrays on user_managed_keys_config that caused faulty cluster updates to be triggered in google_container_cluster (#​24256)
• osconfig: fixed a permadiff in google_osconfig_patch_deployment where patch_config.yum.minimal doesn't send false for empty values (#​24247)

v7.1.1

Compare Source

BUG FIXES:

• bigtable: fixed an error encountered when applying google_bigtable_table_iam_* resources after upgrading to 7.x and replacing instance with instance_name (#​24255)

v7.1.0

Compare Source

DEPRECATIONS:

• container: deprecated enterprise_config field in google_container_cluster resource. GKE Enterprise features are now available without an Enterprise tier. (#​24210)
• storage: removed deprecated status for field to detect_md5hash in google_storage_bucket_object resource (#​24147)

FEATURES:

• New Data Source: google_iap_web_forwarding_rule_service_iam_policy (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_binding (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_member (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_policy (#​24178)

IMPROVEMENTS:

• artifactregistry: added registry_uri as attribute to google_artifact_registry_repository (#​24164)
• backupdr: added 'supported_resource_types' field to google_backup_dr_backup_plan resource (#​24189)
• backupdr: added create_time field to google_backup_dr_backup data source (#​24183)
• cloudbuild: added worker_config.enable_nested_virtualization field to google_cloudbuild_worker_pool resource (#​24176)
• cloudrunv2: added support for multi_region_settings field to google_cloud_run_v2_service resource (#​24149)
• compute: add params.resource_manager_tags field to the google_compute_region_backend_service (#​24191)
• compute: added public_delegated_sub_prefixs field to resource google_compute_public_delegated_prefix (#​24202)
• compute: added update_strategy field to google_compute_network_peering resource (#​24180)
• firestore: added unique field to google_firestore_index resource (#​24163)
• netapp: added qos_type and available_throughput_mibps fields to google_netapp_storage_pool resource (#​24161)
• netapp: added throughput_mibps field to google_netapp_volume resource (#​24161)
• networkservices: allowed EXPLICIT_ROUTING_MODE for routing_mode on google_network_services_gateway resource (#​24151)
• sql: added consumer_network_status, ip_address, and status fields to psc_auto_connections field on google_sql_database_instance resource (#​24201)
• storagetransfer: added service_account field to google_storage_transfer_job resource (#​24193)
• storagetransfer: added transfer_spec.aws_s3_data_source.credentials_secret to google_storage_transfer_job resource (#​24152)

BUG FIXES:

• compute: fixed certain spurious diffs for google_compute_region_backend_service.backend.group (#​24157)
• compute: fixed permadiff on google_compute_region_network_endpoint_group when no network is specified (#​24182)
• memorystore: fixed permadiffs that cause destroy+recreate on new google_memorystore_instance when desired_psc_auto_connections is set (#​24212)
• netapp: fixed a permadiff on total_iops in google_netapp_storage_pool resource (#​24207)
• oracledatabase: fixed permadiffs on google_oracle_database_autonomous_database resource for the odb_network and odb_subnet fields (#​24184)

v7.0.1

Compare Source

BUG FIXES:

• storage: fixed a conversion crash in google_storage_bucket state migration #​24186

v7.0.0

Compare Source

Terraform Google Provider 7.0.0 Upgrade Guide

BREAKING RESOURCE REMOVALS:

• beyondcorp: removed google_beyondcorp_application, its associated IAM resources google_beyondcorp_application_iam_binding, google_beyondcorp_application_iam_member, and google_beyondcorp_application_iam_policy, and the google_beyondcorp_application_iam_policy datasource. Use google_beyondcorp_security_gateway_application instead. #​23999
• notebooks: removed google_notebooks_location #​23607
• tpu: removed google_tpu_node. Use google_tpu_v2_vm instead. #​23964

BREAKING FIELD REMOVALS:

• cloudrunv2: removed template.containers.depends_on within resource google_cloud_run_v2_worker_pool #​23815
• colab: removed post_startup_script_config field from from google_colab_runtime_template resource #​24026
• compute: removed field enable_flow_logs from google_compute_subnetwork #​23704
• gkehub: removed configmanagement.binauthz field in google_gke_hub_feature_membership #​24076
• gkehub: removed description field in google_gke_hub_membership #​23587
• memorystore: removed allow_fewer_zones_deployment field from google_memorystore_instance resource because it isn't user-configurable #​24079
• redis: removed allow_fewer_zones_deployment field from google_redis_cluster resource because it isn't user-configurable #​24079
• resourcemanager: removed non-functional project field from google_service_account_key datasource #​24000
• vertexai: removed enable_secure_private_service_connect in google_vertex_ai_endpoint #​23843

