Releases: hashicorp/terraform-provider-google
Releases · hashicorp/terraform-provider-google
v5.45.0
NOTES:
- 5.45.0 is a backport release, responding to a new Spanner feature that may result in creation of unwanted backups for users. The changes in this release will be available in 6.11.0 and users upgrading to 6.X should upgrade to that version or higher.
IMPROVEMENTS:
- spanner: added
default_backup_schedule_type
field togoogle_spanner_instance
(#20213)
v6.10.0
FEATURES:
- New Data Source:
google_compute_instance_guest_attributes
(#20095) - New Data Source:
google_service_accounts
(#20062) - New Resource:
google_iap_settings
(#20085)
IMPROVEMENTS:
- apphub: added
GLOBAL
enum value toscope.type
field ingoogle_apphub_application
resource (#20015) - assuredworkloads: added
workload_options
field togoogle_assured_workloads_workload
resource (#19985) - bigquery: added
external_catalog_dataset_options
fields togoogle_bigquery_dataset
resource (beta) (#20097) - bigquery: added descriptive validation errors for missing required fields in
google_bigquery_job
destination table configuration (#20077) - compute:
desired_status
on google_compute_instance can now be set toTERMINATED
orSUSPENDED
on instance creation (#20031) - compute: added
header_action
andredirect_options
fields togoogle_compute_security_policy_rule
resource (#20079) - compute: added
interface.ipv6-address
field ingoogle_compute_external_vpn_gateway
resource (#20091) - compute: added
propagated_connection_limit
andconnected_endpoints.propagated_connection_count
fields togoogle_compute_service_attachment
resource (#20016) - compute: added plan-time validation to
name
ongoogle_compute_instance
(#20036) - compute: added support for
advanced_machine_features.turbo_mode
togoogle_compute_instance
,google_compute_instance_template
, andgoogle_compute_region_instance_template
(#20090) - container: added in-place update support for
labels
,resource_manager_tags
andworkload_metadata_config
ingoogle_container_cluster.node_config
(#20038) - filestore: added
protocol
property to resourcegoogle_filestore_instance
(#19982) - memorystore: added
mode
flag togoogle_memorystore_instance
(#19988) - netapp: added
zone
andreplica_zone
fields togoogle_netapp_storage_pool
resource (#19980) - netapp: added
zone
andreplica_zone
fields togoogle_netapp_volume
resource (#19980) - networksecurity: added
tls_inspection_policy
field togoogle_network_security_gateway_security_policy
(#19986) - resourcemanager: added
disabled
togoogle_service_account
datasource (#20034) - spanner: added
asymmetric_autoscaling_options
field togoogle_spanner_instance
(#20014) - sql: removed the client-side default of
ENTERPRISE
foredition
ingoogle_sql_database_instance
so thatedition
is determined by the API when unset. This will cause new instances to useENTERPRISE_PLUS
as the default for POSTGRES_16. (#19977) - vmwareengine: added
autoscaling_settings
togoogle_vmwareengine_private_cloud
resource (#20057)
BUG FIXES:
- accesscontextmanager: fixed permadiff for perimeter ingress / egress rule resources (#20046)
- compute: fixed an error in
google_compute_security_policy_rule
that prevented updating the default rule (#20066) - container: fixed missing in-place updates for some
google_container_cluster.node_config
subfields (#20038)
v6.9.0
DEPRECATIONS:
- containerattached: deprecated
security_posture_config
field ingoogle_container_attached_cluster
resource (#19912)
FEATURES:
- New Data Source:
google_oracle_database_autonomous_database
(#19903) - New Data Source:
google_oracle_database_autonomous_databases
(#19901) - New Data Source:
google_oracle_database_cloud_exadata_infrastructures
(#19884) - New Data Source:
google_oracle_database_cloud_vm_clusters
(#19900) - New Resource:
google_apigee_app_group
(#19921) - New Resource:
google_apigee_developer
(#19911) - New Resource:
google_network_connectivity_group
(#19902)
