chore(deps): update terraform-providers (major)

This MR contains the following updates:

Package	Type	Update	Change
gitlab (source)	required_provider	major	~> 17.0 -> ~> 18.0
google (source)	required_provider	major	~> 6.0 -> ~> 7.0
google-beta (source)	required_provider	major	~> 6.0 -> ~> 7.0

---

Release Notes

gitlabhq/terraform-provider-gitlab (gitlab)

v18.4.1

Compare Source

IMPROVEMENTS (1 change)

• Bumped GitLab client-go dependency to v0.148.0 to improve default retry policy (merge request)

v18.4.0

Compare Source

FEATURES (2 changes)

• resource/gitlab_group_level_mr_approvals: Add group level merge request approvals resource by @​heidi.berry (merge request)
• resource/gitlab_project_external_status_check: Add new resource for project external status checks by @​mness (merge request)

IMPROVEMENTS (1 change)

• resource/gitlab_project_hook: Update docs to indicate which version of GitLab is required to use custom headers by @​heidi.berry (merge request)

BUG FIXES (2 changes)

• resource/gitlab_group_service_account: Wait for group service account users to be deleted during destroy by @​heidi.berry (merge request)
• resource/gitlab_group_share_group: Add feature flag information for using custom roles by @​heidi.berry (merge request)

v18.3.0

Compare Source

FEATURES (3 changes)

• Add new gitlab_group_deploy_token and gitlab_project_deploy_token resources. The existing generic gitlab_deploy_token resource has now been deprecated. by @​mness (merge request)
• Add new gitlab_group_saml_links datasource by @​heidi.berry (merge request)
• Support client-go config file for provider authentication. See more information here: https://gitlab.com/gitlab-org/api/client-go#use-the-config-package-experimental by @​timofurrer (merge request)

IMPROVEMENTS (6 changes)

• resource/gitlab_project_level_notifications: Update to handle unknown value validation by @​PatrickRice (merge request)
• resource/gitlab_group: Add support for administrator to project_creation_level by @​aldo.salas1 (merge request)
• resource/gitlab_group_security_policy_attachments: This resource now checks permissions prior to adding the policy, and fails with a informative error if permissions are missing by @​PatrickRice (merge request)
• resource/gitlab_project_security_policy_attachments: This resource now checks permissions prior to adding the policy, and fails with a informative error if permissions are missing by @​PatrickRice (merge request)
• resource/gitlab_deploy_token: Add support for previously missing scope options by @​mness (merge request)
• resource/gitlab_instance_service_account: Allow instance service accounts to be created without username and/or name by @​heidi.berry (merge request)

BUG FIXES (6 changes)

• resource/gitlab_global_level_notifications: Update to handle unknown value validation by @​PatrickRice (merge request)
• resource/gitlab_project_level_notifications: Update to handle unknown value validation by @​PatrickRice (merge request)
• resource/gitlab_project_protected_environment: Fix error in protected environment using unknown deploy attributes by @​PatrickRice (merge request)
• resource/gitlab_project_integration_github: Fix a provider panic that occurs when importing a non-existent integration by @​heidi.berry (merge request)
• resource/gitlab_group_dependency_proxy: Fixed a bug where importing using an import block caused an immediate replace by @​PatrickRice (merge request)
• resource/gitlab_group: Fixed an issue with permanently_remove_on_delete that occurred when deleting groups on GitLab versions later than 18.0 by @​heidi.berry (merge request)

v18.2.0

Compare Source

FEATURES (2 changes)

• datasource/gitlab_project_access_tokens: Allows retrieving project access tokens by @​ruben.aleman (merge request)
• resource/gitlab_project_container_registry_protection: Allows managing container registry protections for a project by @​hristiyan.ivanov (merge request)

IMPROVEMENTS (5 changes)

• resource/gitlab_project: Added support for ci_push_repository_for_job_token_allowed by @​danilobuerger (merge request)
• resource/gitlab_group_hook: Add emoji_events support by @​lllkq546449541 (merge request)
• resource/gitlab_project_protected_environment: Create new deploy_access_levels_attribute using an object list instead of nested blocks to enable easier operations with other resources. The existing deploy_access_levels is deprecated and will be removed in 19.0. by @​heidi.berry (merge request)
• resource/gitlab_group_service_account: Allow using custom emails with group service accounts by @​heidi.berry (merge request)
• resource/gitlab_branch_protection: Add admin push access level support by @​netflash (merge request)

BUG FIXES (2 change)

• resource/gitlab_project_label: Fixed a bug that caused a plan operation when a named color was used instead of a hex by @​heidi.berry (merge request)
• access token resources: Fixed a bug where using an unknown value for scopes caused an error by @​PatrickRice (merge request)

v18.1.1

Compare Source

BUG FIXES (1 change)

• resource/gitlab_group_service_account_access_token: Fix a bug when using scopes with an unknown set, resulting in an error message about the provider by @​heidi.berry (merge request)

v18.1.0

Compare Source

FEATURES (3 changes)

• resource/gitlab_project_merge_request_note: New resource allows creating merge request notes by @​heidi.berry (merge request)
• resource/gitlab_application_appearance: New resource allows managing instance-wide application appearance by @​heidi.berry (merge request)
• datasource/gitlab_project_merge_requests: New datasource allows listing project merge requests by @​heidi.berry (merge request)

IMPROVEMENTS (15 changes)

• resource/gitlab_project: Add support for ci_forward_deployment_rollback_allowed by @​paroose (merge request)
• resource/gitlab_project: Add support for auto_duo_code_review_enabled by @​mness (merge request)
• resource/gitlab_project: Add branches option to project resource when forking by @​Taucher2003 (merge request)
• resource/gitlab_group_saml_link: Update group access level list for SAML group links to include planner by @​heidi.berry (merge request)
• resource/gitlab_deploy_key: Add support for expires_at, allowing expiring project deploy keys by @​heidi.berry (merge request)
• resource/gitlab_project_integration_mattermost: Rename mattermost integration resource to clarify that it's project-level. The old resource name is now deprecated. by @​heidi.berry (merge request)
• resource/gitlab_project_integration_emails_on_push: Rename emails on push integration resource to clarify that it's project-level. The old resource name is now deprecated. by @​heidi.berry (merge request)
• resource/gitlab_project_integration_external_wiki: Rename external wiki integration resource to clarify that it's project-level. The old resource name is now deprecated. by @​heidi.berry (merge request)
• resource/gitlab_project_integration_custom_issue_tracker: Rename custom issue tracker integration resource to clarify that it's project-level. The old resource name is now deprecated. by @​heidi.berry (merge request)
• resource/gitlab_project_integration_jenkins: Rename jenkins integration resource to clarify that it's project-level. The old resource name is now deprecated. by @​heidi.berry (merge request)
• resource/gitlab_project_integration_harbor: Rename harbor integration resource to clarify that it's project-level. The old resource name is now deprecated. by @​heidi.berry (merge request)
• resource/gitlab_group_service_account_access_token: Add support creating service account tokens with no expiry by @​heidi.berry (merge request)
• resource/gitlab_project_job_token_scopes: The enabled attribute will now attempt to check the instance enforce_ci_inbound_job_token_scope_enabled prior to allowing a user to set the value to false, and will fail at plan time instead of apply time if the enabled setting conflicts with instance settings. by @​PatrickRice (merge request)
• datasource/gitlab_user: Add experimental support for email_exact_match, which will always return an exact match on the email. This will override the fuzzy matching of the GitLab search API when no users match the given email. by @​ricardo.bartels (merge request)
• multiple resources: Add missing examples to resources by @​heidi.berry (merge request)

BUG FIXES (3 changes)

• resource/gitlab_branch: Add warning to use lifecycle ignore_changes for gitlab_branch.ref by @​heidi.berry (merge request)
• resource/gitlab_project: If a project import fails, the specific import error will now be surfaces to the user by @​heidi.berry (merge request)
• multiple label resources: Fixed an issue where using label color names would cause an error by @​heidi.berry (merge request)

v18.0.0

Compare Source

BREAKING CHANGES (20 changes)

• resource/gitlab_repository_file: Update encoding to be a required field by @​heidi.berry (merge request)
• resource/gitlab_integration_jira: Remove project_key, use project_keys instead by @​heidi.berry (merge request)
• datasource/gitlab_project_issues: Update not_assignee_id, not_author_id, not_my_reaction_emoji from a list... by @​heidi.berry (merge request)
• Removes resource gitlab_service_github. Use gitlab_integration_github instead. by @​heidi.berry (merge request)
• Remove resource gitlab_service_emails_on_push. Use gitlab_integration_emails_on_push instead. by @​heidi.berry (merge request)
• Remove force new requirement when changing project variable environment... by @​heidi.berry (merge request)
• Removes resource gitlab_service_jira. Use gitlab_integration_jira instead. by @​heidi.berry (merge request)
• Remove gitlab_service_external_wiki. Use gitlab_integration_external_wiki instead. by @​heidi.berry (merge request)
• resource/gitlab_project: Remove field name_regex, use name_regex_delete instead by @​heidi.berry (merge request)
• Remove resource gitlab_service_pipelines_email. Use gitlab_integration_pipelines_email instead. by @​heidi.berry (merge request)
• Remove conditional check for report_type based on 17.2. Attempting to use... by @​heidi.berry (merge request)
• Remove access_level, use group_access instead by @​heidi.berry (merge request)
• Removes field soft_delete as it was replaced by a normal delete in 14.9.... by @​heidi.berry (merge request)
• Remove application settings deprecated fields (See MR for details of old vs new fields) by @​heidi.berry (merge request)
• Remove fields extern_uid and external_provider from resource... by @​heidi.berry (merge request)
• resource/gitlab_project: Remove build_coverage_regex, simplify squash_option and secret push protection logic by @​heidi.berry (merge request)
• Remove resource gitlab_service_custom_issue_tracker. Use... by @​heidi.berry (merge request)
• Remove resource gitlab_project_compliance_framework. Use... by @​heidi.berry (merge request)
• Remove resource gitlab_service_microsoft_teams. Use gitlab_integration_microsoft_teams` instead. by @​heidi.berry (merge request)
• Breaking change, remove deprecated gitlab_service_slack by @​heidi.berry (merge request)

FEATURES (1 change)

• Add gitlab_integration_redmine resource by @​0oMarko0 (merge request)

IMPROVEMENTS (5 changes)

• resource/gitlab_group: Improve top level group note on gitlab_group documentation by @​heidi.berry (merge request)
• resource/gitlab_instance_service_account: Add support for email by @​bas.bremer (merge request)
• Add self_rotate support to tokens. Using self_rotate will use the token to... by @​heidi.berry (merge request)
• Update documentation links by @​heidi.berry (merge request)
• Update documentation links by @​heidi.berry (merge request)

BUG FIXES (1 change)

• Externally revoked Personal, Group, Project, and Service Account Tokens will... (merge request)

v17.11.0

Compare Source

This release was tested against GitLab 17.11, 17.10, and 17.9 for both CE and EE

FEATURES (1 change)

• resource/gitlab_group_dependency_proxy: Adds support for managing the docker hub Group Dependency Proxy by @​PatrickRice (merge request)

IMPROVEMENTS (9 changes)

• resource/gitlab_project_job_token_scopes: Add support for Enabled by @​qa-andreas-grub (merge request)
• resource/gitlab_group_ldap_link: Add support for member_role_id to support custom roles by @​PatrickRice (merge request)
• resource/gitlab_project: Add support for ci_id_token_sub_claim_components by @​bakkerduncan (merge request)
• resource/gitlab_project: Add ci_delete_pipelines_in_seconds by @​ztzxt (merge request)
• resource/gitlab_project: Improved documentation for squash_option @​heidi.berry (merge request)
• resource/gitlab_integration_jira: Added deprecation notice for project_key by @​heidi.berry (merge request)
• Add support for new planner role to multiple membership resources by @​heidi.berry (merge request)
• Update documentation URLs for multiple integration resources by @​@​bas.bremer (merge request)
• Add token descriptions to project, group, and personal access tokens by @​PatrickRice (merge request)

BUG FIXES (8 changes)

• resource/gitlab_project_mirror: Fixes an issue where mirror_branch_regex would cause a perpetual plan by @​mness (merge request)
• resource/gitlab_project_variable: Fixed an issue where removing project variables outside of TF could break the state file by @​jonathand2 (merge request)
• resource/gitlab_group_variable: Fixed an issue where removing group variables outside of TF could break the state file by @​jonathand2 (merge request)
• resource/gitlab_group: Fix an issue where membership_lock was set to false if not specified in the config by @​PatrickRice (merge request)
• resource/gitlab_group_issue_board: Fix an issue with group issue board error handling that would cause the provider to panic by @​PatrickRice (merge request)
• resource/gitlab_group_issue_board: Added error handling to provide earlier error detection and messaging by @​heidi.berry (merge request)
• resource/gitlab_group_membership: Fix an error where expires_at and member_role_id were not computed by @​PatrickRice (merge request)
• resource/gitlab_instance_service_account: Refactor a system panic that could happen when waiting for delete by @​timofurrer (merge request)

hashicorp/terraform-provider-google (google)

v7.4.0

Compare Source

DEPRECATIONS:

• compute: deprecated the option to deploy a container during VM creation using the container startup agent in google_compute_instance. Use alternative services to run containers on your VMs. Learn more at https://cloud.google.com/compute/docs/containers/migrate-containers. (#​24375)

FEATURES:

• New Data Source: google_artifact_registry_maven_artifact (#​24358)
• New Data Source: google_compute_interconnect_location (#​24377)
• New Resource: google_network_services_wasm_plugin (#​24406)
• New Resource: google_resource_manager_capability (#​24404)

IMPROVEMENTS:

• cloudrunv2: added mount_options in gcsfuse volumes for google_cloud_run_v2_service, google_cloud_run_v2_job, and google_cloud_run_v2_workerpool resources. (#​24413)
• compute: added cipher_suite field to google_compute_vpn_tunnel resource. (#​24378)
• container: added auto_ipam_config to google_container_cluster resource. (#​24396)
• storage: added support for timeouts to google_storage_bucket_iam_binding, google_storage_bucket_iam_member, google_storage_bucket_iam_policy resources (#​24376)

BUG FIXES:

• bigtable: fixed node_scaling_factor forcing new instance on google_bigtable_instance when adding new cluster (#​24410)
• cloudscheduler: fixed a type assertion panic in google_cloud_scheduler_job when processing HTTP headers with nil or unexpected data types (#​24360)
• compute: fixed the Network field cannot be modified issue in google_compute_region_backend_service. Now updating the network field will force the resource to be recreated. (#​24398)
• netapp: fixed incorrect default value handling in google_netapp_volume for export_policy.rules attributes has_root_access and squash_mode. When not specified, these fields will now take on the API default value with no diff. (#​24395)
• netapp: updated google_netapp_storage_pool to source the default value for the qos_type field from the API. If not specified in the configuration, qos_type will now default to the value provided by the NetApp Volumes API. (#​24394)
• sql: fixed the permadiffs on disk_size when disk_autoresize is enabled in google_sql_database_instance (#​24399)
• workbench: added retry for unable to queue the operation 409 errors in google_workbench_instance resource. (#​24392)

v7.3.0

Compare Source

FEATURES:

• New Data Source: google_backup_dr_data_source_reference (#​24346)
• New Resource: google_bigquery_datapolicyv2_data_policy (#​24313)
• New Resource: google_saas_runtime_release (#​24289)
• New Resource: google_secure_source_manager_hook (#​24345)

IMPROVEMENTS:

• cloudrun: added sub_path field to google_cloud_run_service resource. (#​24341)
• cloudrunv2: added sub_path field to google_cloud_run_v2_service google_cloud_run_v2_job and google_cloud_run_v2_worker_pool resource. (#​24341)
• compute: added labels and label_fingerprint fields to google_compute_security_policy resource (#​24322)
• compute: labels under initialize_params are now updatable on google_compute_instance (#​24349)
• container: added new fields memory_manager and topology_manager to node_kubelet_config block (#​24277)
• datastream: added destination_config.bigquery_destination_config.source_hierarchy_datasets.project_id field to google_datastream_stream resource (#​24340)
• discoveryengine: added app_type field to google_discovery_engine_search_engine resource (#​24320)
• gkeonprem: added proxy field to google_gkeonprem_vmware_admin_cluster resource (#​24338)
• healthcare: added validation_config to google_healthcare_fhir_store resource (#​24336)
• iamworkforcepool: added extended_attributes field to workforce_pool_provider resource (#​24308)
• netapp: added export_policy.rules.squash_mode field to google_netapp_volume resource. (#​24350)
• privateca: added encryption_spec field to google_privateca_ca_pool resource (#​24328)
• run: added connector to vpc_access on google_cloud_run_v2_worker_pool resource (#​24337)
• tags: added the DATA_GOVERNANCE value to google_tags_tag_key.purpose (#​24307)

BUG FIXES:

• bigquery: updated the schema change detection for google_bigquery_table to take into account presence of row access policy (#​24284)
• compute: fixed allow_global_access to correctly be immutable for google_compute_forwarding_rule resources with load balancing scheme of INTERNAL_MANAGED (#​24312)
• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​24353)
• dialogflow: added support for non-global endpoints for google_dialogflow_conversation_profile (#​24351)
• publicca: use RawURLEncoding instead of URLEncoding for unpadded base64 encoding (#​24283)
• secretmanager: fixed a panic in google_secret_manager_secret_version in a secret_manager (#​24326)
• workbench: fixed issue that resource creation with computed labels field fails in google_workbench_instance resource (#​24311)
• workbench: made report-notebook-metrics metadata key settable for google_workbench_instance (#​24310)

v7.2.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_python_package (#​24267)
• New Data Source: google_backup_dr_data_source_references (#​24268)
• New Resource: google_discovery_engine_acl_config (#​24276)
• New Resource: google_saas_runtime_unit_kind (#​24236)

IMPROVEMENTS:

• chronicle: made the scope_info field in google_chronicle_reference_list configurable (#​24250)
• compute: added header_action to path_matcher and default_service level on google_compute_region_url_map resource (#​24253)
• container: added secret_manager_config.rotation_config field to google_container_cluster resource (#​24244)
• container: added new fields memory_manager and topology_manager to google_container_cluster.node_config.kubelet_config and google_container_node_pool.node_config.kubelet_config (#​24277)
• sql: added final_backup_description and final_backup_config fields to google_sql_database_instance resource (#​24273)
• storage: added aws_s3_compatible_data_source to google_storage_transfer_job resource (#​24241)

BUG FIXES:

• provider: fixed an issue with universe_domain where the provider tried to connect to "googleapis.com" for user email logging when universe_domain was set (#​24238)
• container: fixed a faulty diff for arrays on user_managed_keys_config that caused faulty cluster updates to be triggered in google_container_cluster (#​24256)
• osconfig: fixed a permadiff in google_osconfig_patch_deployment where patch_config.yum.minimal doesn't send false for empty values (#​24247)

v7.1.1

Compare Source

BUG FIXES:

• bigtable: fixed an error encountered when applying google_bigtable_table_iam_* resources after upgrading to 7.x and replacing instance with instance_name (#​24255)

v7.1.0

Compare Source

DEPRECATIONS:

• container: deprecated enterprise_config field in google_container_cluster resource. GKE Enterprise features are now available without an Enterprise tier. (#​24210)
• storage: removed deprecated status for field to detect_md5hash in google_storage_bucket_object resource (#​24147)

FEATURES:

• New Data Source: google_iap_web_forwarding_rule_service_iam_policy (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_binding (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_member (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_policy (#​24178)

IMPROVEMENTS:

• artifactregistry: added registry_uri as attribute to google_artifact_registry_repository (#​24164)
• backupdr: added 'supported_resource_types' field to google_backup_dr_backup_plan resource (#​24189)
• backupdr: added create_time field to google_backup_dr_backup data source (#​24183)
• cloudbuild: added worker_config.enable_nested_virtualization field to google_cloudbuild_worker_pool resource (#​24176)
• cloudrunv2: added support for multi_region_settings field to google_cloud_run_v2_service resource (#​24149)
• compute: add params.resource_manager_tags field to the google_compute_region_backend_service (#​24191)
• compute: added public_delegated_sub_prefixs field to resource google_compute_public_delegated_prefix (#​24202)
• compute: added update_strategy field to google_compute_network_peering resource (#​24180)
• firestore: added unique field to google_firestore_index resource (#​24163)
• netapp: added qos_type and available_throughput_mibps fields to google_netapp_storage_pool resource (#​24161)
• netapp: added throughput_mibps field to google_netapp_volume resource (#​24161)
• networkservices: allowed EXPLICIT_ROUTING_MODE for routing_mode on google_network_services_gateway resource (#​24151)
• sql: added consumer_network_status, ip_address, and status fields to psc_auto_connections field on google_sql_database_instance resource (#​24201)
• storagetransfer: added service_account field to google_storage_transfer_job resource (#​24193)
• storagetransfer: added transfer_spec.aws_s3_data_source.credentials_secret to google_storage_transfer_job resource (#​24152)

BUG FIXES:

• compute: fixed certain spurious diffs for google_compute_region_backend_service.backend.group (#​24157)
• compute: fixed permadiff on google_compute_region_network_endpoint_group when no network is specified (#​24182)
• memorystore: fixed permadiffs that cause destroy+recreate on new google_memorystore_instance when desired_psc_auto_connections is set (#​24212)
• netapp: fixed a permadiff on total_iops in google_netapp_storage_pool resource (#​24207)
• oracledatabase: fixed permadiffs on google_oracle_database_autonomous_database resource for the odb_network and odb_subnet fields (#​24184)

v7.0.1

Compare Source

BUG FIXES:

• storage: fixed a conversion crash in google_storage_bucket state migration #​24186

v7.0.0

Compare Source

Terraform Google Provider 7.0.0 Upgrade Guide

BREAKING RESOURCE REMOVALS:

• beyondcorp: removed google_beyondcorp_application, its associated IAM resources google_beyondcorp_application_iam_binding, google_beyondcorp_application_iam_member, and google_beyondcorp_application_iam_policy, and the google_beyondcorp_application_iam_policy datasource. Use google_beyondcorp_security_gateway_application instead. #​23999
• notebooks: removed google_notebooks_location #​23607
• tpu: removed google_tpu_node. Use google_tpu_v2_vm instead. #​23964

BREAKING FIELD REMOVALS:

• cloudrunv2: removed template.containers.depends_on within resource google_cloud_run_v2_worker_pool #​23815
• colab: removed post_startup_script_config field from from google_colab_runtime_template resource #​24026
• compute: removed field enable_flow_logs from google_compute_subnetwork #​23704
• gkehub: removed configmanagement.binauthz field in google_gke_hub_feature_membership #​24076
• gkehub: removed description field in google_gke_hub_membership #​23587
• memorystore: removed allow_fewer_zones_deployment field from google_memorystore_instance resource because it isn't user-configurable #​24079
• redis: removed allow_fewer_zones_deployment field from google_redis_cluster resource because it isn't user-configurable #​24079
• resourcemanager: removed non-functional project field from google_service_account_key datasource #​24000
• vertexai: removed enable_secure_private_service_connect in google_vertex_ai_endpoint #​23843

BREAKING INCREASED VALIDATION:

• cloudfunctions2: made event_type a required field for event_trigger in google_cloudfunctions2_function #​23918
• networkservices: made load_balancing_scheme required in google_network_services_lb_traffic_extension #​23748
• sql: made password_wo_version required when password_wo is set in google_sql_user #​24083
• storage: added validation requiring the topic field to be in the form "projects//topics/" in google_storage_notification #​24135
• storagetransfer: added path validation for GCS path source and sink in google_storage_transfer_job #​23493
• vertexai: made metadata, and metadata.config required in google_vertex_ai_index. Resource creation would fail without these attributes already, so no change is necessary to existing configurations. #​23971

OTHER BREAKING CHANGES:

• alloydb: added deletion_protection field with a default value of true to google_alloydb_cluster resource #​24024
• apigee: changed certs_info field in google_apigee_keystores_aliases_key_cert_file to be output-only #​24135
• apigee: migrated google_apigee_keystores_aliases_key_cert_file to the plugin framework #​24135
• artifactregistry: removed the default values for public_repository fields in google_artifact_registry_repository. If your state is reliant on them, they will now need to be manually included in your configuration. #​23970
• bigquery: removed the default value of view.use_legacy_sql in google_bigquery_table #​24065
• bigtable: renamed instance to instance_name for bigtable_table_iam objects #​23399
• billing: made budget_filter.credit types and budget_filter.subaccounts no longer optional+computed, only optional, in google_billing_budget resource #​24078
• cloudfunctions2: changed service_config.service field in google_cloudfunctions2_function resource to be output-only #​23790
• compute: subnetworks and instances fields in google_compute_packet_mirroring have been converted from arrays to sets #​24021
• compute: advertised_ip_ranges field group in google_compute_router has been converted from a list to a set #​24030
• compute: disk.type, disk.mode and disk.interface no longer use provider configured default values and instead will be set by the API in google_compute_instance_template and google_compute_region_instance_template resources #​24055
• provider: fixed many import functions throughout the provider that erroneously matched a subset of the provided input, leading to unclear error messages when using terraform input with invalid resource IDs. #​24010
• resourcemanager: changed disable_on_destroy default value to false in google_project_service #​23951
• securesourcemanager: changed deletion_policy default value from DELETE to PREVENT #​23963
• storage: retention_period field in google_storage_bucket has been converted from int to string data type #​23535
• storage: migrated google_storage_notification to the plugin framework #​24135

FEATURES:

• New Data Source: google_artifact_registry_npm_package (#​24072)
• New Data Source: google_certificate_manager_dns_authorization (#​24009)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_binding (#​24041)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_member (#​24041)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_policy (#​24041)
• New Resource: google_saas_runtime_saas (#​24028)

IMPROVEMENTS:

• cloudbuild: added developer_connect_event_config field to google_cloudbuild_trigger resource (#​24043)
• cloudtasks: added desired_state field to google_cloud_tasks_queue resource (#​24053)
• cloudrunv2: added max_instance_count field to google_cloud_run_v2_service resource. (#​24031)
• compute: added params.resourceManagerTags field to the google_compute_backend_service (#​24062)
• compute: added params.resource_manager_tags field to google_compute_backend_bucket (#​24068)
• compute: added short_name field to google_compute_organization_security_policy resource (#​24059)
• container: added cluster_autoscaling.default_compute_class_enabled field to google_container_cluster resource (#​24023)
• dialogflowcx: added enableMultiLanguageTraining, locked, answerFeedbackSettings, personalizationSettings, clientCertificateSettings, startPlaybook, satisfiesPzs, and satisfiesPzi to google_dialogflow_cx_agent resource. (#​24007)
• lustre: increased google_lustre_instance resource create timeout to 120m from 20m (#​24056)
• oracledatabase: enabled default_from_api flag for ODB Network related fields in google_oracle_database_cloud_vm_cluster resource (#​24045)
• sql: added feature to restore google_sql_database_instance using backupdr_backup (#​24066)
• ssm: made ca_pool argument optional for private instances that use Google-managed trusted certificates.tosecure_source_manager` resource (#​24039)

BUG FIXES:

• container: fixed issue where a failed creation on google_container_node_pool would result in an unrecoverable tainted state (#​24077)
• gkeonprem: set default_from_api in image field in google_vmware_node_pool (#​24022)
• workbench: made install-monitoring-agent metadata key settable for google_workbench_instance (#​24080)

v6.50.0

Compare Source

NOTES:

• bigtable: It is recommended for google_bigtable_table_iam_* resources to upgrade to v6.50.0 and switch from instance to instance_name in your configuration before upgrading to v7.X (#​24400)

DEPRECATIONS:

• bigtable: deprecated instance in favor of instance_name in google_bigtable_table_iam_* resources (#​24400)

IMPROVEMENTS:

• bigtable: added instance_name field to google_bigtable_table_iam_* resources (#​24400)

v6.49.3

Compare Source

BUG FIXES:

• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​24353)

v6.49.2

Compare Source

BUG FIXES:

• container: fixed issue where a failed creation on google_container_node_pool would result in an unrecoverable tainted state (#​10586)

v6.49.1

Compare Source

BUG FIXES:

• secretmanager: fixed issue where upgrading to 6.49.0 would cause all google_secret_manager_secret_version resources to be recreated unless secret_data_wo_version was set (#​24061)

v6.49.0

Compare Source

DEPRECATIONS:

• beyondcorp: google_beyondcorp_application_iam_binding, google_beyondcorp_application_iam_member and google_beyondcorp_application_iam_policy IAM resources, and the google_beyondcorp_application_iam_policy datasource have been deprecated and will be removed in the upcoming major release (#​23995)
• tpu: deprecated google_tpu_tensorflow_versions data source. Use google_tpu_v2_runtime_versions instead. (#​23958)

BREAKING CHANGES:

• vertexai: made the metadata field required in google_vertex_ai_index (#​23953)

FEATURES:

• New Data Source: google_artifact_registry_tag (#​23994)
• New Data Source: google_artifact_registry_tags (#​23969)
• New Resource: google_dialogflow_convesation_profile (#​23996)

IMPROVEMENTS:

• apikeys: added service_account_email to google_apikeys_key (#​24001)
• compute: added advanced_options_config field to google_compute_region_security_policy resource (#​23914)
• container: added eviction_soft, eviction_soft_grace_period, eviction_minimum_reclaim, eviction_max_pod_grace_period_seconds, max_parallel_image_pulls, transparent_hugepage_enabled, transparent_hugepage_defrag and min_node_cpus fields to node_config block of google_container_node_pool and google_container_cluster resources (#​23973)
• networkmanagement: added subnet and network fields to the google_network_management_vpc_flow_logs_config resource (beta) (#​23945)
• networkmanagement: added output-only field target_resource_state to the google_network_management_vpc_flow_logs_config resource (#​23945)
• resourcemanager: added management_project and configured_capabilities fields to the google_folder resource. (#​23983)

BUG FIXES:

• cloud_tasks: set name field set to required in google_cloud_tasks_queue resource (#​23997)
• clouddeploy: allowed sending weekly_windows.start_time as an empty object in order to use default values in thegoogle_clouddeploy_deploy_policy resource (#​23993)
• kms: skip_initial_version_creation field is no longer immutable in google_kms_crypto_key, but is still only settable at-creation (#​23984)
• netapp: fixed bug where google_netapp_volume.large_capacity was not properly marked as immutable, causing updates to fail (and making it impossible to change the field value after creation) (#​24004)
• networkconnectivity: added update support for linked_vpc_network in google_network_connectivity_spoke (#​23949)

v6.48.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_package (#​23901)
• New Data Source: google_artifact_registry_repositories (#​23906)
• New Data Source: google_artifact_registry_version (#​23868)
• New Resource: google_dialogflow_cx_playbook (initial basic support, full features to follow in a later release) (#​23895)
• New Resource: google_vertexai_rag_engine_config (#​23889)

IMPROVEMENTS:

• backupdr: added log_retention_days field to google_backup_dr_backup_plan resource (#​23846)
• compute: added advanced_options_config field to google_compute_region_security_policy resource (#​23914)
• compute: added ha_policy field to google_compute_region_backend_service resource (#​23905)
• compute: added the ability to use global target forwarding rule for target_service field in google_compute_service_attachment resource (#​23892)
• container: added boot_disk to node_config in google_container_cluster and google_container_node_pool resources (#​23840)
• container: added node_config.kubelet_config.single_process_oom_kill field to google_container_node_pool and google_container_cluster resources (#​23844)
• container: added in-place update support for user_managed_keys_config field in google_container_cluster resource (#​23883)
• dataproc: added cluster_config.cluster_tier field to google_dataproc_cluster resource (#​23830)
• gkeonprem: added enable_advanced_cluster field to google_gkeonprem_vmware_admin_cluster resource (#​23908)
• memorystore: added allow_fewer_zones_deployment field to google_memorystore_instance resource (#​23845)
• sql: added field psa_write_endpoint flag to google_sql_database_instance resource (#​23867)
• sql: added network_attachment_uri field to google_sql_database_instance resource (#​23894)
• sql: added node_count field to sql_database_instance resource, and added new value READ_POOL_INSTANCE enum to the instance_type field of sql_database_instance resource (#​23897)
• storagetransfer: added federated_identity_config field to google_storage_transfer_job resource (#​23900)
• storagetransfer: added transfer_spec.aws_s3_data_source.cloudfront_domain field to google_storage_transfer_job resource (#​23887)

BUG FIXES:

• accesscontextmanager: made scopes field as immutable for access_context_manager_access_policy resource. (#​23886)
• bigquery: fixed handling of non-legacy roles for access block inside google_bigquery_dataset (#​23898)
• container: fixed an issue causing errors during updates to node_config to be suppressed in google_container_cluster and google_container_node_pool (#​23842)

v6.47.0

Compare Source

DEPRECATIONS:

• compute: deprecated network_self_link field in google_compute_subnetworks data source. Use network_name instead. (#​23753)
• resourcemanager: deprecated project field in google_service_account_key data source. The field is non functional and can safely be removed from your configuration. (#​23813)

FEATURES:

• New Data Source: google_artifact_registry_docker_images (#​23751)
• New Resource: google_apigee_security_action (#​23721)
• New Resource: google_developer_connect_insights_config (#​23789)
• New Resource: google_discovery_engine_cmek_config (#​23745)
• New Resource: google_iam_workforce_pool_iam_binding (#​23784)
• New Resource: google_iam_workforce_pool_iam_member (#​23784)
• New Resource: google_iam_workforce_pool_iam_policy (#​23784)

IMPROVEMENTS:

• backupdr: added backup_retention_inheritance field to google_backup_dr_backup_vault resource (#​23817)
• bigqueryanalyticshub: added commercial_info and delete_commercial fields in google_bigquery_analytics_hub_listing resource (#​23731)
• bigqueryanalyticshub: added discovery_type field to google_bigquery_analytics_hub_data_exchange resource (#​23801)
• bigqueryanalyticshub: added state, discovery_type, and allow_only_metadata_sharing fields to google_bigquery_analytics_hub_listing resource (#​23801)
• cloudfunction: added automatic_update_policy and on_deploy_update_policy to google_cloudfunctions_function resource (#​23819)
• cloudrunv2: added gpu_zonal_redundancy_disabled field to google_cloud_run_v2_job resource. (#​23811)
• compute: added labels field to google_compute_storage_pool resource (#​23783)
• compute: added network_name field to google_compute_subnetworks data source (#​23753)
• container: added ip_allocation_policy.additional_ip_ranges_config field to google_container_cluster resource (#​23828)
• container: added network_config.additional_node_network_configs.subnetwork field to google_container_node_pool resource (#​23828)
• container: added addons_config.lustre_csi_driver_config field to google_container_cluster resource (#​23729)
• container: added support for rbac_binding_config in google_container_cluster (#​23812)
• dataproc: added cluster_config.cluster_tier field to google_dataproc_cluster resource (#​23830)
• looker: added LOOKER_CORE_TRIAL_STANDARD, LOOKER_CORE_TRIAL_ENTERPRISE, and LOOKER_CORE_TRIAL_EMBED editions to google_looker_instance resource. (#​23785)
• managedkafka: added tls_config field to google_managed_kafka_cluster resource (#​23749)
• memorystore: added allow_fewer_zones_deployment field to google_redis_cluster resource (#​23800)
• storage: added deletion_policy field to google_storage_bucket_object resource (#​23816)
• vertexai: added custom_delete field to google_vertex_ai_endpoint_with_model_garden_deployment resource (#​23788)

BUG FIXES:

• bigquery: fixed a crash in google_bigquery_table when configured as an external table with parquet_options (#​23808)
• cloudrunv2: fixed an issue where manual_instance_count was unable to set to 0 in google_cloud_run_v2_worker_pool. (#​23798)
• composer: fixed updates failing for recovery_config with explicitly disabled scheduled snapshots (#​23715)
• iap: fixed an issue where deleting google_iap_settings without setting GOOGLE_PROJECT incorrectly failed (#​23724)
• storage: removed client-side GCS name validations for google_storage_bucket (#​23719)

v6.46.0

Compare Source

FEATURES:

• New Data Source: google_storage_insights_dataset_config (#​23709)
• New Resource: google_apigee_api_product (#​23648)
• New Resource: google_discovery_engine_recommendation_engine (#​23692)
• New Resource: google_oracle_database_odb_network (#​23675)
• New Resource: google_oracle_database_odb_subnet (#​23694)
• New Resource: google_storage_insights_dataset_config (#​23707)

IMPROVEMENTS:

• compute: added params.resourceManagerTags field to the google_compute_router (#​23690)
• compute: added in-place update support for provisioned_iops, provisioned_throughput, and access_mode fields in google_compute_region_disk resource (#​23697)
• dataproc: added authentication_config field to google_dataproc_batch and google_dataproc_session_template resource (#​23644)
• dataproc: added idle_ttl field to google_dataproc_session_template resource (#​23680)
• networkconnectivity: added field allocation_options to resource google_network_connectivity_internal_range (#​23687)
• oracledatabase: added odb_network and odb_subnet fields, and made network and cidr fields optional in google_oracle_database_autonomous_database resource (#​23686)
• oracledatabase: added odb_network, odb_subnet and backup_odb_subnet fields, and made network, cidr and backup_subnet_cidr fields optional in google_oracle_database_cloud_vm_cluster resource (#​23688)
• secretmanager: added tags field to google_secret_manager_regional_secret to allow setting tags for regional_secrets at creation time (#​23706)
• securesourcemanager: added deletion_policy field to google_secure_source_manager_repository resource (#​23693)
• workbench: added enable_managed_euc field to google_workbench_instance resource. (#​23682)
• workbench: added reservation_affinity field to google_workbench_instance resource. (#​23676)

BUG FIXES:

• composer: fixed updates failing for google_composer_environment recovery_config with explicitly disabled scheduled snapshots (#​23715)
• datastore: fixed a permadiff with google_datastream_connection_profile's create_without_validation field (#​23711)
• memorystore: fixed bug to allow google_memorystore_instance to be used with no provider default region or with a location that doesn't match the provider default region. (#​23666)
• networkconnectivity: fixed instances[].ip_address & instances[].virtual_machine fields in linked_router_appliance_instances block being incorrectly treated as immutable for google_network_connectivity_spoke resource (#​23705)
• resourcemanager: updated service account creation to prevent failures due to eventual consistency in google_service_account resource (#​23639)
• sql: fixed a provider crash when importing google_sql_database resource (#​23643)

v6.45.0

Compare Source

DEPRECATIONS:

• gemini: deprecated the disable_web_grounding field in the google_gemini_gemini_gcp_enablement_setting resource (#​23581)

FEATURES:

• New Resource: google_bigtable_schema_bundle (#​23585)
• New Resource: google_compute_preview_feature (#​23631)
• New Resource: google_dialogflow_cx_generator (#​23605)
• New Resource: google_model_armor_floorsetting (#​23621)
• New Resource: google_vertex_ai_endpoint_with_model_garden_deployment (#​23632)

IMPROVEMENTS:

• accesscontextmanager: added name to google_access_context_manager_gcp_user_access_binding resource (#​23638)
• apigee: marked the field access_logging_config immutable in google_apigee_instance resource (#​23571)
• bigquery: added ignore_auto_generated_schema virtual field to google_bigquery_table resource to ignore server-added columns in the schema field (#​23633)
• cloudrunv2: added field node_selector in google_cloud_run_v2_job (#​23586)
• compute: added params.resourceManagerTags field to the google_compute_subnetwork (#​23618)
• compute: added rule.match.src_secure_tags, rule.target_secure_tags, predefined_rules.match.src_secure_tags and predefined_rules.target_secure_tags fields to google_compute_firewall_policy_with_rules resource (#​23635)
• dataproc: added cluster_config.security_config.identity_config field to google_dataproc_cluster resource (#​23613)
• dataproc: updated cluster_config.gce_cluster_config.metadata field to be computed in google_dataproc_cluster resource (#​23613)
• dialogflowcx: added flexible support to google_dialogflow_cx_webhook resource. (#​23582)
• gemini: added web_grounding_type field to google_gemini_gemini_gcp_enablement_setting resource (#​23581)
• netapp: added in-place update support for allow_auto_tiering field in google_netapp_storage_pool resource (#​23614)
• secretmanager: added tags field to google_secret_manager_secret to allow setting tags for secrets at creation time (#​23625)
• securesourcemanager: added deletion_policy field to google_secure_source_manager_instance resource (#​23606)
• sql: added network_attachment_uri field to google_sql_database_instance (#​23615)
• vmwareengine: added GOOGLE_CLOUD_NETAPP_VOLUMES peering type to resource google_vmwareengine_network_peering (#​23628)

BUG FIXES:

• modelarmor: fixed conflicting field validation for filter_config.sdp_settings on google_model_armor_template (#​23626)
• resourcemanager: updated service account creation to prevent failures due to eventual consistency in google_service_account resource (#​23639)

v6.44.0

Compare Source

FEATURES:

• New Data Source: google_compute_network_attachment (#​23570)
• New Data Source: google_firestore_document (#​23553)
• New Resource: google_backup_dr_service_config (#​23552)
• New Resource: google_bigquery_analytics_hub_data_exchange_subscription (#​23560)
• New Resource: google_gkeonprem_vmware_admin_cluster (#​23554)
• New Resource: google_network_security_backend_authentication_config (#​23555)

IMPROVEMENTS:

• alloydb: added machine_config.machine_type field to google_alloydb_instance resource (#​23562)
• apigee: added access_logging_config field to google_apigee_instance resource (#​23522)
• apigee: marked access_logging_config field immutable in google_apigee_instance resource (#​23571)
• backupdr: added in-place update support for google_backup_dr_backup_plan resource (#​23537)
• compute: added params.resource_manager_tags field to google_compute_firewall resource (#​23524)
• compute: added application_aware_interconnect and aai_enabled fields to google_compute_interconnect resource (#​23567)
• compute: added load_balancing_scheme field to google_compute_backend_bucket resource (#​23499)
• compute: added provisioned_iops and provisioned_throughput fields to google_compute_region_disk resource (#​23551)
• compute: added specific_reservation.source_instance_template, delete_at_time, delete_after_duration.seconds, delete_after_duration.nanos and reservation_sharing_policy.service_share_type fields to google_compute_reservation resource (#​23561)
• firestore: added tags field to google_firestore_database resource (#​23569)
• securesourcemanager: added in-place update support for description field in google_secure_source_manager_repository resource (#​23557)
• storage: added force_empty_content_type field to google_storage_bucket_object resource (#​23568)

BUG FIXES:

• artifactregistry: fixed an issue where changes to cleanup_policies were not being applied correctly in google_artifact_registry_repository resource (#​23556)
• iambeta: fixed perma-diff for jwks_json field when GCP normalizes JSON formatting in google_iam_workload_identity_pool_provider resource (#​23526)

v6.43.0

Compare Source

DEPRECATIONS:

• iap: deprecated google_iap_client and google_iap_brand (#​23431)

FEATURES:

• New Data Source: google_kms_autokey_config (#​23490)
• New Data Source: google_kms_key_handle (#​23490)
• New Data Source: google_kms_key_handles (#​23490)
• New Data Source: google_network_management_connectivity_test_run (#​23497)
• New Data Source: google_redis_cluster (#​23436)
• New Resource: google_contact_center_insights_analysis_rule (#​23435)
• New Resource: google_kms_autokey_config (#​23490)
• New Resource: google_kms_key_handle (#​23490)
• New Resource: google_model_armor_template (#​23432)

IMPROVEMENTS:

• bigquery: added ignore_schema_changes virtual field to google_bigquery_table resource. Only dataPolicies field is supported in ignore_schema_changes for now. (#​23495)
• billing: added currency_code to google_billing_account data source (#​23474)
• compute: added params.resource_manager_tags field to google_compute_network resource (#​23421)
• compute: added load_balancing_scheme field to google_compute_backend_bucket resource (#​23499)
• compute: added params.resource_manager_tags field to google_compute_route resource (#​23489)
• container: added anonymous_authentication_config field to google_container_cluster resource (#​23491)
• dataplex: added suspended field to google_dataplex_datascan resource (#​23456)
• discoveryengine: added enable_table_annotation, enable_image_annotation, structured_content_types, exclude_html_elements, exclude_html_classes and exclude_html_ids fields to layout_parsing_config of google_discovery_engine_data_store resource (#​23478)
• discoveryengine: added kms_key_name field to google_discovery_engine_data_store resource (#​23469)
• memorystore: added managed_server_ca field to google_memorystore_instance resource (#​23430)
• secretmanager: added deletion_protection field to google_secret_manager_secret resource to optionally make deleting them require an explicit intent (#​23480)
• secretmanager: added fetch_secret_data field to google_secret_manager_secret_version to optionally skip fetching the secret data (#​23471)

BUG FIXES:

• compute: fixed match field in google_compute_router_route_policy resource to be marked as required (#​23494)
• compute: fixed an issue with bgp_always_compare_med in google_compute_network where it was unable to be set from true to false (#​23477)
• compute: made no replication status in google_compute_disk_async_replication a retryable error (#​23492)
• gkeonprem: fixed type of load_balancer.0.bgp_lb_config.0.address_pools.0.manual_assign in google_gkeonprem_bare_metal_cluster, making it a boolean instead of a string (#​23472)
• integrationconnectors: removed validation from auth configs in google_integration_connectors_connection resource (#​23429)

v6.42.0

Compare Source

FEATURES:

• New Resource: google_apihub_plugin_instance (#​23346)
• New Resource: google_apihub_plugin (#​23407)
• New Resource: google_dialogflow_cx_generative_settings (#​23394)

IMPROVEMENTS:

• cloudidentity: added create_ignore_already_exists field to google_cloud_identity_group_membership resource (#​23376)
• compute: added access_mode field to google_compute_region_disk resource (#​23409)
• compute: added match.src_secure_tags and target_secure_tags fields to google_compute_firewall_policy_rule resource (#​23414)
• compute: added params.resource_manager_tags field to google_compute_network resource (#​23421)
• compute: added resource_policies.workload_policy field to google_compute_instance_group_manager resource (#​23420)
• container: added confidential_nodes.confidential_instance_type field to google_container_cluster resource (#​23410)
• container: added gke_auto_upgrade_config field to google_container_cluster resource (#​23411)
• container: added node_config.confidential_nodes.confidential_instance_type field to google_container_node_pool resource (#​23410)
• firestore: revoked deprecation of deletion_policy field in google_firestore_database resource (#​23403)
• memorystore: added kms_key field to google_memorystore_instance resource (#​23396)
• redis: added effective_reserved_ip_range field to google_redis_instance resource (#​23384)
• secretmanager: added deletion_protection field to google_secret_manager_regional_secret resource (#​23398)
• spanner: added encryption_config.kms_key_name field to google_spanner_backup_schedule resource (#​23378)
• storage: added allow_cross_org_vpcs and allow_all_service_agent_access fields to google_storage_bucket resource (#​23405)

BUG FIXES:

• alloydb: removed machine_config.machine_type field from google_alloydb_instance resource because it is not yet supported in GA (#​23415)
• bigqueryanalyticshub: supported in-place update for log_linked_dataset_query_user_email in google_bigquery_analytics_hub_listing and google_bigquery_analytics_hub_data_exchange resources. Once enabled, this feature cannot be disabled. (#​23391)
• bigquerydatatransfer: stopped surfacing persistent warnings recommending write-only field when using secret_access_key on google_bigquery_data_transfer_config (#​23417)
• memorystore: added the ability to set the replica_count field in google_memorystore_instance resource to 0 (#​23412)
• monitoring: made description and displayName optional and mutable in google_monitoring_metric_descriptor resource (#​23381)
• redis: fixed reserved_ip_range field not being populated for google_redis_instance data source (#​23384)
• secretmanager: stopped surfacing persistent warnings recommending write-only field when using secret_data on google_secret_manager_secret_version (#​23417)
• sql: stopped surfacing persistent warnings recommending write-only field when using password on google_sql_user (#​23417)
• workbench: added support for setting serial-port-logging-enable key in metadata field in google_workbench_instance resource (#​23406)

v6.41.0

Compare Source

BREAKING CHANGES:

• lustre: added per_unit_storage_throughput as a required field to google_lustre_instance resource in response to a change in the API surface (#​23319)

FEATURES:

• New Data Source: google_dataplex_data_quality_rules (#​23255)
• New Resource: google_apihub_plugin_instance (#​23346)
• New Resource: google_contact_center_insights_view (#​23263)
• New Resource: google_dataproc_session_template (#​23288)
• New Resource: google_dialogflow_encryption_spec (#​23335)

IMPROVEMENTS:

• alloydb: added network_config.allocated_ip_range_override field to google_alloydb_instance resource (#​23330)
• bigqueryanalyticshub: added log_linked_dataset_query_user_email field to google_bigquery_analytics_hub_data_exchange resource (#​23271)
• bigqueryanalyticshub: added log_linked_dataset_query_user_email field to google_bigquery_analytics_hub_listing_subscription resource (#​23286)
• bigqueryanalyticshub: added pubsub_topic field to google_bigquery_analytics_hub_listing resource (#​23334)
• bigtable: added row_key_schema to google_bigtable_table resource (#​23337)
• cloudasset: added support for universe domain handling for google_cloud_asset_resources_search_all datasource (#​23318)
• cloudquotas: added inherited and inherited_from fields to google_cloud_quotas_quota_adjuster_settings resource (#​23339)
• compute: added CROSS_SITE_NETWORK enum option to requested_features field in google_compute_interconnect resource (#​23316)
• compute: added TLS_JA4_FINGERPRINT option to enforce_on_key field in google_compute_region_security_policy, google_compute_security_policy, and google_compute_security_policy_rule resources (#​23270)
• compute: added send_propagated_connection_limit_if_zero to google_compute_service_attachment to resolve an issue where propagated_connection_limit were not working for 0 value previously. Now setting send_propagated_connection_limit_if_zero = true will send propagated_connection_limit = 0 when it's unset or set to 0. (#​23325)
• compute: promoted default_custom_error_response_policy to GA in google_compute_url_map (#​23268)
• container: added performance_monitoring_unit in node_config/advanced_machine_features to 'google_container_cluster' resource (#​23260)
• container: added release_channel_upgrade_target_version to google_container_engine_versions data source (#​23336)
• dataplex: added support for discovery scan in google_dataplex_datascan resource (#​23291)
• dns: added target_name_servers.domain_name field to google_dns_managed_zone resource (#​23265)
• provider: added support for adc impersonation in different universes (#​23320)
• storage: added source_md5hash field in google_storage_bucket_object (#​23267)

BUG FIXES:

• compute: fixed google_compute_firewall_policy_rule staying disabled after apply with disabled = false (#​23329)
• compute: marked name in google_compute_node_group, google_compute_node_template as required as it was impossible to create successfully without a value (#​23345)
• sql: fixed an error in updating connection_pool_config in google_sql_database_instance (#​23332)
• tags: fixed perma-diff for parent field in google_tags_location_tag_binding resource (#​23331)

v6.40.0

Compare Source

DEPRECATIONS:

• notebook: google_notebook_runtime is deprecated and will be removed in a future major release. Use google_workbench_instance instead. (#​23251)

FEATURES:

• New Data Source: google_dataplex_data_quality_rules (#​23255)
• New Resource: google_dialogflow_cx_tool (#​23192)

IMPROVEMENTS:

• backupdr: added support for updating in-place to the google_backup_dr_backup_plan_association resource (#​23237)
• bigqueryanalyticshub: added log_linked_dataset_query_user_email field to google_bigquery_analytics_hub_listing resource (#​23238)
• compute: added cipher_suite block with phase1 and phase2 encryption configurations to google_compute_vpn_tunnel resource. (#​23253)
• compute: added fingerprint field in google_compute_target_http_proxy and google_compute_target_https_proxy resources. (#​23231)
• compute: added headers, expected_output_url, and expected_redirect_response_code fields to test in google_compute_url_map resource and made service field optional (#​23199)
• compute: added path_matcher.default_route_action fields to google_compute_region_url_map resource (#​23226)
• compute: added workload_policy and group_placement_policy.gpu_topology fields to google_compute_resource_policy resource (ga) (#​23229)
• gkehub: added custom_role field to google_gke_hub_scope_rbac_role_binding resource (#​23183)
• integrationconnectors: added support for log_config.level for google_integration_connectors_connection (#​23224)
• networkconnectivity: added psc_config.producer_instance_location and psc_config.allowed_google_producers_resource_hierarchy_level fields to google_network_connectivity_service_connection_policy (#​23240)
• redis: added managed_server_ca to google_redis_cluster resource (#​23223)
• resourcemanager: allowed dataproc-control.googleapis.com and stackdriverprovisioning.googleapis.com services in google_project_service resource (#​23230)
• storage: removed the hardcoded 80m timeout used during google_storage_bucket deletion when removing an anywhere cache, polling instead. This should speed up deletion in these cases. (#​23198)
• vertexai: added region in google_vertex_ai_index_endpoint_deployed_index (#​23247)

BUG FIXES:

• beyondcorp: fixed the issue where hubs.internet_gateway.assigned_ips was not populated correctly in the google_beyondcorp_security_gateway resource (#​23244)
• compute: fixed google_compute_router_nat where changes to auto_network_tier are always shown after initial apply (#​23190)
• compute: fixed validation for target_service field in google_compute_service_attachment resource causing issues when targeting a google_network_services_gateway resource (#​23239)
• dataflow: fields network, subnetwork, num_workers, max_num_workers and machine_type will no longer cause permadiff on dataflow_flex_template_job (#​23222)
• dataproc: fixed a permadiff with "prodcurrent" and "prodprevious" within image subminor version for google_dataproc_cluster (#​23207)
• networksecurity: marked google_network_security_address_group capacity as immutable because it can't be updated in place. (#​23209)

v6.39.0

Compare Source

FEATURES:

• New Resource: google_apihub_curation (#​23144)
• New Resource: google_compute_interconnect_attachment_group (#​23159)
• New Resource: google_compute_interconnect_group (#​23159)
• New Resource: google_compute_snapshot_settings (#​23151)

IMPROVEMENTS:

• apigee: added client_ip_resolution_config field to google_apigee_environment resource (#​23172)
• beyondcorp: added delegating_service_account field to google_beyondcorp_security_gateway resource (#​23094)
• bigquery: added data_source_id to update requests through google_bigquery_data_transfer_config (#​23134)
• cloudrunv2: added google_cloud_run_v2_job support for depends_on and startup_probe properties (#​23179)
• container: added network_performance_config field to google_container_cluster resource (#​23098)
• container: promoted flex_start in google_container_cluster to GA (#​23093)
• dataplex: added catalog_publishing_enabled field to google_dataplex_datascan resource (#​23165)
• datastream: added network_attachment support via psc_interface_config attribute in google_datastream_private_connection (#​23091)
• eventarc: made network_attachment field optional in google_eventarc_pipeline (#​23133)
• gemini: added disable_web_grounding field to google_gemini_gemini_gcp_enablement_setting resource (#​23096)
• gemini: added enable_data_sharing field to google_gemini_data_sharing_with_google_setting resource (#​23173)
• gkehub2: added spec.rbacrolebindingactuation field to resource google_gke_hub_feature (#​23102)
• gkehub: added custom_role field to google_gke_hub_scope_rbac_role_binding resource (#​23183)
• iambeta: enforced workload_identity_pool_managed_identity_id field validation per the documented specifications (#​23149)
• pubsub: added message_transform field to google_pubsub_topic resource (#​23161)
• pubsub: added message_transforms field to google_pubsub_subscription resource (#​23162)

BUG FIXES:

• bigquery: modified google_bigquery_dataset_iam_member to no longer remove authorized views and routines (#​23177)
• colab: fixed perma-diff in google_colab_runtime_template caused by the API returning a non-null default value. (#​23137)
• colab: fixed perma-diff in google_colab_runtime_template caused by empty blocks. (#​23163)
• compute: fixed a permadiff in network_profile field of google_compute_network related to specifying partial self-links (#​23164)
• compute: fixed an issue where google_compute_firewall_policy_with_rules.target_resources could see a diff between the beta and v1 API in the resource's self-link (#​23170)
• container: fixed nodepool secondary range validation to allow the use of netmasks. (#​23142)
• gemini: removed overly restrictive product validation on google_gemini_gemini_gcp_enablement_setting_binding, google_gemini_data_sharing_with_google_setting_binding. New values like GOOGLE_CLOUD_ASSIST will now be accepted. (#​23178)

v6.38.0

Compare Source

DEPRECATIONS:

• colab: deprecated post_startup_script_config field in google_colab_runtime_template resource (#​23075)

FEATURES:

• New Data Source: google_bigquery_datasets (#​23059)
• New Resource: google_dataplex_entry (#​23000)

IMPROVEMENTS:

• compute: added numeric_id field to google_compute_region_instance_template resource (#​23065)
• compute: added source_subnetwork_ip_ranges_to_nat64 and nat64_subnetwork fields to google_compute_router_nat resource (#​23078)
• container: promoted pod_autoscaling field in google_container_cluster resource to GA (#​23002)
• datastream: added psc_interface_config field in google_datastream_private_connection resource (#​23091)
• dns: added dns64_config field to google_dns_policy resource (#​23078)
• filestore: added effective_replication.role and effective_replication.replicas.peer_instance fields to google_filestore_instance resource (#​23001)
• netapp: added backup_retention_policy.backup_minimum_enforced_retention_days, backup_retention_policy.daily_backup_immutable, backup_retention_policy.weekly_backup_immutable, backup_retention_policy.monthly_backup_immutable, and backup_retention_policy.manual_backup_immutable fields to google_netapp_backup_vault (#​23087)
• networkconnectivity: added IPV6 enum to protocol_version field in google_network_connectivity_policy_based_route resource (#​23069)
• privateca: added support for setting default values for basic constraints for google_privateca_certificate_template via the null_ca and zero_max_issuer_path_length fields (#​22981)
• privateca: added name_constraints field for google_privateca_certificate_template resource (#​22981)
• provider: supported service account impersonation in different universes through credential file (#​23063)

BUG FIXES:

• colab: fixed perma-diff in google_colab_runtime_template caused by the API returning a non-null default value (#​23137)
• compute: fixed an issue where rules ordering in google_compute_region_security_policy caused a diff after apply (#​23076)
• filestore: fixed bug where google_filestore_instance.initial_replication field could not be set (#​23001)

v6.37.0

Compare Source

FEATURES:

• New Data Source: google_bigquery_table (#​22973)
• New Data Source: google_gke_hub_membership (#​22972)
• New Resource: google_apigee_security_monitoring_condition (#​22953)
• New Resource: google_beyondcorp_security_gateway_application (#​22938)
• New Resource: google_cloud_run_v2_worker_pool (#​22933)
• New Resource: google_compute_future_reservation (#​22860)
• New Resource: google_dataplex_glossary_category (#​22835)
• New Resource: google_dataplex_glossary_term (#​22835)
• New Resource: google_iam_workforce_pool_provider_key (#​22960)
• New Resource: google_managed_kafka_acl (#​22957)

IMPROVEMENTS:

• alloydb: added activation_policy field to google_alloydb_instance resource (#​22818)
• compute: added in-place update support for mtu field in google_compute_network (#​22956)
• compute: promoted google_compute_region_network_firewall_policy_with_rules, google_compute_network_firewall_policy_with_rules, and compute_firewall_policy_with_rules resources to GA (#​22958)
• container: added in-place update support for ip_allocation_policy.stack_type field in google_container_cluster resource (#​22915)
• container: added in-place update support for enable_multi_networking in google_container_cluster resource (#​22924)
• databasemigrationservice: added create_without_validation field to google_database_migration_service_private_connection resource (#​22925)
• dataflow: added additional_pipeline_options field to google_dataflow_flex_template_job resource (#​22919)
• memorystore: added field desired_auto_created_endpoints for google_memorystore_instance resource (#​22871)
• netapp: added hybrid_peering_details and hybrid_replication_type fields to google_netapp_volume_replication resource (#​22975)
• netapp: added hybrid_replication_parameters fields to google_netapp_volume resource (#​22975)
• netblock: added restricted-googleapis-with-directconnectivity and private-googleapis-with-directconnectivity range_types to google_netblock_ip_ranges data source (#​22930)
• netblock: added ipv6 ranges for restricted-googleapis and private-googleapis range_types to google_netblock_ip_ranges data source (#​22930)
• privateca: added name_constraints field for google_privateca_certificate_template resource (#​22981)
• spanner: added field instance_type to the google_spanner_instance resource (#​22916)
• storage: added ip_filter to google_storage_bucket resource. (#​22976)

BUG FIXES:

• compute: fixed forced instance recreation when adding a attached_disk with force_attach being false to google_compute_instance (#​22954)
• gemini: fixed permadiff on product field in google_gemini_logging_setting_binding resource (#​22819)
• gemini: fixed permadiff on product field in google_gemini_release_channel_setting_binding resource (#​22929)
• networkservices: fixed validation error when modifying the cache_mode field in edge_cache_service (#​22932)
• privateca: fixed issue preventing setting 0 and null values for basic constraints in the google_privateca_certificate_template resource via the addition of null_ca and zero_max_issuer_path_length fields (#​22981)
• vpcaccess: fixed an issue where Terraform config validation conditions could have erroneously invalidated existing google_vpc_access_connector resources (#​22837)

v6.36.1

Compare Source

BUG FIXES:

• compute: fixed forced instance recreation when adding a attached_disk with unset force_attach to google_compute_instance (#​22954)

v6.36.0

Compare Source

DEPRECATIONS:

• beyondcorp: deprecated google_beyondcorp_application. (#​22754)
• firestore: deprecated deletion_policy field of google_firestore_database resource (#​22764)

FEATURES:

• New Data Source: google_beyondcorp_security_gateway (#​22793)
• New Data Source: google_lustre_instance (#​22766)
• New Resource: google_bigquery_row_access_policy (#​22806)
• New Resource: google_dataplex_glossary (#​22794)
• New Resource: google_firebase_app_hosting_default_domain (#​22748)
• New Resource: google_firebase_app_hosting_domain (#​22748)
• New Resource: google_firebase_app_hosting_traffic (#​22748)
• New Resource: google_network_security_intercept_deployment (#​22790)
• New Resource: google_network_security_intercept_deployment_group (#​22790)
• New Resource: google_network_security_intercept_endpoint_group (#​22790)
• New Resource: google_network_security_intercept_endpoint_group_association (#​22790)

IMPROVEMENTS:

• beyondcorp: increased default timeouts on google_beyondcorp_app_gateway operations from 20m to 40m (#​22805)
• bigtable: added deletion_protection field to google_bigtable_logical_view resource (#​22755)
• compute: added 'H2C' as a supported value for protocol in google_compute_backend_service and google_compute_region_backend_service (#​22791)
• compute: added external_managed_backend_bucket_migration_state and external_managed_backend_bucket_migration_testing_percentage to google_compute_global_forwarding_rule resource. (#​22781)
• compute: added external_managed_migration_state and external_managed_migration_testing_percentage to google_compute_backend_service resource. (#​22781)
• compute: added force_attach field to boot_disk and attached_disk of google_compute_instance resource (#​22801)
• compute: added numeric_id to google_compute_instance_template resource (#​22763)
• compute: added the numeric id as generated_id attribute to the google_compute_network_endpoint_group (#​22780)
• compute: added update support for load_balancing_scheme in google_compute_backend_service and google_compute_global_forwarding_rule resources to allow migrating between classic and global external ALB (#​22781)
• container: added in_transit_encryption_config field in google_container_cluster resource (#​22758)
• container: allowed in-place update node_config.windows_node_config field in google_container_cluster and google_container_node_pool resource (#​22782)
• container: allowed in-place update for node_config.storage_pools field in google_container_cluster and google_container_node_pool resource (#​22753)
• dialogflowcx: added event_handlers.trigger_fulfillment.enable_generative_fallback field to google_dialogflow_cx_flow resource (#​22671)
• dialogflowcx: added gen_app_builder_settings field to google_dialogflow_cx_agent resource (#​22757)
• netapp: added custom_performance_enabled, total_throughput_mibps, and total_iops fields to google_netapp_storage_pool resource (#​22778)
• vmwareengine: increased google_cloud_vmwareengine_private_cloud timeout to 6 hours. (#​22762)

BUG FIXES:

• compute: added global retry for "resourceNotReady for Networks" 400 errors (#​22756)
• dialogflowcx: fixed an issue where dialogflow_cx_custom_endpoint is not correctedly handled (#​22792)
• iamoauthclient: marked google_iam_oauth_client_credential.client_secret as sensitive (#​22789)
• resourcemanager: fixed an issue in google_projects data source where the provider universe_domain did not overwrite the list URL (#​22747)

v6.35.0

Compare Source

BREAKING CHANGES:

• metastore: removed non-functioning tags field from google_dataproc_metastore_service. It was introduced in v6.31.0 but the feature was not yet GA. (#​22636)
• redis: removed non-functioning tags field from google_redis_instance . It was introduced in v6.31.0 but the feature was not yet GA. (#​22637)

FEATURES:

• New Resource: google_compute_cross_site_network (#​22632)

IMPROVEMENTS:

• alloydb: added psc_auto_connections field to google_alloydb_instance resource (#​22630)
• apigee: added s_sl_info.enforce field in google_apigee_target_server resource (#​22594)
• bigquery: added security_mode option for google_bigquery_routine resource (#​22643)
• bigtable: added support for explicit disable automated backup on create for google_bigtable_table (#​22635)
• compute: added guest_os_features and architecture to google_compute_instance_template and google_compute_region_instance_template (#​22644)
• compute: allowed in-place updates for subnetworks, description, producer_accept_lists, and producer_reject_lists on google_compute_network_attachment (#​22611)
• dialogflowcx: added knowledge_connector_settings field to google_dialogflow_cx_flow and google_dialogflow_cx_page resources (#​22631)
• netapp: added backup_vault_type, backup_region, source_region, source_backup_vault, and destination_backup_vault fields to google_netapp_backup_vault (#​22625)
• netapp: added volume_region and backup_region fields to google_netapp_backup (#​22625)
• networkconnectivity: added immutability field to google_network_connectivity_internal_range resource (#​22623)
• networkservices: added flex_shielding field to google_network_services_edge_cache_origin resource (#​22645)
• spanner: added field default_time_zone to google_spanner_database resource (#​22628)
• storage: added new field content_hexsha512 and content_base64sha512 in data source google_storage_bucket_object_content (#​22592)

BUG FIXES:

• gemini: fixed bug on google_gemini_code_repository_index where force_destroy field did nothing (#​22648)
• privateca: removed requirement to specify organization for google_privateca_certificate_authority resource (#​22634)
• workbench: fixed some metadata changes not being reflected in google_workbench_instance (#​22612)

v6.34.1

Compare Source

BUG FIXES:

• bigtable: fixed forced instance recreation due to addition of cluster.node_scaling_factor for google_bigtable_instance (#​22674)

v6.34.0

Compare Source

DEPRECATIONS:

• tpu: deprecated google_tpu_node resource. google_tpu_node is deprecated and will be removed in a future major release. Use google_tpu_v2_vm instead. (#​22552)

FEATURES:

• New Resource: google_apigee_security_profile_v2 (#​22524)

IMPROVEMENTS:

• bigtable: added cluster.node_scaling_factor field to google_bigtable_instance resource (#​22560)
• cloudrunv2: added scaling_mode and manual_instance_count fields to google_cloud_run_v2_service resource (#​22561)
• networkconnectivity: added state_reason field to google_network_connectivity_spoke resource (#​22525)
• sql: added connection_pool_config field to the google_sql_database_instance resource (#​22583)
• vpcaccess: changed fields min_instances, max_instances, machine_type to allow update google_vpc_access_connector without recreation. (#​22572)

BUG FIXES:

• compute: fixed the bug when validating the subnetwork project in google_compute_instance resource (#​22571)
• workbench: fixed a permadiff on metadata of instance-region in google_workbench_instance resource (#​22553)

v6.33.0

Compare Source

FEATURES:

• New Data Source: google_memcache_instance (#​22477)
• New Resource: google_bigtable_logical_view (#​22499)
• New Resource: google_bigtable_materialized_view (#​22475)
• New Resource: google_compute_region_security_policy_rule (ga) (#​22443)
• New Resource: google_compute_region_security_policy (ga) (#​22443)
• New Resource: google_os_config_v2_policy_orchestrator_for_folder (#​22441)

IMPROVEMENTS:

• beyondcorp: added upstreams fields to google_beyondcorp_application resource (#​22514)
• compute: added fields like raw_key, rsa_encrypted_key, kms_key_service_account to all relevant resources on google_compute_instance_template and google_compute_region_instance_template (#​22503)
• compute: added disk_id to google_compute_region_disk resource (#​22462)
• compute: marked location field as required in google_compute_interconnect resource (#​22480)
• container: added data_cache_count to ephemeral_storage_local_ssd_config for google_container_node_pool (#​22456)
• container: added update for gvnic to google_container_node_pool (#​22421)
• dataplex: added notification_report field to google_dataplex_datascan resource (#​22464)
• gkehub: added configmanagement.config_sync.deployment_overrides field to google_gke_hub_feature_membership resource (#​22403)
• identityplatform: added response_type field to google_identity_platform_oauth_idp_config (#​22463)
• networkservices: added metadata field to google_networkservices_lbtrafficextension resource (#​22454)
• sql: added output-only field dns_names to google_sql_database_instance resource (#​22502)
• storage: added new fields time_created and updated in google_storage_bucket (#​22500)
• storagetransfer: added transfer_spec.aws_s3_data_source.managed_private_network field to google_storage_transfer_job resource (#​22509)

BUG FIXES:

• alloydb: stopped diffs when google_alloydb_instance.network_config is not specified as the API newly returns a value. Removing the field from config will no longer create a diff and will preserve the current value (#​22504)
• clouddeploy: allowed sending empty block for rollback field in google_clouddeploy_automation resource. (#​22501)
• compute: fixed an issue preventing terms.priority from being set to priority value 0 in google_compute_router_route_policy resource (#​22417)
• securesourcemanager: increased default timeouts on google_secure_source_manager_instance operations to 120m from 60m. Operations could take longer than an hour. (#​22483)
• sql: replaced the Terraform-based default value for settings.disk_type in google_sql_database_instance with a server-assigned default, allowing for compatibility with machine types that require HyperDisk_Balanced (#​22485)
• workstations: increased default timeouts on google_workstations_workstation_cluster operations to 120m from 60m. Operations could take longer than an hour. (#​22482)

v6.32.0

Compare Source

NOTES:

• 6.32.0 contains no changes from 6.31.1. This release is being made to ensure that the version numbers of the google and google-beta provider releases remain aligned, as google-beta's 6.32.0 release contains a beta-only change.

v6.31.1

Compare Source

BUG FIXES:

• storage: removed extra permission (storage.anywhereCaches.list) required for destroying a resource_storage_bucket (#​22442)

v6.31.0

Compare Source

DEPRECATIONS:

• integrations: deprecated run_as_service_account field in google_integrations_client resource (#​22312)

FEATURES:

• New Resource: google_compute_resource_policy_attachment (#​22400)
• New Resource: google_compute_storage_pool (#​22343)
• New Resource: google_gke_backup_backup_channel (#​22393)
• New Resource: google_gke_backup_restore_channel (#​22393)
• New Resource: google_iap_web_cloud_run_service_iam_binding (#​22399)
• New Resource: google_iap_web_cloud_run_service_iam_member (#​22399)
• New Resource: google_iap_web_cloud_run_service_iam_policy (#​22399)
• New Resource: google_storage_batch_operations_job (#​22333)

IMPROVEMENTS:

• accesscontextmanager: added scoped_access_settings field to gcp_user_access_binding resource (#​22308)
• alloydb: added machine_type field to google_alloydb_instance resource (#​22352)
• artifactregistry: added DEBIAN_SNAPSHOT enum value to repository_base in google_artifact_registry_repository (#​22315)
• bigquery: added external_catalog_dataset_options fields to google_bigquery_dataset resource (#​22377)
• compute: added log_config.optional_mode, log_config.optional_fields, backend.preference, max_stream_duration and cdn_policy.request_coalescing fields to google_compute_backend_service resource (#​22391)
• container: added support for updating the confidential_nodes field in google_container_node_pool (#​22363)
• discoveryengine: added allow_cross_region field to google_discovery_engine_chat_engine resource (#​22336)
• gkehub: added configmanagement.config_sync.deployment_overrides field to google_gke_hub_feature_membership resource (#​22403)
• kms: added new enum values for import_method field in google_kms_key_ring_import_job resource (#​22314)
• metastore: added tags field to google_dataproc_metastore_service resource to allow setting tags for services at creation time (#​22313)
• monitoring: added log_check_failures to google_monitoring_uptime_check_config (#​22351)
• networkconnectivity: added IPv6 support to google_network_connectivity_internal_range resource (#​22401)
• networkconnectivity: added exclude_cidr_ranges field to google_network_connectivity_internal_range resource (#​22332)
• privateca: added backdate_duration field to the google_privateca_ca_pool resource to add support for backdating the not_before_time of certificates (#​22380)
• redis: added tags field to google_redis_instance (#​22337)
• sql: added custom_subject_alternative_names field to instances resource (#​22357)
• sql: added data_disk_provisioned_iops and data_disk_provisioned_throughput fields to google_sql_database_instance resource (#​22398)
• sql: added retain_backups_on_delete field to google_sql_database_instance resource (#​22334)

BUG FIXES:

• colab: fixed perma-diff in google_colab_runtime_template caused by not returning default values. (#​22338)
• discoveryengine: fixed google_discovery_engine_target_site operations to allow for enough time to index before timing out (#​22358)
• compute: fixed perma-diff in google_compute_network_firewall_policy_rule when security_profile_group starts with // (#​22402)
• healthcare: made google_healthcare_pipeline_job wait for creation and update operation to complete (#​22339)
• identityplatform: fixed perma-diff in google_identity_platform_config when fields in blocking_functions.forward_inbound_credentials are set to false (#​22384)
• sql: added diff suppression for some version changes togoogle_sql_database_instance. Diffs for database_version for MySQL 8.0 will be suppressed when the version is updated by auto version upgrade.(#​22356)
• sql: fixed the issue of shortened version of failover_dr_replica_name causes unnecessary diff in google_sql_database_instance (#​22319)

v6.30.0

Compare Source

FEATURES:

• New Resource: google_developer_connect_account_connector (#​22270)
• New Resource: google_vertex_ai_feature_group_iam_* (#​22260)
• New Resource: google_vertex_ai_feature_online_store_iam_* (#​22260)
• New Resource: google_vertex_ai_feature_online_store_featureview_iam_* (#​22260)

IMPROVEMENTS:

• bigquery: added external_catalog_table_options and schema_foreign_type_info fields to google_bigquery_table resource (#​22302)
• cloudrunv2: added iap_enabled field to google_cloud_run_v2_service resource (#​22301)
• compute: added source_disk_encryption_key.kms_key_self_link and source_disk_encryption_key.rsa_encrypted_key fields to google_compute_snapshot resource (#​22247)
• compute: added source_disk_encryption_key, source_image_encryption_key and source_snapshot_encryption_key fields to google_compute_image resource (#​22247)
• compute: added type, source_nat_active_ranges and source_nat_drain_ranges fields to google_compute_router_nat resource (#​22282)
• databasemigrationservice: allowed setting ssl.type in google_database_migration_service_connection_profile resource (#​22268)
• firestore: added MONGODB_COMPATIBLE_API enum option to api_scope field in google_firestore_index resource (#​22287)
• firestore: added database_edition field to google_firestore_database resource (#​22287)
• firestore: added density and multikey fields to google_firestore_index resource (#​22287)
• memorystore: added managed_backup_source and gcs_source fields to google_memorystore_instance resource (#​22295)
• monitoring: added password_wo write-only field and password_wo_version field to google_monitoring_uptime_check_config resource (#​22242)
• redis: added managed_backup_source and gcs_source fields to google_redis_cluster resource (#​22277)
• storage: added support for deleting pending caches present on bucket when setting force_destory to true in google_storage_bucket resource (#​22262)
• storagecontrol: added trial_config field to google_storage_control_folder_intelligence_config resource (#​22236)
• storagecontrol: added trial_config field to google_storage_control_organization_intelligence_config resource (#​22236)
• storagecontrol: added trial_config field to google_storage_control_project_intelligence_config resource (#​22236)

BUG FIXES:

• container: fixed perma-diff in fleet field when the fleet.project field being added is null or empty in google_container_cluster resource (#​22240)
• pubsub: fixed perma-diff by changing allowed_persistence_regions field to set in google_pubsub_topic resource (#​22273)

hashicorp/terraform-provider-google-beta (google-beta)

v7.4.0

Compare Source

DEPRECATIONS:

• compute: deprecated the option to deploy a container during VM creation using the container startup agent in google_compute_instance. Use alternative services to run containers on your VMs. Learn more at https://cloud.google.com/compute/docs/containers/migrate-containers. (#​10725)

FEATURES:

• New Data Source: google_artifact_registry_maven_artifact (#​10718)
• New Data Source: google_compute_interconnect_location (#​10727)
• New Resource: google_network_services_wasm_plugin (#​10742)

IMPROVEMENTS:

• compute: added scheduling.0.skip_guest_os_shutdown field to google_compute_instance_template resource (#​10729)
• compute: added scheduling.0.skip_guest_os_shutdown field to google_compute_instance resource (#​10729)
• compute: added scheduling.0.skip_guest_os_shutdown field to google_compute_region_instance_template resource (#​10729)
• compute: added tunneling_config field to google_compute_service_attachment resource (#​10730)
• container: added auto_ipam_config to google_container_cluster resource. (#​10737)
• privilegedaccessmanager: added privileged_access.gcp_iam_access.role_bindings.id field to google_privileged_access_manager_entitlement resource (#​10743)
• storage: added support for timeouts to google_storage_bucket_iam_binding, google_storage_bucket_iam_member, google_storage_bucket_iam_policy resources (#​10726)

BUG FIXES:

• bigtable: fixed node_scaling_factor forcing new instance on google_bigtable_instance when adding new cluster (#​10744)
• cloudscheduler: fixed a type assertion panic in google_cloud_scheduler_job when processing HTTP headers with nil or unexpected data types (#​10720)
• compute: fixed the Network field cannot be modified issue in google_compute_region_backend_service. Now updating the network field will force the resource to be recreated (#​10738)
• netapp: fixed incorrect default value handling in google_netapp_volume for export_policy.rules attributes has_root_access and squash_mode. When not specified, these fields will now take on the API default value with no diff. (#​10736)
• netapp: updated google_netapp_storage_pool to source the default value for the qos_type field from the API. If not specified in the configuration, qos_type will now default to the value provided by the NetApp Volumes API. (#​10735)
• sql: fixed the permadiffs on disk_size when disk_autoresize is enabled in google_sql_database_instance (#​10739)
• workbench: added retry for unable to queue the operation 409 errors in google_workbench_instance resource. (#​10733)

v7.3.0

Compare Source

FEATURES:

• New Data Source: google_backup_dr_data_source_reference (#​10707)
• New Resource: google_bigquery_datapolicyv2_data_policy (#​10693)
• New Resource: google_saas_runtime_release (#​10685)
• New Resource: google_secure_source_manager_hook (#​10706)

IMPROVEMENTS:

• cloudrun: added sub_path field to google_cloud_run_service resource. (#​10705)
• cloudrunv2: added sub_path field to google_cloud_run_v2_service google_cloud_run_v2_job and google_cloud_run_v2_worker_pool resource. (#​10705)
• compute: added labels and label_fingerprint fields to google_compute_security_policy resource (#​10696)
• compute: labels under initialize_params are now updatable on google_compute_instance (#​10710)
• container: added new fields memory_manager and topology_manager to node_kubelet_config block (#​10681)
• datastream: added destination_config.bigquery_destination_config.source_hierarchy_datasets.project_id field to google_datastream_stream resource (#​10704)
• discoveryengine: added app_type field to google_discovery_engine_search_engine resource (#​10694)
• gkeonprem: added proxy field to google_gkeonprem_vmware_admin_cluster resource (#​10702)
• healthcare: added validation_config to google_healthcare_fhir_store resource (#​10700)
• iamworkforcepool: added extended_attributes field to workforce_pool_provider resource (#​10688)
• netapp: added export_policy.rules.squash_mode field to google_netapp_volume resource. (#​10711)
• privateca: added encryption_spec field to google_privateca_ca_pool resource (#​10699)
• run: added connector to vpcAccess on google_cloud_run_v2_worker_pool resource (#​10701)
• tags: added the DATA_GOVERNANCE value to google_tags_tag_key.purpose (#​10687)

BUG FIXES:

• bigquery: updated the schema change detection for google_bigquery_table to take into account presence of row access policy (#​10683)
• compute: fixed allow_global_access to correctly be immutable for google_compute_forwarding_rule resources with load balancing scheme of INTERNAL_MANAGED (#​10692)
• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​10715)
• dialogflow: added support for non-global endpoints for google_dialogflow_conversation_profile (#​10712)
• publicca: use RawURLEncoding instead of URLEncoding for unpadded base64 encoding (#​10682)
• secretmanager: fixed a panic in google_secret_manager_secret_version in a secret_manager (#​10698)
• workbench: fixed issue that resource creation with computed labels field fails in google_workbench_instance resource (#​10691)
• workbench: made report-notebook-metrics metadata key settable for google_workbench_instance (#​10690)

v7.2.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_python_package (#​10671)
• New Data Source: google_backup_dr_data_source_references (#​10672)
• New Resource: google_discovery_engine_acl_config (#​10680)
• New Resource: google_saas_runtime_unit_kind (#​10652)

IMPROVEMENTS:

• chronicle: made the scope_info field in google_chronicle_reference_list configurable (#​10663)
• compute: added header_action to path_matcher and default_service level on google_compute_region_url_map resource (#​10665)
• container: added secret_manager_config.rotation_config field to google_container_cluster resource (#​10659)
• container: added new fields memory_manager and topology_manager to google_container_cluster.node_config.kubelet_config and google_container_node_pool.node_config.kubelet_config (#​10681)
• healthcare: added consent_config field to google_healthcare_fhir_store resource (#​10666) New Resource: google_network_management_organization_vpc_flow_logs_config (#​10660)
• sql: added final_backup_description and final_backup_config fields to google_sql_database_instance resource (#​10678)
• storage: added aws_s3_compatible_data_source to google_storage_transfer_job resource (#​10656)

BUG FIXES:

• provider: fixed an issue with universe_domain where the provider tried to connect to "googleapis.com" for user email logging when universe_domain was set (#​10654)
• container: fixed a faulty diff for arrays on user_managed_keys_config that caused faulty cluster updates to be triggered in google_container_cluster (#​10668)
• osconfig: fixed permadiff in google_osconfig_patch_deployment where patch_config.yum.minimal doesn't send false for empty values (#​10661)

v7.1.1

Compare Source

BUG FIXES:

• bigtable: fixed an error encountered when applying google_bigtable_table_iam_* resources after upgrading to 7.x and replacing instance with instance_name (#​10667)

v7.1.0

Compare Source

DEPRECATIONS:

• container: deprecated enterprise_config field in google_container_cluster resource. GKE Enterprise features are now available without an Enterprise tier. (#​10646)
• storage: removed deprecated status for field to detect_md5hash in google_storage_bucket_object resource (#​10605)

FEATURES:

• New Data Source: google_iap_web_forwarding_rule_service_iam_policy (#​10621)
• New Resource: google_iap_web_forwarding_rule_service_iam_binding (#​10621)
• New Resource: google_iap_web_forwarding_rule_service_iam_member (#​10621)
• New Resource: google_iap_web_forwarding_rule_service_iam_policy (#​10621)

IMPROVEMENTS:

• artifactregistry: added registry_uri as attribute to google_artifact_registry_repository (#​10618)
• backupdr: added create_time field to google_backup_dr_backup data source (#​10626)
• cloudbuild: added worker_config.enable_nested_virtualization field to google_cloudbuild_worker_pool resource (#​10619)
• cloudrunv2: added support for multi_region_settings field to google_cloud_run_v2_service resource (#​10607)
• compute: add params.resource_manager_tags field to the google_compute_region_backend_service (#​10634)
• compute: added public_delegated_sub_prefixs field to resource google_compute_public_delegated_prefix (#​10638)
• compute: added update_strategy field to google_compute_network_peering resource (#​10623)
• firestore: added unique field to google_firestore_index resource (#​10617)
• netapp: added qos_type and available_throughput_mibps fields to google_netapp_storage_pool resource (#​10615)
• netapp: added throughput_mibps field to google_netapp_volume resource (#​10615)
• networkservices: allowed EXPLICIT_ROUTING_MODE for routing_mode on google_network_services_gateway resource (#​10608)
• sql: added consumer_network_status, ip_address, and status fields to psc_auto_connections field on google_sql_database_instance resource (#​10637)
• storagetransfer: added service_account field to google_storage_transfer_job resource (#​10635)
• storagetransfer: added transfer_spec.aws_s3_data_source.credentials_secret to google_storage_transfer_job resource (#​10609)

BUG FIXES:

• compute: fixed certain spurious diffs for google_compute_region_backend_service.backend.group (#​10611)
• compute: fixed permadiff on google_compute_region_network_endpoint_group when no network is specified (#​10625)
• memorystore: fixed permadiffs that cause destroy+recreate on new google_memorystore_instance when desired_psc_auto_connections is set (#​10648)
• netapp: fixed a permadiff on total_iops in google_netapp_storage_pool resource (#​10643)
• oracledatabase: fixed permadiffs on google_oracle_database_autonomous_database resource for the odb_network and odb_subnet fields (#​10627)

v7.0.1

Compare Source

BUG FIXES:

• storage: fixed a conversion crash in google_storage_bucket state migration #​10629

v7.0.0

Compare Source

Terraform Google Provider 7.0.0 Upgrade Guide

BREAKING RESOURCE REMOVALS:

• beyondcorp: removed google_beyondcorp_application, its associated IAM resources google_beyondcorp_application_iam_binding, google_beyondcorp_application_iam_member, and google_beyondcorp_application_iam_policy, and the google_beyondcorp_application_iam_policy datasource. Use google_beyondcorp_security_gateway_application instead. #​10536
• notebooks: removed google_notebooks_location #​10350
• tpu: removedgoogle_tpu_node. Use google_tpu_v2_vm instead. #​10516

BREAKING FIELD REMOVALS:

• cloudrunv2: removed template.containers.depends_on within resource google_cloud_run_v2_worker_pool #​10444
• colab: removed post_startup_script_config field from from google_colab_runtime_template resource #​10555
• compute: removed field enable_flow_logs from google_compute_subnetwork #​10398
• gkehub: removed configmanagement.binauthz field in google_gke_hub_feature_membership #​10585
• gkehub: removed description field in google_gke_hub_membership #​10344
• memorystore: removed allow_fewer_zones_deployment field from google_memorystore_instance resource because it isn't user-configurable #​10588
• redis: removed allow_fewer_zones_deployment field from google_redis_cluster resource because it isn't user-configurable #​10588
• resourcemanager: removed non-functional project field from google_service_account_key datasource #​10537

BREAKING INCREASED VALIDATION:

• cloudfunctions2: made event_type a required field for event_trigger in google_cloudfunctions2_function #​10501
• networkservices: made load_balancing_scheme required in google_network_services_lb_traffic_extension #​10419
• sql: made password_wo_version required when password_wo is set in google_sql_user #​10591
• storage: added validation requiring the topic field to be in the form "projects//topics/" in google_storage_notification #​10602
• storagetransfer: added path validation for GCS path source and sink in google_storage_transfer_job #​10297
• vertexai: made metadata, and metadata.config required in google_vertex_ai_index. Resource creation would fail without these attributes already, so no change is necessary to existing configurations. #​10520

OTHER BREAKING CHANGES:

• provider: fixed many import functions throughout the provider that erroneously matched a subset of the provided input, leading to unclear error messages when using terraform input with invalid resource IDs. #​10545
• alloydb: added deletion_protection field with a default value of true to google_alloydb_cluster resource #​10553
• apigee: changed certs_info field in google_apigee_keystores_aliases_key_cert_file to be output-only #​10602
• apigee: migrated google_apigee_keystores_aliases_key_cert_file to the plugin framework #​10602
• artifactregistry: removed the default values for public_repository fields in google_artifact_registry_repository. If your state is reliant on them, they will now need to be manually included in your configuration. #​10519
• bigquery: removed the default value of view.use_legacy_sql in google_bigquery_table #​10578
• bigtable: renamed instance to instance_name for bigtable_table_iam objects #​10248
• billing: made budget_filter.credit types and budget_filter.subaccounts no longer optional+computed, only optional, in google_billing_budget resource #​10587
• cloudfunctions2: changed service_config.service field in google_cloudfunctions2_function resource to be output-only #​10432
• compute: subnetworks and instances fields in google_compute_packet_mirroring have been converted from arrays to sets #​10550
• compute: advertised_ip_ranges field group in google_compute_router has been converted from a list to a set #​10557
• compute: disk.type, disk.mode and disk.interface no longer use provider configured default values and instead will be set by the API in google_compute_instance_template and google_compute_region_instance_template resources #​10569
• gkehub: updated beta api endpoint from v1beta1 to v1beta #​10344
• resourcemanager: changed disable_on_destroy default value to false in google_project_service #​10508
• securesourcemanager: changed deletion_policy default value from DELETE to PREVENT #​10515
• storage: changed retention_period to string data type in resource google_storage_bucket #​10311
• storage: migrated google_storage_notification to the plugin framework #​10602