BREAKING INCREASED VALIDATION:

• cloudfunctions2: made event_type a required field for event_trigger in google_cloudfunctions2_function #​23918
• networkservices: made load_balancing_scheme required in google_network_services_lb_traffic_extension #​23748
• sql: made password_wo_version required when password_wo is set in google_sql_user #​24083
• storage: added validation requiring the topic field to be in the form "projects//topics/" in google_storage_notification #​24135
• storagetransfer: added path validation for GCS path source and sink in google_storage_transfer_job #​23493
• vertexai: made metadata, and metadata.config required in google_vertex_ai_index. Resource creation would fail without these attributes already, so no change is necessary to existing configurations. #​23971

OTHER BREAKING CHANGES:

• alloydb: added deletion_protection field with a default value of true to google_alloydb_cluster resource #​24024
• apigee: changed certs_info field in google_apigee_keystores_aliases_key_cert_file to be output-only #​24135
• apigee: migrated google_apigee_keystores_aliases_key_cert_file to the plugin framework #​24135
• artifactregistry: removed the default values for public_repository fields in google_artifact_registry_repository. If your state is reliant on them, they will now need to be manually included in your configuration. #​23970
• bigquery: removed the default value of view.use_legacy_sql in google_bigquery_table #​24065
• bigtable: renamed instance to instance_name for bigtable_table_iam objects #​23399
• billing: made budget_filter.credit types and budget_filter.subaccounts no longer optional+computed, only optional, in google_billing_budget resource #​24078
• cloudfunctions2: changed service_config.service field in google_cloudfunctions2_function resource to be output-only #​23790
• compute: subnetworks and instances fields in google_compute_packet_mirroring have been converted from arrays to sets #​24021
• compute: advertised_ip_ranges field group in google_compute_router has been converted from a list to a set #​24030
• compute: disk.type, disk.mode and disk.interface no longer use provider configured default values and instead will be set by the API in google_compute_instance_template and google_compute_region_instance_template resources #​24055
• provider: fixed many import functions throughout the provider that erroneously matched a subset of the provided input, leading to unclear error messages when using terraform input with invalid resource IDs. #​24010
• resourcemanager: changed disable_on_destroy default value to false in google_project_service #​23951
• securesourcemanager: changed deletion_policy default value from DELETE to PREVENT #​23963
• storage: retention_period field in google_storage_bucket has been converted from int to string data type #​23535
• storage: migrated google_storage_notification to the plugin framework #​24135

FEATURES:

• New Data Source: google_artifact_registry_npm_package (#​24072)
• New Data Source: google_certificate_manager_dns_authorization (#​24009)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_binding (#​24041)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_member (#​24041)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_policy (#​24041)
• New Resource: google_saas_runtime_saas (#​24028)

IMPROVEMENTS:

• cloudbuild: added developer_connect_event_config field to google_cloudbuild_trigger resource (#​24043)
• cloudtasks: added desired_state field to google_cloud_tasks_queue resource (#​24053)
• cloudrunv2: added max_instance_count field to google_cloud_run_v2_service resource. (#​24031)
• compute: added params.resourceManagerTags field to the google_compute_backend_service (#​24062)
• compute: added params.resource_manager_tags field to google_compute_backend_bucket (#​24068)
• compute: added short_name field to google_compute_organization_security_policy resource (#​24059)
• container: added cluster_autoscaling.default_compute_class_enabled field to google_container_cluster resource (#​24023)
• dialogflowcx: added enableMultiLanguageTraining, locked, answerFeedbackSettings, personalizationSettings, clientCertificateSettings, startPlaybook, satisfiesPzs, and satisfiesPzi to google_dialogflow_cx_agent resource. (#​24007)
• lustre: increased google_lustre_instance resource create timeout to 120m from 20m (#​24056)
• oracledatabase: enabled default_from_api flag for ODB Network related fields in google_oracle_database_cloud_vm_cluster resource (#​24045)
• sql: added feature to restore google_sql_database_instance using backupdr_backup (#​24066)
• ssm: made ca_pool argument optional for private instances that use Google-managed trusted certificates.tosecure_source_manager` resource (#​24039)

BUG FIXES:

• container: fixed issue where a failed creation on google_container_node_pool would result in an unrecoverable tainted state (#​24077)
• gkeonprem: set default_from_api in image field in google_vmware_node_pool (#​24022)
• workbench: made install-monitoring-agent metadata key settable for google_workbench_instance (#​24080)

v6.49.3

Compare Source

BUG FIXES:

• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​24353)

v6.49.2

Compare Source

BUG FIXES:

• container: fixed issue where a failed creation on google_container_node_pool would result in an unrecoverable tainted state (#​10586)

v6.49.1

Compare Source

BUG FIXES:

• secretmanager: fixed issue where upgrading to 6.49.0 would cause all google_secret_manager_secret_version resources to be recreated unless secret_data_wo_version was set
  (#​24061)

v6.49.0

Compare Source

DEPRECATIONS:

• beyondcorp: google_beyondcorp_application_iam_binding, google_beyondcorp_application_iam_member and google_beyondcorp_application_iam_policy IAM resources, and the google_beyondcorp_application_iam_policy datasource have been deprecated and will be removed in the upcoming major release (#​23995)
• tpu: deprecated google_tpu_tensorflow_versions data source. Use google_tpu_v2_runtime_versions instead. (#​23958)

BREAKING CHANGES:

• vertexai: made the metadata field required in google_vertex_ai_index (#​23953)

FEATURES:

• New Data Source: google_artifact_registry_tag (#​23994)
• New Data Source: google_artifact_registry_tags (#​23969)
• New Resource: google_dialogflow_convesation_profile (#​23996)

IMPROVEMENTS:

• apikeys: added service_account_email to google_apikeys_key (#​24001)
• compute: added advanced_options_config field to google_compute_region_security_policy resource (#​23914)
• container: added eviction_soft, eviction_soft_grace_period, eviction_minimum_reclaim, eviction_max_pod_grace_period_seconds, max_parallel_image_pulls, transparent_hugepage_enabled, transparent_hugepage_defrag and min_node_cpus fields to node_config block of google_container_node_pool and google_container_cluster resources (#​23973)
• networkmanagement: added subnet and network fields to the google_network_management_vpc_flow_logs_config resource (beta) (#​23945)
• networkmanagement: added output-only field target_resource_state to the google_network_management_vpc_flow_logs_config resource (#​23945)
• resourcemanager: added management_project and configured_capabilities fields to the google_folder resource. (#​23983)

BUG FIXES:

• cloud_tasks: set name field set to required in google_cloud_tasks_queue resource (#​23997)
• clouddeploy: allowed sending weekly_windows.start_time as an empty object in order to use default values in thegoogle_clouddeploy_deploy_policy resource (#​23993)
• kms: skip_initial_version_creation field is no longer immutable in google_kms_crypto_key, but is still only settable at-creation (#​23984)
• netapp: fixed bug where google_netapp_volume.large_capacity was not properly marked as immutable, causing updates to fail (and making it impossible to change the field value after creation) (#​24004)
• networkconnectivity: added update support for linked_vpc_network in google_network_connectivity_spoke (#​23949)

v6.48.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_package (#​23901)
• New Data Source: google_artifact_registry_repositories (#​23906)
• New Data Source: google_artifact_registry_version (#​23868)
• New Resource: google_dialogflow_cx_playbook (initial basic support, full features to follow in a later release) (#​23895)
• New Resource: google_vertexai_rag_engine_config (#​23889)

IMPROVEMENTS:

• backupdr: added log_retention_days field to google_backup_dr_backup_plan resource (#​23846)
• compute: added advanced_options_config field to google_compute_region_security_policy resource (#​23914)
• compute: added ha_policy field to google_compute_region_backend_service resource (#​23905)
• compute: added the ability to use global target forwarding rule for target_service field in google_compute_service_attachment resource (#​23892)
• container: added boot_disk to node_config in google_container_cluster and google_container_node_pool resources (#​23840)
• container: added node_config.kubelet_config.single_process_oom_kill field to google_container_node_pool and google_container_cluster resources (#​23844)
• container: added in-place update support for user_managed_keys_config field in google_container_cluster resource (#​23883)
• dataproc: added cluster_config.cluster_tier field to google_dataproc_cluster resource (#​23830)
• gkeonprem: added enable_advanced_cluster field to google_gkeonprem_vmware_admin_cluster resource (#​23908)
• memorystore: added allow_fewer_zones_deployment field to google_memorystore_instance resource (#​23845)
• sql: added field psa_write_endpoint flag to google_sql_database_instance resource (#​23867)
• sql: added network_attachment_uri field to google_sql_database_instance resource (#​23894)
• sql: added node_count field to sql_database_instance resource, and added new value READ_POOL_INSTANCE enum to the instance_type field of sql_database_instance resource (#​23897)
• storagetransfer: added federated_identity_config field to google_storage_transfer_job resource (#​23900)
• storagetransfer: added transfer_spec.aws_s3_data_source.cloudfront_domain field to google_storage_transfer_job resource (#​23887)