IMPROVEMENTS:
- compute:
google_compute_network_firewall_policy_association
now uses MMv1 engine instead of DCL. (#19976) - compute:
google_compute_region_network_firewall_policy_association
now uses MMv1 engine instead of DCL. (#19976) - compute: added
creation_timestamp
field togoogle_compute_instance
,google_compute_instance_template
,google_compute_region_instance_template
(#19906) - compute: added
key_revocation_action_type
togoogle_compute_instance
and related resources (#19952) - looker: added
deletion_policy
togoogle_looker_instance
to allow force-destroying instances with nested resources by settingdeletion_policy = FORCE
(#19924) - monitoring: added
alert_strategy.notification_prompts
field togoogle_monitoring_alert_policy
(#19928) - storage: added
hierarchical_namespace
togoogle_storage_bucket
resource (#19882) - sql: removed the client-side default of
ENTERPRISE
foredition
ingoogle_sql_database_instance
so thatedition
is determined by the API when unset. This will cause new instances to useENTERPRISE_PLUS
as the default for POSTGRES_16. (#19977) - vmwareengine: added
autoscaling_settings
togoogle_vmwareengine_cluster
resource (#19962) - workstations: added
max_usable_workstations
field togoogle_workstations_workstation_config
resource. (#19872)
BUG FIXES:
- compute: fixed an issue where immutable
distribution_zones
was incorrectly sent to the API when updatingdistribution_policy_target_shape
ingoogle_compute_region_instance_group_manager
resource (#19949) - container: fixed a crash in
google_container_node_pool
caused by an occasional nil pointer (#19922) - essentialcontacts: fixed
google_essential_contacts_contact
import to include required parent field. (#19877) - sql: made
google_sql_database_instance.0.settings.0.data_cache_config
accept server-side changes when unset. When unset, no diffs will be created when instances change inedition
and the feature is enabled or disabled as a result. (#19972) - storage: removed retry on 404s during refresh for
google_storage_bucket
, preventing hanging when refreshing deleted buckets (#19964)
v6.8.0
FEATURES:
- New Data Source:
google_oracle_database_cloud_exadata_infrastructure
(#19856) - New Data Source:
google_oracle_database_cloud_vm_cluster
(#19859) - New Data Source:
google_oracle_database_db_nodes
(#19871) - New Data Source:
google_oracle_database_db_servers
(#19823) - New Resource:
google_oracle_database_autonomous_database
(#19860) - New Resource:
google_oracle_database_cloud_exadata_infrastructure
(#19798) - New Resource:
google_oracle_database_cloud_vm_cluster
(#19837) - New Resource:
google_transcoder_job_template
(#19854) - New Resource:
google_transcoder_job
(#19854)
IMPROVEMENTS:
- cloudfunctions: increased the timeouts to 20 minutes for
google_cloudfunctions_function
resource (#19799) - cloudrunv2: added
invoker_iam_disabled
field togoogle_cloud_run_v2_service
(#19833) - compute: made
google_compute_network_firewall_policy_rule
use MMv1 engine instead of DCL. (#19862) - compute: made
google_compute_region_network_firewall_policy_rule
use MMv1 engine instead of DCL. (#19862) - compute: added
ip_address_selection_policy
field togoogle_compute_backend_service
andgoogle_compute_region_backend_service
. (#19863) - compute: added
provisioned_throughput
field togoogle_compute_instance_template
resource (#19852) - compute: added
provisioned_throughput
field togoogle_compute_region_instance_template
resource (#19852) - container: added support for additional values
KCP_CONNECTION
, andKCP_SSHD
ingoogle_container_cluster.logging_config
(#19812) - dialogflowcx: added
advanced_settings.logging_settings
andadvanced_settings.speech_settings
togoogle_dialogflow_cx_agent
andgoogle_dialogflow_cx_flow
(#19801) - networkconnectivity: added
linked_producer_vpc_network
field togoogle_network_connectivity_spoke
resource (#19806) - secretmanager: added
is_secret_data_base64