FEATURES:

• New Data Source: google_artifact_registry_npm_package (#​10582)
• New Data Source: google_certificate_manager_dns_authorization (#​10544)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_binding (#​10561)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_member (#​10561)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_policy (#​10561)
• New Resource: google_saas_runtime_saas (#​10556)

IMPROVEMENTS:

• bigquery: added support for "connection_properties" for bigquery to google_bigquery_job (beta) (#​10554)
• cloudbuild: added developer_connect_event_config field to google_cloudbuild_trigger resource (#​10563)
• cloudtasks: added desired_state field to google_cloud_tasks_queue resource (#​10567)
• cloudrunv2: added max_instance_count field to google_cloud_run_v2_service resource. (#​10558)
• compute: added params.resourceManagerTags field to the google_compute_backend_service (#​10575)
• compute: added params.resource_manager_tags field to google_compute_backend_bucket (#​10581)
• compute: added short_name field to google_compute_organization_security_policy resource (#​10572)
• container: added cluster_autoscaling.default_compute_class_enabled field to google_container_cluster resource (#​10552)
• dialogflowcx: added enableMultiLanguageTraining, locked, answerFeedbackSettings, personalizationSettings, clientCertificateSettings, startPlaybook, satisfiesPzs, and satisfiesPzi to google_dialogflow_cx_agent resource. (#​10543)
• lustre: increased google_lustre_instance resource create timeout to 120m from 20m (#​10570)
• oracledatabase: enabled default_from_api flag for ODB Network related fields in google_oracle_database_cloud_vm_cluster resource (#​10564)
• sql: added feature to restore google_sql_database_instance using backupdr_backup (#​10579)
• ssm: made ca_pool argument optional for private instances that use Google-managed trusted certificates.tosecure_source_manager` resource (#​10559)

BUG FIXES:

• container: fixed issue where a failed creation on google_container_node_pool would result in an unrecoverable tainted state (#​10586)
• gkeonprem: set default_from_api in image field in google_vmware_node_pool (#​10551)
• workbench: made install-monitoring-agent metadata key settable for google_workbench_instance (#​10589)

v6.50.0

Compare Source

NOTES:

• bigtable: It is recommended for google_bigtable_table_iam_* resources to upgrade to v6.50.0 and switch from instance to instance_name in your configuration before upgrading to v7.X (#​10746)

DEPRECATIONS:

• bigtable: deprecated instance in favor of instance_name in google_bigtable_table_iam_* resources (#​10746)

IMPROVEMENTS:

• bigtable: added instance_name field to google_bigtable_table_iam_* resources (#​10746)

v6.49.3

Compare Source

BUG FIXES:

• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​10715)

v6.49.2

Compare Source

BUG FIXES:

• container: fixed issue where a failed creation on google_container_node_pool would result in an unrecoverable tainted state (#​24077)

v6.49.1

Compare Source

BUG FIXES:

• secretmanager: fixed issue where upgrading to 6.49.0 would cause all google_secret_manager_secret_version resources to be recreated unless secret_data_wo_version was set (#​10574)

v6.49.0

Compare Source

DEPRECATIONS:

• beyondcorp: google_beyondcorp_application_iam_binding, google_beyondcorp_application_iam_member and google_beyondcorp_application_iam_policy IAM resources, and the google_beyondcorp_application_iam_policy datasource have been deprecated and will be removed in the upcoming major release (#​10532)
• tpu: deprecated google_tpu_tensorflow_versions data source. Use google_tpu_v2_runtime_versions instead. (#​10514)

FEATURES:

• New Data Source: google_artifact_registry_tag (#​10531)
• New Data Source: google_artifact_registry_tags (#​10518)
• New Resource: google_dialogflow_convesation_profile (#​10533)

IMPROVEMENTS:

• apikeys: added service_account_email to google_apikeys_key (#​10538)
• bigqueryreservation: added support for scaling_mode and max_slots properties on google_bigquery_reservation (beta) (#​10509)
• compute: added advanced_options_config field to google_compute_region_security_policy resource (#​10498)
• container: added eviction_soft, eviction_soft_grace_period, eviction_minimum_reclaim, eviction_max_pod_grace_period_seconds, max_parallel_image_pulls, transparent_hugepage_enabled, transparent_hugepage_defrag and min_node_cpus fields to node_config block of google_container_node_pool and google_container_cluster resources (#​10522)
• networkmanagement: added subnet and network fields to the google_network_management_vpc_flow_logs_config resource (beta) (#​10506)
• networkmanagement: added output-only field target_resource_state to the google_network_management_vpc_flow_logs_config resource (#​10506)
• resourcemanager: Added management_project and configured_capabilities fields to the google_folder resource. (#​10525)

BUG FIXES:

• cloud_tasks: correctly set name field to be required in google_cloud_tasks_queue resource (#​10534)
• clouddeploy: allowed sending start_time with default values in weekly_windows in google_clouddeploy_deploy_policy resource. start_time 00:00 means the policy will start at midnight. (#​10530)
• kms: skip_initial_version_creation field is no longer immutable in google_kms_crypto_key, but is still only settable at-creation (#​10526)
• netapp: fixed bug where google_netapp_volume.large_capacity was not properly marked as immutable, causing updates to fail (and making it impossible to change the field value after creation) (#​10541)
• networkconnectivity: added update support for linked_vpc_network in google_network_connectivity_spoke (#​10507)

v6.48.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_package (#​10490)
• New Data Source: google_artifact_registry_repositories (#​10494)
• New Data Source: google_artifact_registry_version (#​10468)
• New Resource: google_dialogflow_cx_playbook (initial basic support, full features to follow in a later release) (#​10485)
• New Resource: google_vertexai_rag_engine_config (#​10481)

IMPROVEMENTS:

• backupdr: added log_retention_days field to google_backup_dr_backup_plan resource (#​10463)
• compute: added advanced_options_config field to google_compute_region_security_policy resource (#​10498)
• compute: added ha_policy field to google_compute_region_backend_service resource (#​10493)
• compute: added the ability to use global target forwarding rule for target_service field in google_compute_service_attachment resource (#​10483)
• container: added boot_disk to node_config in google_container_cluster and google_container_node_pool resources (#​10457)
• container: added node_config.kubelet_config.single_process_oom_kill field to google_container_node_pool and google_container_cluster resources (#​10461)
• container: added in-place update support for user_managed_keys_config field in google_container_cluster resource (#​10475)
• dataproc: added cluster_config.cluster_tier field to google_dataproc_cluster resource (#​10453)
• gkeonprem: added enable_advanced_cluster field to google_gkeonprem_vmware_admin_cluster resource (#​10496)
• memorystore: added allow_fewer_zones_deployment field to google_memorystore_instance resource (#​10462)
• sql: added field psa_write_endpoint flag to google_sql_database_instance resource (#​10467)
• sql: added network_attachment_uri field to google_sql_database_instance resource (#​10484)
• sql: added node_count field to sql_database_instance resource, and added new value READ_POOL_INSTANCE enum to instance_type field of sql_database_instance resource (#​10487)
• storagetransfer: added federated_identity_config to google_storage_transfer_job resource (#​10489)
• storagetransfer: added transfer_spec.aws_s3_data_source.cloudfront_domain field to google_storage_transfer_job resource (#​10479)

BUG FIXES:

• accesscontextmanager: made scopes field as immutable for access_context_manager_access_policy resource (#​10478)
• bigquery: fixed handling of non-legacy roles for access block inside google_bigquery_dataset resource (#​10488)
• container: fixed an issue causing errors during updates to node_config to be suppressed in google_container_cluster and google_container_node_pool resources (#​10459)

v6.47.0

Compare Source

DEPRECATIONS:

• compute: deprecated network_self_link field in google_compute_subnetworks data source. Use network_name instead. (#​10423)
• resourcemanager: deprecated project field in google_service_account_key data source. The field is non functional and can safely be removed from your configuration. (#​10442)

FEATURES:

• New Data Source: google_artifact_registry_docker_images (#​10422)
• New Resource: google_apigee_security_action (#​10407)
• New Resource: google_developer_connect_insights_config (#​10431)
• New Resource: google_discovery_engine_cmek_config (#​10416)
• New Resource: google_iam_workforce_pool_iam_binding (#​10426)
• New Resource: google_iam_workforce_pool_iam_member (#​10426)
• New Resource: google_iam_workforce_pool_iam_policy (#​10426)

IMPROVEMENTS:

• backupdr: added backup_retention_inheritance field to google_backup_dr_backup_vault resource (#​10446)
• bigqueryanalyticshub: added commercial_info and delete_commercial fields in google_bigquery_analytics_hub_listing resource (#​10415)
• bigqueryanalyticshub: added discovery_type field to google_bigquery_analytics_hub_data_exchange resource (#​10435)
• bigqueryanalyticshub: added state, discovery_type, and allow_only_metadata_sharing fields to google_bigquery_analytics_hub_listing resource (#​10435)
• cloudfunction: added automatic_update_policy and on_deploy_update_policy to google_cloudfunctions_function resource (#​10448)
• cloudrunv2: added gpu_zonal_redundancy_disabled field to google_cloud_run_v2_job resource. (#​10440)
• compute: added labels field to google_compute_storage_pool resource (#​10425)
• compute: added network_name field to google_compute_subnetworks data source (#​10423)
• container: added ip_allocation_policy.additional_ip_ranges_config field to google_container_cluster resource (#​10451)
• container: added network_config.additional_node_network_configs.subnetwork field to google_container_node_pool resource (#​10451)
• container: added addons_config.lustre_csi_driver_config field to google_container_cluster resource (#​10413)
• container: added support for rbac_binding_config in google_container_cluster (#​10441)
• dataproc: added cluster_config.cluster_tier field to google_dataproc_cluster resource (#​10453)
• looker: added LOOKER_CORE_TRIAL_STANDARD, LOOKER_CORE_TRIAL_ENTERPRISE, and LOOKER_CORE_TRIAL_EMBED editions to google_looker_instance resource. (#​10427)
• managedkafka: added tls_config field to google_managed_kafka_cluster resource (#​10420)
• memorystore: added allow_fewer_zones_deployment field to google_redis_cluster resource (#​10434)
• storage: added deletion_policy field to google_storage_bucket_object resource (#​10445)
• vertexai: added custom_delete field to google_vertex_ai_endpoint_with_model_garden_deployment resource (#​10430)

BUG FIXES:

• bigquery: fixed a crash in google_bigquery_table when configured as an external table with parquet_options (#​10438)
• cloudrunv2: fixed an issue where manual_instance_count was unable to set to 0 in google_cloud_run_v2_worker_pool. (#​10433)
• composer: fixed updates failing for recovery_config with explicitly disabled scheduled snapshots (#​10405)
• iap: fixed an issue where deleting google_iap_settings without setting GOOGLE_PROJECT incorrectly failed (#​10410)
• storage: removed client-side GCS name validations for google_storage_bucket (#​10406)

v6.46.0

Compare Source

FEATURES:

• New Data Source: google_storage_insights_dataset_config (#​10402)
• New Resource: google_apigee_api_product (#​10378)
• New Resource: google_discovery_engine_recommendation_engine (#​10394)
• New Resource: google_oracle_database_odb_network (#​10383)
• New Resource: google_oracle_database_odb_subnet (#​10396)
• New Resource: google_storage_insights_dataset_config (#​10401)

IMPROVEMENTS:

• compute: added params.resourceManagerTags field to the google_compute_router (#​10392)
• compute: added in-place update support for provisioned_iops, provisioned_throughput, and access_mode fields in google_compute_region_disk resource (#​10397)
• dataproc: added authentication_config field to google_dataproc_batch and google_dataproc_session_template resource (#​10375)
• dataproc: added idle_ttl field to google_dataproc_session_template resource (#​10386)
• networkconnectivity: added field allocation_options to resource google_network_connectivity_internal_range (#​10390)
• oracledatabase: added odb_network and odb_subnet fields, and made network and cidr fields optional in google_oracle_database_autonomous_database resource (#​10389)
• oracledatabase: added odb_network, odb_subnet and backup_odb_subnet fields, and made network, cidr and backup_subnet_cidr fields optional in google_oracle_database_cloud_vm_cluster resource (#​10391)
• secretmanager: added tags field to google_secret_manager_regional_secret to allow setting tags for regional_secrets at creation time (#​10400)
• securesourcemanager: added deletion_policy field to google_secure_source_manager_repository resource (#​10395)
• workbench: added enable_managed_euc field to google_workbench_instance resource. (#​10388)
• workbench: added reservation_affinity field to google_workbench_instance resource. (#​10384)

BUG FIXES:

• composer: fixed updates failing for google_composer_environment recovery_config with explicitly disabled scheduled snapshots (#​10405)
• datastore: fixed a permadiff with google_datastream_connection_profile's create_without_validation field (#​10403)
• memorystore: fixed bug to allow google_memorystore_instance to be used with no provider default region or with a location that doesn't match the provider default region. (#​10380)
• networkconnectivity: fixed instances[].ip_address & instances[].virtual_machine fields in linked_router_appliance_instances block being incorrectly treated as immutable for google_network_connectivity_spoke resource (#​10399)
• resourcemanager: updated service account creation to prevent failures due to eventual consistency in google_service_account resource (#​10371)
• sql: fixed a provider crash when importing google_sql_database resource (#​10374)

v6.45.0

Compare Source

DEPRECATIONS:

• gemini: deprecated the disable_web_grounding field in the google_gemini_gemini_gcp_enablement_setting resource (#​10338)

FEATURES:

• New Resource: google_bigtable_schema_bundle (#​10342)
• New Resource: google_compute_preview_feature (#​10364)
• New Resource: google_dialogflow_cx_generator (#​10348)
• New Resource: google_model_armor_floorsetting (#​10359)
• New Resource: google_vertex_ai_endpoint_with_model_garden_deployment (#​10365)

IMPROVEMENTS:

• accesscontextmanager: added name to google_access_context_manager_gcp_user_access_binding resource (#​10370)
• bigquery: added ignore_auto_generated_schema virtual field to google_bigquery_table resource to ignore server-added columns in the schema field (#​10366)
• compute: added params.resourceManagerTags field to the google_compute_subnetwork (#​10357)
• compute: added mirrorPercent field to requestMirrorPolicy in defaultRouteAction, pathMatchers[].defaultRouteAction, pathMatchers[].pathRules[].routeAction, and pathMatchers[].routeRules[].routeAction to google_compute_region_url_map resource (#​10351)
• compute: added rule.match.src_secure_tags, rule.target_secure_tags, predefined_rules.match.src_secure_tags and predefined_rules.target_secure_tags fields to google_compute_firewall_policy_with_rules resource (#​10367)
• dataproc: added cluster_config.security_config.identity_config field to google_dataproc_cluster resource (#​10352)
• dataproc: updated cluster_config.gce_cluster_config.metadata field to be computed in google_dataproc_cluster resource (#​10352)
• dialogflowcx: added flexible support to google_dialogflow_cx_webhook resource. (#​10339)
• gemini: added web_grounding_type field to google_gemini_gemini_gcp_enablement_setting resource (#​10338)
• netapp: added in-place update support for allow_auto_tiering field in google_netapp_storage_pool resource (#​10353)
• secretmanager: added tags field to google_secret_manager_secret to allow setting tags for secrets at creation time (#​10360)
• securesourcemanager: added deletion_policy field to google_secure_source_manager_instance resource (#​10349)
• sql: added network_attachment_uri field to google_sql_database_instance (#​10354)
• vmwareengine: added GOOGLE_CLOUD_NETAPP_VOLUMES peering type to resource google_vmwareengine_network_peering (#​10363)

BUG FIXES:

• modelarmor: fixed conflicting field validation for filter_config.sdp_settings on google_model_armor_template (#​10361)
• resourcemanager: updated service account creation to prevent failures due to eventual consistency in google_service_account resource (#​10371)

v6.44.0

Compare Source

FEATURES:

• New Data Source: google_compute_network_attachment (#​10336)
• New Data Source: google_firestore_document (#​10321)
• New Resource: google_backup_dr_service_config (#​10320)
• New Resource: google_bigquery_analytics_hub_data_exchange_subscription (#​10328)

IMPROVEMENTS:

• apigee: added access_logging_config field to google_apigee_instance resource (#​10303)
• apigee: marked access_logging_config field immutable in google_apigee_instance resource (#​10337)
• backupdr: added in-place update support for google_backup_dr_backup_plan resource (#​10312)
• bigqueryanalyticshub: added routine field to google_bigquery_analytics_hub_listing resource (#​10327)
• compute: added params.resource_manager_tags field to google_compute_firewall resource (#​10304)
• compute: added aggregate_reservation.vm_family, aggregate_reservation.reserved_resources.accelerator.accelerator_count, aggregate_reservation.reserved_resources.accelerator.accelerator_type and aggregate_reservation.workload_type fields to google_future_reservation resource (#​10317)
• compute: added application_aware_interconnect and aai_enabled fields to google_compute_interconnect resource (#​10333)
• compute: added load_balancing_scheme field to google_compute_backend_bucket resource (#​10301)
• compute: added provisioned_iops and provisioned_throughput fields to google_compute_region_disk resource (#​10319)
• compute: added request_body_inspection_size field to google_compute_security_policy resource (#​10318)
• compute: added specific_reservation.instance_properties.maintenance_interval, share_settings.projects and enable_emergent_maintenance fields to google_compute_reservation resource (#​10329)
• firestore: added tags field to google_firestore_database resource (#​10335)
• securesourcemanager: added in-place update support for description field in google_secure_source_manager_repository resource (#​10325)
• storage: added force_empty_content_type field to google_storage_bucket_object resource (#​10334)