BUG FIXES:

• accesscontextmanager: made scopes field as immutable for access_context_manager_access_policy resource. (#​23886)
• bigquery: fixed handling of non-legacy roles for access block inside google_bigquery_dataset (#​23898)
• container: fixed an issue causing errors during updates to node_config to be suppressed in google_container_cluster and google_container_node_pool (#​23842)

v6.47.0

Compare Source

DEPRECATIONS:

• compute: deprecated network_self_link field in google_compute_subnetworks data source. Use network_name instead. (#​23753)
• resourcemanager: deprecated project field in google_service_account_key data source. The field is non functional and can safely be removed from your configuration. (#​23813)

FEATURES:

• New Data Source: google_artifact_registry_docker_images (#​23751)
• New Resource: google_apigee_security_action (#​23721)
• New Resource: google_developer_connect_insights_config (#​23789)
• New Resource: google_discovery_engine_cmek_config (#​23745)
• New Resource: google_iam_workforce_pool_iam_binding (#​23784)
• New Resource: google_iam_workforce_pool_iam_member (#​23784)
• New Resource: google_iam_workforce_pool_iam_policy (#​23784)

IMPROVEMENTS:

• backupdr: added backup_retention_inheritance field to google_backup_dr_backup_vault resource (#​23817)
• bigqueryanalyticshub: added commercial_info and delete_commercial fields in google_bigquery_analytics_hub_listing resource (#​23731)
• bigqueryanalyticshub: added discovery_type field to google_bigquery_analytics_hub_data_exchange resource (#​23801)
• bigqueryanalyticshub: added state, discovery_type, and allow_only_metadata_sharing fields to google_bigquery_analytics_hub_listing resource (#​23801)
• cloudfunction: added automatic_update_policy and on_deploy_update_policy to google_cloudfunctions_function resource (#​23819)
• cloudrunv2: added gpu_zonal_redundancy_disabled field to google_cloud_run_v2_job resource. (#​23811)
• compute: added labels field to google_compute_storage_pool resource (#​23783)
• compute: added network_name field to google_compute_subnetworks data source (#​23753)
• container: added ip_allocation_policy.additional_ip_ranges_config field to google_container_cluster resource (#​23828)
• container: added network_config.additional_node_network_configs.subnetwork field to google_container_node_pool resource (#​23828)
• container: added addons_config.lustre_csi_driver_config field to google_container_cluster resource (#​23729)
• container: added support for rbac_binding_config in google_container_cluster (#​23812)
• dataproc: added cluster_config.cluster_tier field to google_dataproc_cluster resource (#​23830)
• looker: added LOOKER_CORE_TRIAL_STANDARD, LOOKER_CORE_TRIAL_ENTERPRISE, and LOOKER_CORE_TRIAL_EMBED editions to google_looker_instance resource. (#​23785)
• managedkafka: added tls_config field to google_managed_kafka_cluster resource (#​23749)
• memorystore: added allow_fewer_zones_deployment field to google_redis_cluster resource (#​23800)
• storage: added deletion_policy field to google_storage_bucket_object resource (#​23816)
• vertexai: added custom_delete field to google_vertex_ai_endpoint_with_model_garden_deployment resource (#​23788)

BUG FIXES:

• bigquery: fixed a crash in google_bigquery_table when configured as an external table with parquet_options (#​23808)
• cloudrunv2: fixed an issue where manual_instance_count was unable to set to 0 in google_cloud_run_v2_worker_pool. (#​23798)
• composer: fixed updates failing for recovery_config with explicitly disabled scheduled snapshots (#​23715)
• iap: fixed an issue where deleting google_iap_settings without setting GOOGLE_PROJECT incorrectly failed (#​23724)
• storage: removed client-side GCS name validations for google_storage_bucket (#​23719)

v6.46.0

Compare Source

FEATURES:

• New Data Source: google_storage_insights_dataset_config (#​23709)
• New Resource: google_apigee_api_product (#​23648)
• New Resource: google_discovery_engine_recommendation_engine (#​23692)
• New Resource: google_oracle_database_odb_network (#​23675)
• New Resource: google_oracle_database_odb_subnet (#​23694)
• New Resource: google_storage_insights_dataset_config (#​23707)