field togoogle_secret_manager_secret_version
andgoogle_secret_manager_secret_version_access
datasources (#19831) - secretmanager: added
is_secret_data_base64
field togoogle_secret_manager_regional_secret_version
andgoogle_secret_manager_regional_secret_version_access
datasources (#19831) - spanner: added
kms_key_names
toencryption_config
ingoogle_spanner_database
(#19846) - workstations: added
max_usable_workstations
field togoogle_workstations_workstation_config
resource (#19872) - workstations: added field
allowed_ports
togoogle_workstations_workstation_config
(#19845)
BUG FIXES:
- bigquery: fixed a regression that caused
google_bigquery_dataset_iam_*
resources to attempt to set deleted IAM members, thereby triggering an API error (#19857) - compute: fixed an issue in
google_compute_backend_service
andgoogle_compute_region_backend_service
to allow sendingfalse
foriap.enabled
(#19795) - container:
node_config.linux_node_config
,node_config.workload_metadata_config
andnode_config.kubelet_config
will now successfully send empty messages to the API whenterraform plan
indicates they are being removed, rather than null, which caused an error. The sole reliable case isnode_config.linux_node_config
when the block is removed, where there will still be a permadiff, but the update request that's triggered will no longer error and other changes displayed in the plan should go through. (#19842)
v6.7.0
FEATURES:
- New Resource:
google_healthcare_pipeline_job
(#19717) - New Resource:
google_secure_source_manager_branch_rule
(#19773)
IMPROVEMENTS:
- container:
google_container_cluster
will now accept server-specified values fornode_pool_auto_config.0.node_kubelet_config
when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817) - discoveryengine: added
chat_engine_config.dialogflow_agent_to_link
field togoogle_discovery_engine_chat_engine
resource (#19723) - networkconnectivity: added field
migration
to resourcegoogle_network_connectivity_internal_range
(#19757) - networkservices: added
routing_mode
field togoogle_network_services_gateway
resource (#19764)
BUG FIXES:
- bigtable: fixed an error where BigTable IAM resources could be created with conditions but the condition was not stored in state (#19725)
- container: fixed issue which caused to not being able to disable
enable_cilium_clusterwide_network_policy
field ongoogle_container_cluster
. (#19736) - container: fixed a diff triggered by a new API-side default value for
node_config.0.kubelet_config.0.insecure_kubelet_readonly_port_enabled
. Terraform will now accept server-specified values fornode_config.0.kubelet_config
when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817) - dataproc: fixed a bug in
google_dataproc_cluster
that prevented creation of clusters withinternal_ip_only
set to false (#19782) - iam: addressed
google_service_account
creation issues caused by the eventual consistency of the GCP IAM API by ignoring 403 errors returned on polling the service account after creation. (#19727) - logging: fixed the whitespace permadiff on
exclusions.filter
field ingoogle_logging_billing_account_sink
,google_logging_folder_sink
,google_logging_organization_sink
andgoogle_logging_project_sink
resources (#19744) - pubsub: fixed permadiff with configuring an empty
retry_policy
block ingoogle_pubsub_subscription
. This will result inminimum_backoff
andmaximum_backoff
using server-side defaults. To use "immedate retry", do not specify aretry_policy
block at all. (#19784) - secretmanager: fixed the issue of unpopulated fields
labels
,annotations
andversion_destroy_ttl
in the terraform state for thegoogle_secret_manager_secrets
datasource (#19748)
v5.44.2
Notes:
- 5.44.2 is a backport release, responding to a GKE rollout that created permadiffs for many users. The changes in this release will be available in 6.7.0 and users upgrading to 6.X should upgrade to that version or higher.