BUG FIXES:

• artifactregistry: fixed an issue where changes to cleanup_policies were not being applied correctly in google_artifact_registry_repository resource (#​10324)
• firebasehosting: skipped deletion of google_firebase_hosting_site resource of type DEFAULT_SITE (#​10305)
• iambeta: fixed perma-diff for jwks_json field when GCP normalizes JSON formatting in google_iam_workload_identity_pool_provider resource (#​10306)

v6.43.0

Compare Source

DEPRECATIONS:

• iap: deprecated google_iap_client and google_iap_brand (#​10269)

FEATURES:

• New Data Source: google_network_management_connectivity_test_run (#​10300)
• New Data Source: google_redis_cluster (#​10273)
• New Resource: google_contact_center_insights_analysis_rule (#​10272)
• New Resource: google_model_armor_template (#​10270)

IMPROVEMENTS:

• bigquery: added ignore_schema_changes virtual field to google_bigquery_table resource. Only dataPolicies field is supported in ignore_schema_changes for now. (#​10299)
• billing: added currency_code to google_billing_account data source (#​10284)
• compute: added params.resource_manager_tags field to google_compute_network resource (#​10266)
• compute: added load_balancing_scheme field to google_compute_backend_bucket resource (#​10301)
• compute: added params.resource_manager_tags field to google_compute_route resource (#​10293)
• compute: added update_strategy field to google_compute_network_peering resource (#​10275)
• container: added secret_manager_config.rotation_config field to google_container_cluster resource (#​10291)
• container: added anonymous_authentication_config field to google_container_cluster resource (#​10295)
• dataplex: added suspended field to google_dataplex_datascan resource (#​10276)
• discoveryengine: added enable_table_annotation, enable_image_annotation, structured_content_types, exclude_html_elements, exclude_html_classes and exclude_html_ids fields to layout_parsing_config of google_discovery_engine_data_store resource (#​10288)
• discoveryengine: added kms_key_name field to google_discovery_engine_data_store resource (#​10281)
• memorystore: added managed_server_ca field to google_memorystore_instance resource (#​10268)
• secretmanager: added deletion_protection field to google_secret_manager_secret resource to optionally make deleting them require an explicit intent (#​10289)
• secretmanager: added fetch_secret_data to google_secret_manager_secret_version to optionally skip fetching the secret data (#​10282)

BUG FIXES:

• compute: fixed match field in google_compute_router_route_policy resource to be marked as required (#​10298)
• compute: fixed an issue with bgp_always_compare_med in google_compute_network where it was unable to be set from true to false (#​10286)
• compute: made no replication status in google_compute_disk_async_replication a retryable error (#​10296)
• gkeonprem: fixed type of load_balancer.0.bgp_lb_config.0.address_pools.0.manual_assign in google_gkeonprem_bare_metal_cluster, making it a boolean instead of a string (#​10283)
• integrationconnectors: removed validation from auth configs in google_integration_connectors_connection resource (#​10267)

v6.42.0

Compare Source

FEATURES:

• New Resource: google_apihub_plugin_instance (#​10225)
• New Resource: google_apihub_plugin (#​10254)
• New Resource: google_compute_wire_group (#​10255)
• New Resource: google_dialogflow_cx_generative_settings (#​10244)

IMPROVEMENTS:

• cloudidentity: added create_ignore_already_exists field to google_cloud_identity_group_membership resource (#​10229)
• cloudkms: added etag field to google_kms_autokey_config resource (#​10227)
• cloudrunv2: added node_selector field to google_cloud_run_v2_job resource (#​10234)
• compute: added access_mode field to google_compute_region_disk resource (#​10256)
• compute: added match.src_secure_tags and target_secure_tags fields to google_compute_firewall_policy_rule resource (#​10261)
• compute: added params.resource_manager_tags field to google_compute_network resource (#​10266)
• compute: added policy_type field to google_compute_network_firewall_policy, google_compute_network_firewall_policy_with_rules, google_compute_region_network_firewall_policy, and google_compute_region_network_firewall_policy_with_rules resources (#​10239)
• compute: added resource_policies.workload_policy field to google_compute_instance_group_manager resource (#​10265)
• container: added confidential_nodes.confidential_instance_type field to google_container_cluster resource (#​10257)
• container: added gke_auto_upgrade_config field to google_container_cluster resource (#​10258)
• container: added node_config.confidential_nodes.confidential_instance_type field to google_container_node_pool resource (#​10257)
• firestore: revoked deprecation of deletion_policy field in google_firestore_database resource (#​10251)
• iam_beta: added attestation_rules field to google_iam_workload_identity_pool_managed_identity resource (#​10250)
• memorystore: added kms_key field to google_memorystore_instance resource (#​10246)
• redis: added effective_reserved_ip_range field to google_redis_instance resource (#​10235)
• secretmanager: added deletion_protection field to google_secret_manager_regional_secret resource (#​10247)
• spanner: added encryption_config.kms_key_name field to google_spanner_backup_schedule resource (#​10230)
• storage: added allow_cross_org_vpcs and allow_all_service_agent_access fields to google_storage_bucket resource (#​10252)

BUG FIXES:

• bigqueryanalyticshub: supported in-place update for log_linked_dataset_query_user_email in google_bigquery_analytics_hub_listing and google_bigquery_analytics_hub_data_exchange resources. Once enabled, this feature cannot be disabled. (#​10241)
• bigquerydatatransfer: stopped surfacing persistent warnings recommending write-only field when using secret_access_key on google_bigquery_data_transfer_config (#​10263)
• memorystore: added the ability to set the replica_count field in google_memorystore_instance resource to 0 (#​10259)
• monitoring: made description and displayName optional and mutable in google_monitoring_metric_descriptor resource (#​10233)
• redis: fixed reserved_ip_range field not being populated for google_redis_instance data source (#​10235)
• secretmanager: stopped surfacing persistent warnings recommending write-only field when using secret_data on google_secret_manager_secret_version (#​10263)
• sql: stopped surfacing persistent warnings recommending write-only field when using password on google_sql_user (#​10263)
• workbench: added support for setting serial-port-logging-enable key in metadata field in google_workbench_instance resource (#​10253)

v6.41.0

Compare Source

BREAKING CHANGES:

• lustre: added per_unit_storage_throughput as a required field to google_lustre_instance resource in response to a change in the API surface (#​10211)

FEATURES:

• New Data Source: google_dataplex_data_quality_rules (#​10189)
• New Resource: google_apihub_plugin_instance (#​10225)
• New Resource: google_contact_center_insights_view (#​10192)
• New Resource: google_dataproc_session_template (#​10204)
• New Resource: google_dialogflow_encryption_spec (#​10220)

IMPROVEMENTS:

• alloydb: added network_config.allocated_ip_range_override field to google_alloydb_instance resource (#​10216)
• bigqueryanalyticshub: added log_linked_dataset_query_user_email field to google_bigquery_analytics_hub_data_exchange resource (#​10200)
• bigqueryanalyticshub: added log_linked_dataset_query_user_email field to google_bigquery_analytics_hub_listing_subscription resource (#​10202)
• bigqueryanalyticshub: added pubsub_topic field to google_bigquery_analytics_hub_listing resource (#​10219)
• bigtable: added row_key_schema to google_bigtable_table resource (#​10222)
• cloudasset: added support for universe domain handling for google_cloud_asset_resources_search_all datasource. (#​10210)
• cloudquotas: added inherited and inherited_from fields to google_cloud_quotas_quota_adjuster_settings resource (#​10223)
• compute: added CROSS_SITE_NETWORK option to requested_features field in google_compute_interconnect resource (#​10207)
• compute: added TLS_JA4_FINGERPRINT option to enforce_on_key field in google_compute_region_security_policy, google_compute_security_policy, and google_compute_security_policy_rule resources (#​10199)
• compute: added send_propagated_connection_limit_if_zero to google_compute_service_attachment to resolve an issue where propagated_connection_limit were not working for 0 value previously. Now setting send_propagated_connection_limit_if_zero = true will send propagated_connection_limit = 0 when it's unset or set to 0. (#​10213)
• compute: added wire_groups field to google_compute_interconnect resource (#​10207)
• container: added performance_monitoring_unit in node_config/advanced_machine_features to 'google_container_cluster' resource (#​10191)
• container: added release_channel_upgrade_target_version to google_container_engine_versions data source (#​10221)
• dataplex: added support for discovery scan in google_dataplex_datascan resource (#​10205)
• provider: added support for adc impersonation in different universes (#​10212)
• storage: added source_md5hash field in google_storage_bucket_object (#​10196)

BUG FIXES:

• compute: fixed google_compute_firewall_policy_rule staying disabled after apply with disabled = false (#​10215)
• compute: marked name in google_compute_node_group, google_compute_node_template as required as it was impossible to create successfully without a value (#​10224)
• sql: fixed an error in updating connection_pool_config in google_sql_database_instance (#​10218)
• tags: fixed perma-diff for parent field in google_tags_location_tag_binding resource (#​10217)

v6.40.0

Compare Source

DEPRECATIONS:

• notebook: google_notebook_runtime is deprecated and will be removed in a future major release. Use google_workbench_instance instead. (#​10186)

FEATURES:

• New Data Source: google_dataplex_data_quality_rules (#​10189)
• New Resource: google_dialogflow_cx_tool (#​10154)

IMPROVEMENTS:

• backupdr: added 'supported_resource_types' field to google_backup_dr_backup_plan resource (#​10155)
• backupdr: added support for updating in-place to the google_backup_dr_backup_plan_association resource (#​10176)
• bigqueryanalyticshub: added log_linked_dataset_query_user_email field to google_bigquery_analytics_hub_listing resource (#​10177)
• compute: added cipher_suite block with phase1 and phase2 encryption configurations to google_compute_vpn_tunnel resource. (#​10188)
• compute: added fingerprint field in google_compute_target_http_proxy and google_compute_target_https_proxy resources. (#​10175)
• compute: added headers, expected_output_url, and expected_redirect_response_code fields to test in google_compute_url_map resource and made service field optional (#​10161)
• compute: added path_matcher.default_route_action fields to google_compute_region_url_map resource (#​10171)
• gkehub: added custom_role field to google_gke_hub_scope_rbac_role_binding resource (#​10151)
• integrationconnectors: added support for log_config.level for google_integration_connectors_connection (#​10170)
• netapp: added enable_hot_tier_auto_resize and hot_tier_size_gib fields to google_netapp_storage_pool resource (#​10153)
• netapp: added tiering_policy.hot_tier_bypass_mode_enabled field to google_netapp_volume resource (#​10153)
• networkconnectivity: added psc_config.producer_instance_location and psc_config.allowed_google_producers_resource_hierarchy_level fields to google_network_connectivity_service_connection_policy (#​10179)
• redis: added managed_server_ca to google_redis_cluster resource (#​10169)
• resourcemanager: allowed dataproc-control.googleapis.com and stackdriverprovisioning.googleapis.com services in google_project_service resource (#​10174)
• storage: removed the hardcoded 80m timeout used during google_storage_bucket deletion when removing an anywhere cache, polling instead. This should speed up deletion in these cases. (#​10160)
• vertexai: added region to google_vertex_ai_index_endpoint_deployed_index (#​10184)

BUG FIXES:

• beyondcorp: fixed the issue where hubs.internet_gateway.assigned_ips was not populated correctly in the google_beyondcorp_security_gateway resource (#​10182)
• compute: fixed google_compute_router_nat where changes to auto_network_tier are always showed after initial apply (#​10152)
• compute: fixed validation for target_service field in google_compute_service_attachment resource causing issues when targeting a google_network_services_gateway resource (#​10178)
• dataflow: fields network, subnetwork, num_workers, max_num_workers and machine_type will no longer cause permadiff on dataflow_flex_template_job (#​10168)
• dataproc: fixed a permadiff with "prodcurrent" and "prodprevious" within image subminor version for google_dataproc_cluster (#​10163)
• networksecurity: marked google_network_security_address_group capacity as immutable because it can't be updated in place. (#​10165)

v6.39.0

Compare Source

FEATURES:

• New Resource: google_apihub_curation (#​10130)
• New Resource: google_compute_interconnect_attachment_group (#​10136)
• New Resource: google_compute_interconnect_group (#​10136)
• New Resource: google_compute_snapshot_settings (#​10133)

IMPROVEMENTS:

• apigee: added client_ip_resolution_config field to google_apigee_environment resource (#​10143)
• beyondcorp: added delegating_service_account field to google_beyondcorp_security_gateway resource (#​10114)
• bigquery: added data_source_id to update requests through google_bigquery_data_transfer_config (#​10126)
• cloudrunv2: added google_cloud_run_v2_job support for depends_on and startup_probe properties (#​10147)
• container: added network_performance_config field to google_container_cluster resource (#​10117)
• dataplex: added catalog_publishing_enabled field to google_dataplex_datascan resource (#​10141)
• datastream: added network_attachment support via psc_interface_config attribute in google_datastream_private_connection (#​10112)
• eventarc: made network_attachment optional in google_eventarc_pipeline (#​10125)
• gemini: added disable_web_grounding field to google_gemini_gemini_gcp_enablement_setting resource (#​10115)
• gemini: added enable_data_sharing field to google_gemini_data_sharing_with_google_setting resource (#​10144)
• gkehub2: added spec.rbacrolebindingactuation field to resource google_gke_hub_feature (#​10121)
• gkehub: added custom_role field to google_gke_hub_scope_rbac_role_binding resource (#​10151)
• gkeonprem: added private_registry_config field to google_gkeonprem_vmware_admin_cluster resource (#​10150)
• iambeta: enforced workload_identity_pool_managed_identity_id field validation per the documented specifications (#​10132)
• pubsub: added message_transform field to google_pubsub_topic resource (#​10137)
• pubsub: added message_transforms field to google_pubsub_subscription resource (#​10138)

BUG FIXES:

• bigquery: modified google_bigquery_dataset_iam_member to no longer remove authorized views and routines (#​10145)
• colab: fixed perma-diff in google_colab_runtime_template caused by the API returning a non-null default value. (#​10127)
• colab: fixed perma-diff in google_colab_runtime_template caused by empty blocks. (#​10139)
• compute: fixed a permadiff in network_profile field of google_compute_network related to specifying partial self-links (#​10140)
• compute: fixed an issue where google_compute_firewall_policy_with_rules.target_resources could see a diff between the beta and v1 API in the resource's self-link (#​10142)
• container: fixed nodepool secondary range validation to allow the use of netmasks. (#​10128)
• gemini: removed overly restrictive product validation on google_gemini_gemini_gcp_enablement_setting_binding, google_gemini_data_sharing_with_google_setting_binding. New values like GOOGLE_CLOUD_ASSIST will now be accepted. (#​10146)

v6.38.0

Compare Source

DEPRECATIONS:

• colab: deprecated post_startup_script_config field in google_colab_runtime_template resource (#​10104)

FEATURES:

• New Data Source: google_bigquery_datasets (#​10095)
• New Resource: google_dataplex_entry (#​10086)

IMPROVEMENTS:

• compute: added candidate_cloud_router_ip_address, candidate_customer_router_ip_address, candidate_cloud_router_ipv6_address, and candidate_customer_router_ipv6_address fields to google_compute_interconnect_attachment resource (#​10092)
• compute: added httpFilterConfigs and httpFilterMetadata fields in google_compute_url_map resource (#​10101)
• compute: added numeric_id to google_compute_region_instance_template resource (#​10098)
• compute: added source_subnetwork_ip_ranges_to_nat64 and nat64_subnetwork fields in google_compute_router_nat resource (#​10106)
• datastream: added psc_interface_config field in google_datastream_private_connection resource (#​23091)
• dns: added dns64_config field to google_dns_policy resource (#​10106)
• filestore: added effective_replication.role and effective_replication.replicas.peer_instance fields to google_filestore_instance resource (#​10087)
• networkconnectivity: added IPV6 enum to protocol_version field in google_network_connectivity_policy_based_route resource (#​10099)
• netapp: added backup_retention_policy.backup_minimum_enforced_retention_days, backup_retention_policy.daily_backup_immutable, backup_retention_policy.weekly_backup_immutable, backup_retention_policy.monthly_backup_immutable, and backup_retention_policy.manual_backup_immutable fields to google_netapp_backup_vault (#​10110)
• privateca: added support for setting default values for basic constraints for google_privateca_certificate_template via the null_ca and zero_max_issuer_path_length fields (#​22981)
• privateca: added name_constraints field for google_privateca_certificate_template resource (#​22981)
• provider: supported service account impersonation in different universes through credential file (#​10097)

BUG FIXES:

• colab: fixed perma-diff in google_colab_runtime_template caused by the API returning a non-null default value (#​10127)
• compute: fixed an issue where rules ordering in google_compute_region_security_policy caused a diff after apply (#​10105)
• filestore: fixed bug where google_filestore_instance.initial_replication field could not be set (#​10087)

v6.37.0

Compare Source

FEATURES:

• New Data Source: google_bigquery_table (#​10076)
• New Data Source: google_gke_hub_membership (#​10075)
• New Resource: google_apigee_security_monitoring_condition (#​10063)
• New Resource: google_beyondcorp_security_gateway_application (#​10059)
• New Resource: google_cloud_run_v2_worker_pool (#​10054)
• New Resource: google_compute_future_reservation (#​10020)
• New Resource: google_dataplex_glossary_category (#​10016)
• New Resource: google_dataplex_glossary_term (#​10016)
• New Resource: google_iam_workforce_pool_provider_key (#​10070)
• New Resource: google_iam_workload_identity_pool_managed_identity (#​10081)
• New Resource: google_iam_workload_identity_pool_namespace (#​10044)
• New Resource: google_managed_kafka_acl (#​10067)

IMPROVEMENTS:

• alloydb: added activation_policy field to google_alloydb_instance resource (#​10010)
• compute: added mirror_percent field to default_route_action.request_mirror_policy, path_matchers.default_route_action.request_mirror_policy, path_matchers.path_rules.route_action.request_mirror_policy, and path_matchers.route_rules.route_action.request_mirror_policy in google_compute_url_map resource (#​10071)
• compute: added network_pass_through_lb_traffic_policy.0.zonal_affinity.0.spillover, network_pass_through_lb_traffic_policy.0.zonal_affinity.0.spillover_ratio and dynamic_forwarding.0.ip_port_selection.0.enabled to google_compute_backend_service resource (#​10056)
• compute: added in-place update support for mtu field in google_compute_network (#​10066)
• compute: added subsetting.0.subset_size and dynamic_forwarding.0.ip_port_selection.0.enabled to google_compute_region_backend_service resource (#​10056)
• container: added in-place update support for ip_allocation_policy.stack_type field in google_container_cluster resource (#​10037)
• container: added in-place update support for enable_multi_networking in google_container_cluster resource (#​10045)
• databasemigrationservice: added create_without_validation field to google_database_migration_service_private_connection resource (#​10046)
• dataflow: added additional_pipeline_options field to google_dataflow_flex_template_job resource (#​10040)
• filestore: added PSC fields to google_filestore_instance (#​10061)
• memorystore: added field desired_auto_created_endpoints for google_memorystore_instance resource (#​10031)
• netapp: added hybrid_peering_details and hybrid_replication_type fields to google_netapp_volume_replication resource (#​10077)
• netapp: added hybrid_replication_parameters fields to google_netapp_volume resource (#​10077)
• netblock: added restricted-googleapis-with-directconnectivity and private-googleapis-with-directconnectivity range_types to google_netblock_ip_ranges data source (#​10051)
• netblock: added ipv6 ranges for restricted-googleapis and private-googleapis range_types to google_netblock_ip_ranges data source (#​10051)
• privateca: added name_constraints field for google_privateca_certificate_template resource (#​10083)
• spanner: added field instance_type to the google_spanner_instance resource (#​10038)
• storage: added ip_filter to google_storage_bucket resource. (#​10078)

BUG FIXES:

• gemini: fixed permadiff on product field in google_gemini_logging_setting_binding resource (#​10011)
• gemini: fixed permadiff on product field in google_gemini_release_channel_setting_binding resource (#​10050)
• networkservices: fixed validation error when modifying the cache_mode field in edge_cache_service (#​10053)
• privateca: fixed issue preventing setting 0 and null values for basic constraints in the google_privateca_certificate_template resource via the addition of null_ca and zero_max_issuer_path_length fields (#​10083)
• vpcaccess: fixed an issue where Terraform config validation conditions could have erroneously invalidated existing google_vpc_access_connector resources (#​10018)

v6.36.1

Compare Source

BUG FIXES:

• compute: fixed forced instance recreation when adding a attached_disk with unset force_attach to google_compute_instance (#​10064)

v6.36.0

Compare Source

• DEPRECATIONS:
• beyondcorp: deprecated google_beyondcorp_application (#​9968)
• firestore: deprecated deletion_policy field of google_firestore_database resource (#​9976)

FEATURES:

• New Data Source: google_beyondcorp_security_gateway (#​9996)
• New Data Source: google_lustre_instance (#​9978)
• New Resource: google_bigquery_row_access_policy (#​10004)
• New Resource: google_dataplex_glossary (#​9997)
• New Resource: google_firebase_app_hosting_default_domain (#​9966)
• New Resource: google_firebase_app_hosting_domain (#​9966)
• New Resource: google_firebase_app_hosting_traffic (#​9966)
• New Resource: google_iam_workload_identity_pool_iam_* (#​9990)

IMPROVEMENTS:

• beyondcorp: increased default timeouts on google_beyondcorp_app_gateway operations from 20m to 40m (#​10003)
• bigtable: added deletion_protection field to google_bigtable_logical_view resource (#​9969)
• compute: added 'H2C' as a supported value for protocol in google_compute_backend_service and google_compute_region_backend_service (#​9994)
• compute: added external_managed_backend_bucket_migration_state and external_managed_backend_bucket_migration_testing_percentage to google_compute_global_forwarding_rule resource. (#​9985)
• compute: added external_managed_migration_state and external_managed_migration_testing_percentage to google_compute_backend_service resource. (#​9985)
• compute: added force_attach field to boot_disk and attached_disk of google_compute_instance resource (#​9999)
• compute: added numeric_id to google_compute_instance_template resource (#​9975)
• compute: added the numeric id as generated_id attribute to the google_compute_network_endpoint_group (#​9984)
• compute: added update support for load_balancing_scheme in google_compute_backend_service and google_compute_global_forwarding_rule resources to allow migrating between classic and global external ALB (#​9985)
• container: added in_transit_encryption_config field in google_container_cluster resource (#​9972)
• container: allowed in-place update node_config.windows_node_config field in google_container_cluster and google_container_node_pool resource (#​9986)
• container: allowed in-place update for node_config.storage_pools field in google_container_cluster and google_container_node_pool resourcee (#​9967)
• dialogflowcx: added event_handlers.trigger_fulfillment.enable_generative_fallback field to google_dialogflow_cx_flow resource (#​9958)
• dialogflowcx: added gen_app_builder_settings field to google_dialogflow_cx_agent resource (#​9971)
• iambeta: added mode, inline_certificate_issuance_config, and inline_trust_config fields to google_iam_workload_identity_pool resource (#​9990)
• vmwareengine: increased google_cloud_vmwareengine_private_cloud timeout to 6 hours. (#​9974)

BUG FIXES:

• compute: added global retry for "resourceNotReady for Networks" 400 errors (#​9970)
• dialogflowcx: fixed an issue where dialogflow_cx_custom_endpoint is not correctedly handled (#​9995)
• iamoauthclient: marked google_iam_oauth_client_credential.client_secret as sensitive (#​9992)
• resourcemanager: fixed an issue in google_projects data source where the provider universe_domain did not overwrite the list URL (#​9964)

v6.35.0

Compare Source

FEATURES:

• New Resource: google_compute_cross_site_network (#​9940)

IMPROVEMENTS:

• alloydb: added psc_auto_connections field to google_alloydb_instance resource (#​9938)
• apigee: added s_sl_info.enforce field in google_apigee_target_server resource (#​9922)
• bigquery: added security_mode option for google_bigquery_routine resource (#​9949)
• bigtable: added support for explicit disable automated backup on create for google_bigtable_table (#​9943)
• compute: added guest_os_features and architecture to google_compute_instance_template and google_compute_region_instance_template (#​9950)
• compute: added grpc_tls_health_check field to google_compute_healthcheck resource (#​9924)
• compute: allowed in-place updates for subnetworks, description, producer_accept_lists, and producer_reject_lists on google_compute_network_attachment (#​9926)
• dialogflowcx: added knowledge_connector_settings field to google_dialogflow_cx_flow and google_dialogflow_cx_page resources (#​9939)
• filestore: added directory_services field to google_filestore_instance (#​9919)
• netapp: added backup_vault_type, backup_region, source_region, source_backup_vault, and destination_backup_vault fields to google_netapp_backup_vault (#​9933)
• netapp: added volume_region and backup_region fields to google_netapp_backup (#​9933)
• networkconnectivity: added immutability field to google_network_connectivity_internal_range resource (#​9931)
• networkservices: added flex_shielding field to google_network_services_edge_cache_origin resource (#​9951)
• spanner: added field default_time_zone to google_spanner_database resource (#​9936)
• storage: added new field content_hexsha512 and content_base64sha512 in data source google_storage_bucket_object_content (#​9920)

BUG FIXES:

• gemini: fixed bug on google_gemini_code_repository_index where force_destroy field did nothing. (#​9952)
• privateca: removed requirement to specify organization for google_privateca_certificate_authority resource (#​9942)
• workbench: fixed some metadata changes not being reflected in google_workbench_instance (#​9927)

v6.34.1

Compare Source

BUG FIXES:

• bigtable: fixed forced instance recreation due to addition of cluster.node_scaling_factor for google_bigtable_instance (#​9961)

v6.34.0

Compare Source

DEPRECATIONS:

• tpu: deprecated google_tpu_node resource. google_tpu_node is deprecated and will be removed in a future major release. Use google_tpu_v2_vm instead. (#​9902)

FEATURES:

• New Resource: google_apigee_security_profile_v2 (#​9895)
• New Resource: google_resource_manager_capability (#​9917)

IMPROVEMENTS:

• bigtable: added cluster.node_scaling_factor field to google_bigtable_instance resource (#​9907)
• cloudrunv2: added scaling_mode and manual_instance_count fields to google_cloud_run_v2_service resource (#​9908)
• filestore: added directory_services field to google_filestore_instance (beta) (#​9919)
• networkconnectivity: added state_reason field to google_network_connectivity_spoke resource (#​9896)
• sql: added connection_pool_config field to the google_sql_database_instance resource (#​9918)
• vpcaccess: changed fields min_instances, max_instances, machine_type to allow update google_vpc_access_connector without without recreation. (#​9914)

BUG FIXES:

• compute: fixed the bug when validating the subnetwork project in google_compute_instance resource (#​9913)
• workbench: fixed a permadiff on metadata of instance-region in google_workbench_instance resource (#​9903)

v6.33.0

Compare Source

FEATURES:

• New Data Source: google_memcache_instance (#​9864)
• New Resource: google_bigtable_logical_view (#​9876)
• New Resource: google_bigtable_materialized_view (#​9862)
• New Resource: google_os_config_v2_policy_orchestrator_for_folder (#​9841)

IMPROVEMENTS:

• beyondcorp: Added upstreams fields to google_beyondcorp_application resource (#​9890)
• compute: Added fields like raw_key, rsa_encrypted_key, kms_key_service_account to all relevant resources on google_compute_instance_template and google_compute_region_instance_template (#​9880)
• compute: added disk_id to google_compute_region_disk resource (#​9855)
• compute: marked location field as required in google_compute_interconnect resource (#​9865)
• container: added data_cache_count to ephemeral_storage_local_ssd_config for google_container_node_pool (#​9851)
• container: added update for gvnic to google_container_node_pool (#​9834)
• dataplex: added notification_report field to google_dataplex_datascan resource (#​9857)
• dns: added target_name_servers.domainName to resourcegoogle_dns_managed_zone (beta) (#​9832)
• gkehub: added configmanagement.config_sync.deployment_overrides field to google_gke_hub_feature_membership resource (#​9828)
• identityplatform: Added response_type field to google_identity_platform_oauth_idp_config (#​9856)
• netapp: added custom_performance_enabled, total_throughput_mibps, and total_iops fields to google_netapp_storage_pool resource (beta) (#​9872)
• networkservices: added metadata field to google_networkservices_lbtrafficextension resource (#​9849)
• sql: added output-only field dns_names to google_sql_database_instance resource (#​9879)
• storage: added new fields time_created and updated in google_storage_bucket (#​9877)
• storagetransfer: added transfer_spec.aws_s3_data_source.managed_private_network field to google_storage_transfer_job resource (#​9886)

BUG FIXES:

• alloydb: stopped diffs when google_alloydb_instance.network_config is not specified as the API newly returns a value. Removing the field from config will no longer create a diff and will preserve the current value (#​9881)
• clouddeploy: allowed sending empty block for rollback field in google_clouddeploy_automation resource. (#​9878)
• compute: fixed an issue preventing terms.priority from being set to priority value 0 in google_compute_router_route_policy resource (#​9830)
• securesourcemanager: increased default timeouts on google_secure_source_manager_instance operations to 120m from 60m. Operations could take longer than an hour. (#​9868)
• sql: replaced the Terraform-based default value for settings.disk_type in google_sql_database_instance with a server-assigned default, allowing for compatibility with machine types that require HyperDisk_Balanced (#​9870)
• workstations: increased default timeouts on google_workstations_workstation_cluster operations to 120m from 60m. Operations could take longer than an hour. (#​9867)

v6.32.0

Compare Source

IMPROVEMENTS:

• container: added flex_start to node_config in google_container_cluster and google_container_node_pool (#​9885)

v6.31.1

Compare Source

BUG FIXES:

• storage: removed extra permission (storage.anywhereCaches.list) required for destroying a resource_storage_bucket (#​9842)

v6.31.0

Compare Source

DEPRECATIONS:

• integrations: deprecated run_as_service_account field in google_integrations_client resource (#​9767)

FEATURES:

• New Resource: google_compute_resource_policy_attachment (#​9824)
• New Resource: google_compute_storage_pool (#​9786)
• New Resource: google_gke_backup_backup_channel (#​9819)
• New Resource: google_gke_backup_restore_channel (#​9819)
• New Resource: google_iap_web_cloud_run_service_iam_binding (#​9823)
• New Resource: google_iap_web_cloud_run_service_iam_member (#​9823)
• New Resource: google_iap_web_cloud_run_service_iam_policy (#​9823)
• New Resource: google_storage_batch_operations_job (#​9779)

IMPROVEMENTS:

• accesscontextmanager: added scoped_access_settings field to gcp_user_access_binding resource (#​9763)
• alloydb: added assistive_experiences_enabled field to observabilityConfig in google_alloydb_instance resource (#​9808)
• alloydb: added machine_type field to google_alloydb_instance resource (#​9795)
• artifactregistry: added DEBIAN_SNAPSHOT enum value to repository_base in google_artifact_registry_repository (#​9770)
• compute: added log_config.optional_mode, log_config.optional_fields, backend.preference, max_stream_duration and cdn_policy.request_coalescing fields to google_compute_backend_service resource (#​9818)
• container: added support for updating the confidential_nodes field in google_container_node_pool (#​9804)
• discoveryengine: added allow_cross_region field to google_discovery_engine_chat_engine resource (#​9782)
• gkehub: added configmanagement.config_sync.deployment_overrides field to google_gke_hub_feature_membership resource (#​9828)
• kms: added new enum values for import_method field in google_kms_key_ring_import_job resource (#​9769)
• metastore: added tags field to google_dataproc_metastore_service resource to allow setting tags for services at creation time (#​9768)
• monitoring: added log_check_failures to google_monitoring_uptime_check_config (#​9794)
• networkconnectivity: added IPv6 support to google_network_connectivity_internal_range resource (#​9826)
• networkconnectivity: added exclude_cidr_ranges field to google_network_connectivity_internal_range resource (#​9778)
• privateca: added backdate_duration field to the google_privateca_ca_pool resource to add support for backdating the not_before_time of certificates (#​9812)
• redis: added tags field to google_redis_instance (#​9783)
• sql: added custom_subject_alternative_names field to instances resource (#​9799)
• sql: added data_disk_provisioned_iops and data_disk_provisioned_throughput fields to google_sql_database_instance resource (#​9822)
• sql: added retain_backups_on_delete field to google_sql_database_instance resource (#​9780)

BUG FIXES:

• colab: fixed perma-diff in google_colab_runtime_template caused by not returning default values. (#​9784)
• discoveryengine: fixed google_discovery_engine_target_site operations to allow for enough time to index before timing out (#​9800)
• compute: fixed perma-diff in google_compute_network_firewall_policy_rule when security_profile_group starts with // (#​9827)
• healthcare: made google_healthcare_pipeline_job wait for creation and update operation to complete (#​9785)
• identityplatform: fixed perma-diff in google_identity_platform_config when fields in blocking_functions.forward_inbound_credentials are set to false (#​9814)
• sql: added diff suppression for some version changes togoogle_sql_database_instance. Diffs for database_version for MySQL 8.0 will be suppressed when the version is updated by auto version upgrade.(#​22356)
• sql: fixed the issue of shortened version of failover_dr_replica_name causing unnecessary diff in google_sql_database_instance (#​9775)

v6.30.0

Compare Source

FEATURES:

• New Resource: google_developer_connect_account_connector (#​9741)
• New Resource: google_vertex_ai_feature_group_iam_* (#​9735)
• New Resource: google_vertex_ai_feature_online_store_iam_* (#​9735)
• New Resource: google_vertex_ai_feature_online_store_featureview_iam_* (#​9735)

IMPROVEMENTS:

• cloudrunv2: added iap_enabled field to google_cloud_run_v2_service resource (#​9758)
• compute: added source_disk_encryption_key.kms_key_self_link and source_disk_encryption_key.rsa_encrypted_key fields to google_compute_snapshot resource (#​9730)
• compute: added source_disk_encryption_key, source_image_encryption_key and source_snapshot_encryption_key fields to google_compute_image resource (#​9730)
• databasemigrationservice: added ssl.type field to google_database_migration_service_connection_profile resource (#​9739)
• firestore: added MONGODB_COMPATIBLE_API enum option to api_scope field in google_firestore_index resource (#​9750)
• firestore: added database_edition field to google_firestore_database resource (#​9750)
• firestore: added density and multikey fields to google_firestore_index resource (#​9750)
• memorystore: added managed_backup_source and gcs_source fields to google_memorystore_instance resource (#​9753)
• monitoring: added password_wo write-only field and password_wo_version field to google_monitoring_uptime_check_config resource (#​9727)
• redis: added managed_backup_source and gcs_source fields to google_redis_cluster resource (#​9745)
• storage: added support for deleting pending caches present on bucket when setting force_destory to true in google_storage_bucket resource (#​9737)
• storagecontrol: added trial_config field to google_storage_control_folder_intelligence_config resource (#​9724)
• storagecontrol: added trial_config field to google_storage_control_organization_intelligence_config resource (#​9724)
• storagecontrol: added trial_config field to google_storage_control_project_intelligence_config resource (#​9724)

BUG FIXES:

• container: fixed perma-diff in fleet field when the fleet.project field being added is null or empty in google_container_cluster resource (#​9726)
• pubsub: fixed perma-diff by changing allowed_persistence_regions field to set in google_pubsub_topic resource (#​9743)

---

Configuration

📅 Schedule: Branch creation - Monday through Friday ( * * * * 1-5 ) in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.