IMPROVEMENTS:

• compute: added params.resourceManagerTags field to the google_compute_router (#​23690)
• compute: added in-place update support for provisioned_iops, provisioned_throughput, and access_mode fields in google_compute_region_disk resource (#​23697)
• dataproc: added authentication_config field to google_dataproc_batch and google_dataproc_session_template resource (#​23644)
• dataproc: added idle_ttl field to google_dataproc_session_template resource (#​23680)
• networkconnectivity: added field allocation_options to resource google_network_connectivity_internal_range (#​23687)
• oracledatabase: added odb_network and odb_subnet fields, and made network and cidr fields optional in google_oracle_database_autonomous_database resource (#​23686)
• oracledatabase: added odb_network, odb_subnet and backup_odb_subnet fields, and made network, cidr and backup_subnet_cidr fields optional in google_oracle_database_cloud_vm_cluster resource (#​23688)
• secretmanager: added tags field to google_secret_manager_regional_secret to allow setting tags for regional_secrets at creation time (#​23706)
• securesourcemanager: added deletion_policy field to google_secure_source_manager_repository resource (#​23693)
• workbench: added enable_managed_euc field to google_workbench_instance resource. (#​23682)
• workbench: added reservation_affinity field to google_workbench_instance resource. (#​23676)

BUG FIXES:

• composer: fixed updates failing for google_composer_environment recovery_config with explicitly disabled scheduled snapshots (#​23715)
• datastore: fixed a permadiff with google_datastream_connection_profile's create_without_validation field (#​23711)
• memorystore: fixed bug to allow google_memorystore_instance to be used with no provider default region or with a location that doesn't match the provider default region. (#​23666)
• networkconnectivity: fixed instances[].ip_address & instances[].virtual_machine fields in linked_router_appliance_instances block being incorrectly treated as immutable for google_network_connectivity_spoke resource (#​23705)
• resourcemanager: updated service account creation to prevent failures due to eventual consistency in google_service_account resource (#​23639)
• sql: fixed a provider crash when importing google_sql_database resource (#​23643)

v6.45.0

Compare Source

DEPRECATIONS:

• gemini: deprecated the disable_web_grounding field in the google_gemini_gemini_gcp_enablement_setting resource (#​23581)

FEATURES:

• New Resource: google_bigtable_schema_bundle (#​23585)
• New Resource: google_compute_preview_feature (#​23631)
• New Resource: google_dialogflow_cx_generator (#​23605)
• New Resource: google_model_armor_floorsetting (#​23621)
• New Resource: google_vertex_ai_endpoint_with_model_garden_deployment (#​23632)

IMPROVEMENTS:

• accesscontextmanager: added name to google_access_context_manager_gcp_user_access_binding resource (#​23638)
• apigee: marked the field access_logging_config immutable in google_apigee_instance resource (#​23571)
• bigquery: added ignore_auto_generated_schema virtual field to google_bigquery_table resource to ignore server-added columns in the schema field (#​23633)
• cloudrunv2: added field node_selector in google_cloud_run_v2_job (#​23586)
• compute: added params.resourceManagerTags field to the google_compute_subnetwork (#​23618)
• compute: added rule.match.src_secure_tags, rule.target_secure_tags, predefined_rules.match.src_secure_tags and predefined_rules.target_secure_tags fields to google_compute_firewall_policy_with_rules resource (#​23635)
• dataproc: added cluster_config.security_config.identity_config field to google_dataproc_cluster resource (#​23613)
• dataproc: updated cluster_config.gce_cluster_config.metadata field to be computed in google_dataproc_cluster resource (#​23613)
• dialogflowcx: added flexible support to google_dialogflow_cx_webhook resource. (#​23582)
• gemini: added web_grounding_type field to google_gemini_gemini_gcp_enablement_setting resource (#​23581)
• netapp: added in-place update support for allow_auto_tiering field in google_netapp_storage_pool resource (#​23614)
• secretmanager: added tags field to google_secret_manager_secret to allow setting tags for secrets at creation time (#​23625)
• securesourcemanager: added deletion_policy field to google_secure_source_manager_instance resource (#​23606)
• sql: added network_attachment_uri field to google_sql_database_instance (#​23615)
• vmwareengine: added GOOGLE_CLOUD_NETAPP_VOLUMES peering type to resource google_vmwareengine_network_peering (#​23628)