IMPROVEMENTS:
- container:
google_container_cluster
will now accept server-specified values fornode_pool_auto_config.0.node_kubelet_config
when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817)
BUG FIXES:
- container: fixed a diff triggered by a new API-side default value for
node_config.0.kubelet_config.0.insecure_kubelet_readonly_port_enabled
. Terraform will now accept server-specified values fornode_config.0.kubelet_config
when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817)
v6.6.0
FEATURES:
- New Resource:
google_dataproc_batch
(#19686) - New Resource:
google_healthcare_pipeline_job
(#19717) - New Resource:
google_site_verification_owner
(#19641)
IMPROVEMENTS:
- assuredworkloads: added
HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS
andHEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT
enum values tocompliance_regime
in thegoogle_assuredworkload_workload
resource (#19714) - compute: added
bgp_best_path_selection_mode
,bgp_bps_always_compare_med
andbgp_bps_inter_region_cost
fields togoogle_compute_network
resource (#19708) - compute: added
next_hop_origin
,next_hop_med
andnext_hop_inter_region_cost
output fields togoogle_compute_route
resource (#19708) - compute: added enum
STATEFUL_COOKIE_AFFINITY
andstrong_session_affinity_cookie
field togoogle_compute_backend_service
andgoogle_compute_region_backend_service
resource (#19665) - compute: moved
TDX
instance option forconfidential_instance_type
ingoogle_compute_instance
from Beta to GA (#19706) - containeraws: added
kubelet_config
field group to thegoogle_container_aws_node_pool
resource (#19714) - pubsub: added GCS ingestion settings and platform log settings to
google_pubsub_topic
resource (#19669) - sourcerepo: added
create_ignore_already_exists
field togoogle_sourcerepo_repository
resource (#19716) - sql: added in-place update support for
settings.time_zone
ingoogle_sql_database_instance
resource (#19654) - tags: increased maximum accepted input length for the
short_name
field ingoogle_tags_tag_key
andgoogle_tags_tag_value
resources (#19712)
BUG FIXES:
- bigquery: fixed
google_bigquery_dataset_iam_member
to be able to delete itself and overwrite the existing iam members for bigquery dataset keeping the authorized datasets as they are. (#19682) - bigquery: fixed an error which could occur with service account field values containing non-lower-case characters in
google_bigquery_dataset_access
(#19705) - compute: fixed an issue where the
boot_disk.initialize_params.resource_policies
field ingoogle_compute_instance
forced a resource recreation when used in combination withgoogle_compute_disk_resource_policy_attachment
(#19692) - compute: fixed the issue that
labels
is not set when creating the resourcegoogle_compute_interconnect
(#19632) - tags: removed
google_tags_location_tag_binding
resource from the Terraform state when its parent resource has been removed outside of Terraform (#19693) - workbench: fixed a bug in the
google_workbench_instance
resource where the removal oflabels
was not functioning as expected. (#19620)
v6.5.0
DEPRECATIONS:
- compute: deprecated
macsec.pre_shared_keys.fail_open
field ingoogle_compute_interconnect
resource. Use the newmacsec.fail_open
field instead (#19572)
FEATURES:
- New Data Source:
google_compute_region_instance_group_manager
(#19589) - New Data Source:
google_privileged_access_manager_entitlement
(#19580) - New Data Source:
google_secret_manager_regional_secret_version_access
(#19538) - New Data Source:
google_secret_manager_regional_secret_version
(#19514) - New Data Source:
google_secret_manager_regional_secrets
(#19532) - New Resource:
google_compute_router_nat_address
(#19550) - New Resource:
google_logging_log_scope
(#19559)
IMPROVEMENTS:
- apigee: added
activate
field togoogle_apigee_nat_address
resource (#19591) - bigquery: added
biglake_configuration
field togoogle_bigquery_table
resource to support BigLake Managed Tables (#19541) - cloudrunv2: promoted
scaling
field ingoogle_cloud_run_v2_service
resource to GA (#19588) - composer: promoted
config.workloads_config.cloud_data_lineage_integration
field ingoogle_composer_environment
resource to GA (#19612) - compute: added
existing_reservations
field togoogle_compute_region_commitment
resource (#19585) - compute: added
hostname
field togoogle_compute_instance
data source (#19607) - compute: added
initial_nat_ip
field togoogle_compute_router_nat
resource (#19550) - compute: added
macsec.fail_open
field togoogle_compute_interconnect
resource (#19572) - compute: added
SUSPENDED
as a possible value todesired_state
field ingoogle_compute_instance
resource (#19586) - compute: added import support for
projects/{{project}}/meta-data/{{key}}
format forgoogle_compute_project_metadata_item
resource (#19613) - compute: marked
customer_name
andlocation
