v2.60.0
NOTES:
- provider: Region validation now automatically supports the new
eu-south-1
(Europe (Milan)) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the AWS Documentation. When the region is not enabled, the Terraform AWS Provider will return errors during credential validation (e.g.error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid
) or AWS operations will throw their own errors (e.g.data.aws_availability_zones.current: Error fetching Availability Zones: AuthFailure: AWS was not able to validate the provided access credentials
). (#12970) - provider: Ignore tags functionality across all data sources and resources (except
aws_autoscaling_group
) via the provider-levelignore_tags
configuration block has been enabled and this functionality is no longer considered in preview. (#13039)
FEATURES:
- New Data Source:
aws_backup_plan
(#13035) - New Data Source:
aws_backup_selection
(#13035) - New Data Source:
aws_backup_vault
(#13035) - New Data Source:
aws_ec2_transit_gateway_peering_attachment
(#11162) - New Resource:
aws_ec2_transit_gateway_peering_attachment
(#11162) - New Resource:
aws_guardduty_organization_admin_account
(#13034) - New Resource:
aws_guardduty_organization_configuration
(#13034)
ENHANCEMENTS:
- data-source/aws_cloudtrail_service_account: Support
eu-south-1
region (#13061) - data-source/aws_ebs_volume: Add
outpost_arn
attribute (#12439) - data-source/aws_elastic_beanstalk_hosted_zone: Support
eu-south-1
region (#13061) - data-source/aws_elb_hosted_zone_id: Add
us-gov-east-1
andus-gov-west-1
region values (#12976) - data-source/aws_elb_hosted_zone_id: Support
eu-south-1
region (#13061) - data-source/aws_elb_service_account: Support
eu-south-1
region (#13061) - data-source/aws_instance: Add
outpost_arn
attribute (#12330) - data-source/aws_network_interface: Add
outpost_arn
attribute (#12440) - data-source/aws_s3_bucket: Support
eu-south-1
region forhosted_zone_id
attribute (#13061) - data-source/aws_subnet: Add
outposts_arn
attribute (#12097) - provider: Support automatic region validation for
eu-south-1
(#12970) - provider: Implement ignore tags functionality across all data sources and resources (except
aws_autoscaling_group
) (#13039) - resource/aws_api_gateway_stage: Ignore
NotFoundException
error on destroy (#12826) - resource/aws_db_snapshot: Support import (#12978)
- resource/aws_default_route_table: Add plan-time validation to
cidr_block
andipv6_cidr_block
arguments (#12858) - resource/aws_default_route_table: Support import (#13030)
- resource/aws_dms_endpoint: Add
kafka_settings
configuration block andkafka
toengine_name
argument validation (#12835) - resource/aws_ebs_volume: Add
outpost_arn
argument (#12439) - resource/aws_elasticsearch_domain: Support customizable update timeout (#12916)
- resource/aws_glue_connection: Support
MONGODB
forconnection_type
argument (#13011) - resource/aws_key_pair: Support tag-on-create (#12962)
- resource/aws_instance: Add
outpost_arn
attribute (#12330) - resource/aws_mq_broker: Support import (#11841)
- resource/aws_network_interface: Add
outpost_arn
attribute (#12440) - resource/aws_placement_group: Support tag-on-create (#12963)
- resource/aws_route_table: Add plan-time validation to
cidr_block
andipv6_cidr_block
arguments (#12858) - resource/aws_route53_health_check: Support plan-time validation for
reference_name
argument (#12873) - resource/aws_s3_bucket: Support
eu-south-1
region forhosted_zone_id
attribute (#13061) - resource/aws_spot_fleet_request: Add
launch_template_config
configuration block (Support EC2 Launch Templates) (#12732) - resource/aws_spot_fleet_request: Support import (#12767)
- resource/aws_storagegateway_gateway: Add
gateway_vpc_endpoint
argument (#9966) - resource/aws_storagegateway_smb_file_share: Add
path
attribute (#12623) - resource/aws_subnet: Add
outposts_arn
argument (#12097) - resource/aws_wafregional_xss_match_set: Add plan-time validation for
xss_match_tuple
configuration block arguments (#13024)
BUG FIXES:
- data-source/aws_api_gateway_rest_api: Prevent error with VPC Endpoint configured APIs (#12825)
- resource/aws_appautoscaling_scheduled_action: Prevent error on refresh with multiple resources using the same scheduled action name (#12699)
- resource/aws_batch_job_queue: Prevent panic when
ComputeEnvironmentOrder
is updated outside Terraform (#12632) - resource/aws_default_route_table: Proper tag on resource creation (#12858)
- resource/aws_efs_file_system: Prevent panic with empty
lifecycle_policy
configuration block (#12640) - resource/aws_fsx_windows_file_system: Prevent panic when update includes
self_managed_active_directory
settings (#12630) - resource/aws_glue_catalog_table: Prevent various panics with empty configuration blocks (#12611)
- resource/aws_kinesis_firehose_delivery_stream: Prevent panic with empty
processing_configuration
configuration block (#12613) - resource/aws_kms_external_key: Prevent
MalformedPolicyDocumentException
errors on creation by retrying for up to 2 minutes to wait for IAM change propagation (#12863) - resource/aws_kms_key: Prevent
MalformedPolicyDocumentException
errors on creation by retrying for up to 2 minutes to wait for IAM change propagation (#12863) - resource/aws_lb_listener: Prevent panics on creation and refresh when API throttled (#12617)
- resource/aws_route53_zone: Prevent panic with APIs missing
ChangeInfo
during creation (best effort fix for LocalStack) (#12634) - resource/aws_storagegateway_gateway: Perform multiple connectivity checks after activation to wait if the underlying server (e.g. EC2 Instance) is automatically rebooted (#12772)
- resource/aws_storagegateway_gateway: Retry 504 status code on activation (#12773)
- resource/aws_wafregional_xss_match_set: Prevent crash with
xss_match_tuple
configuration block since version 2.59.0 (#13024)