BUG FIXES:

• modelarmor: fixed conflicting field validation for filter_config.sdp_settings on google_model_armor_template (#​23626)
• resourcemanager: updated service account creation to prevent failures due to eventual consistency in google_service_account resource (#​23639)

v6.44.0

Compare Source

FEATURES:

• New Data Source: google_compute_network_attachment (#​23570)
• New Data Source: google_firestore_document (#​23553)
• New Resource: google_backup_dr_service_config (#​23552)
• New Resource: google_bigquery_analytics_hub_data_exchange_subscription (#​23560)
• New Resource: google_gkeonprem_vmware_admin_cluster (#​23554)
• New Resource: google_network_security_backend_authentication_config (#​23555)

IMPROVEMENTS:

• alloydb: added machine_config.machine_type field to google_alloydb_instance resource (#​23562)
• apigee: added access_logging_config field to google_apigee_instance resource (#​23522)
• apigee: marked access_logging_config field immutable in google_apigee_instance resource (#​23571)
• backupdr: added in-place update support for google_backup_dr_backup_plan resource (#​23537)
• compute: added params.resource_manager_tags field to google_compute_firewall resource (#​23524)
• compute: added application_aware_interconnect and aai_enabled fields to google_compute_interconnect resource (#​23567)
• compute: added load_balancing_scheme field to google_compute_backend_bucket resource (#​23499)
• compute: added provisioned_iops and provisioned_throughput fields to google_compute_region_disk resource (#​23551)
• compute: added specific_reservation.source_instance_template, delete_at_time, delete_after_duration.seconds, delete_after_duration.nanos and reservation_sharing_policy.service_share_type fields to google_compute_reservation resource (#​23561)
• firestore: added tags field to google_firestore_database resource (#​23569)
• securesourcemanager: added in-place update support for description field in google_secure_source_manager_repository resource (#​23557)
• storage: added force_empty_content_type field to google_storage_bucket_object resource (#​23568)

BUG FIXES:

• artifactregistry: fixed an issue where changes to cleanup_policies were not being applied correctly in google_artifact_registry_repository resource (#​23556)
• iambeta: fixed perma-diff for jwks_json field when GCP normalizes JSON formatting in google_iam_workload_identity_pool_provider resource (#​23526)

v6.43.0

Compare Source

DEPRECATIONS:

• iap: deprecated google_iap_client and google_iap_brand (#​23431)

FEATURES:

• New Data Source: google_kms_autokey_config (#​23490)
• New Data Source: google_kms_key_handle (#​23490)
• New Data Source: google_kms_key_handles (#​23490)
• New Data Source: google_network_management_connectivity_test_run (#​23497)
• New Data Source: google_redis_cluster (#​23436)
• New Resource: google_contact_center_insights_analysis_rule (#​23435)
• New Resource: google_kms_autokey_config (#​23490)
• New Resource: google_kms_key_handle (#​23490)
• New Resource: google_model_armor_template (#​23432)

IMPROVEMENTS:

• bigquery: added ignore_schema_changes virtual field to google_bigquery_table resource. Only dataPolicies field is supported in ignore_schema_changes for now. (#​23495)
• billing: added currency_code to google_billing_account data source (#​23474)
• compute: added params.resource_manager_tags field to google_compute_network resource (#​23421)
• compute: added load_balancing_scheme field to google_compute_backend_bucket resource (#​23499)
• compute: added params.resource_manager_tags field to google_compute_route resource (#​23489)
• container: added anonymous_authentication_config field to google_container_cluster resource (#​23491)
• dataplex: added suspended field to google_dataplex_datascan resource (#​23456)
• discoveryengine: added enable_table_annotation, enable_image_annotation, structured_content_types, exclude_html_elements, exclude_html_classes and exclude_html_ids fields to layout_parsing_config of google_discovery_engine_data_store resource (#​23478)
• discoveryengine: added kms_key_name field to google_discovery_engine_data_store resource (#​23469)
• memorystore: added managed_server_ca field to google_memorystore_instance resource (#​23430)
• secretmanager: added deletion_protection field to google_secret_manager_secret resource to optionally make deleting them require an explicit intent (#​23480)
• secretmanager: added fetch_secret_data field to google_secret_manager_secret_version to optionally skip fetching the secret data (#​23471)

BUG FIXES:

• compute: fixed match field in google_compute_router_route_policy resource to be marked as required (#​23494)
• compute: fixed an issue with bgp_always_compare_med in `goo

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.