fields as optional ingoogle_compute_interconnect
resource to support cross cloud interconnect (#19619) - container: added
linux_node_config.hugepages_config
field togoogle_container_node_pool
resource (#19521) - container: promoted
gcfs_config
field ingoogle_container_cluster
resource to GA (#19617) - looker: added
psc_enabled
andpsc_config
fields togoogle_looker_instance
resource (#19523) - networkconnectivity: added
include_import_ranges
field togoogle_network_connectivity_spoke
resource forlinked_vpn_tunnels
,linked_interconnect_attachments
andlinked_router_appliance_instances
(#19530) - secretmanagerregional: added
version_aliases
field togoogle_secret_manager_regional_secret
resource (#19514) - workbench: increased create timeout to 20 minutes for
google_workbench_instance
resource (#19551)
BUG FIXES:
- bigquery: fixed in-place update of
google_bigquery_table
resource whenexternal_data_configuration.schema
field is set (#19558) - bigquerydatapolicy: fixed permadiff on
policy_tag
field ingoogle_bigquery_datapolicy_data_policy
resource (#19563) - composer: fixed
storage_config.bucket
field to support a bucket name with or without "gs://" prefix (#19552) - container: added support for setting
addons_config.gcp_filestore_csi_driver_config
andenable_autopilot
in the samegoogle_container_cluster
(#19590) - container: fixed
node_config.kubelet_config
updates ingoogle_container_cluster
resource (#19562) - container: fixed a bug where specifying
node_pool_defaults.node_config_defaults
withenable_autopilot = true
would causegoogle_container_cluster
resource creation failure (#19543) - workbench: fixed a bug in the
google_workbench_instance
resource where the removal oflabels
was not functioning as expected (#19620)
v6.4.0
DEPRECATIONS:
- securitycenterv2: deprecated
google_scc_v2_organization_scc_big_query_exports
. Usegoogle_scc_v2_organization_scc_big_query_export
instead. (#19457)
FEATURES:
- New Data Source:
google_secret_manager_regional_secret_version
(#19514) - New Data Source:
google_secret_manager_regional_secret
(#19491) - New Resource:
google_database_migration_service_migration_job
(#19488) - New Resource:
google_discovery_engine_target_site
(#19469) - New Resource:
google_healthcare_workspace
(#19476) - New Resource:
google_scc_folder_scc_big_query_export
(#19480) - New Resource:
google_scc_organization_scc_big_query_export
(#19465) - New Resource:
google_scc_project_scc_big_query_export
(#19466) - New Resource:
google_scc_v2_organization_scc_big_query_export
(#19457) - New Resource:
google_secret_manager_regional_secret_version
(#19504) - New Resource:
google_secret_manager_regional_secret
(#19461) - New Resource:
google_site_verification_web_resource
(#19477) - New Resource:
google_spanner_backup_schedule
(#19449)
IMPROVEMENTS:
- alloydb: added
enable_outbound_public_ip
field togoogle_alloydb_instance
resource (#19444) - apigee: added in-place update for
consumer_accept_list
field ingoogle_apigee_instance
resource (#19442) - compute: added
interface
field togoogle_compute_attached_disk
resource (#19440) - compute: added in-place update in
google_compute_interconnect
resource, except forremote_location
andrequested_features
fields (#19508) - filestore: added
deletion_protection_enabled
anddeletion_protection_reason
fields togoogle_filestore_instance
resource (#19446) - looker: added
fips_enabled
field togoogle_looker_instance
resource (#19511) - metastore: added
deletion_protection
field togoogle_dataproc_metastore_service
resource (#19505) - netapp: added
allow_auto_tiering
field togoogle_netapp_storage_pool
resource (#19454) - netapp: added
tiering_policy
field togoogle_netapp_volume
resource (#19454) - secretmanagerregional: added
version_aliases
field togoogle_secret_manager_regional_secret
resource (#19514) - spanner: added
edition
field togoogle_spanner_instance
resource (#19449)
BUG FIXES:
- compute: fixed a permadiff on
iap
field ingoogle_compute_backend
andgoogle_compute_region_backend
resources (#19509) - container: fixed a bug where specifying
node_pool_defaults.node_config_defaults
withenable_autopilot = true
will causegoogle_container_cluster
resource creation failure (#19543) - container: fixed a permadiff on
node_config.gcfs_config
field ingoogle_container_cluster
andgoogle_container_node_pool
resources (#19512) - container: fixed the in-place update for
node_config.gcfs_config
field ingoogle_container_cluster
andgoogle_container_node_pool
resources (#19512) - container: made
node_config.kubelet_config.cpu_manager_policy
field optional to fix its update ingoogle_container_cluster
resource (#19464) - dns: fixed a permadiff on
dnssec_config
field ingoogle_dns_managed_zone
resource (#19456) - pubsub: allowed
filter
field to contain line breaks ingoogle_pubsub_subscription
resource (#19451)