v5.31.1

BUG FIXES:

• iam: added a 10 second sleep when creating a google_service_account to reduce eventual consistency errors. See #18024 for more details (#18261)

v5.31.0

FEATURES:

• New Data Source: google_compute_subnetworks (#18159)
• New Resource: google_dataplex_aspect_type (#18201)
• New Resource: google_dataplex_entry_group (#18188)
• New Resource: google_kms_autokey_config (#18179)
• New Resource: google_kms_key_handle (#18179)
• New Resource: google_network_services_lb_route_extension (#18195)

IMPROVEMENTS:

• appengine: added field instance_ip_mode to resource google_app_engine_flexible_app_version resource (beta) (#18168)
• bigquery: added external_data_configuration.bigtable_options to google_bigquery_table (#18181)
• composer: added support for importing google_composer_user_workloads_secret via the "{{environment}}/{{name}}" format. (#7390)
• composer: improved timeouts for google_composer_user_workloads_secret. (#7390)
• compute: added TLS_JA3_FINGERPRINT and USER_IP options in field rate_limit_options.enforce_on_key to google_compute_security_policy resource (#18167)
• compute: added 'rateLimitOptions' field to 'google_compute_security_policy_rule' resource (#18167)
• compute: changed google_compute_region_ssl_policy's region field to optional and allow to be inferred from environment (#18178)
• compute: added subnet_length field to google_compute_interconnect_attachment resource (#18187)
• container: added containerd_config field and subfields to google_container_cluster and google_container_node_pool resources, to allow those resources to access private image registries. (#18160)
• container: allowed both enable_autopilot and workload_identity_config to be set in google_container_cluster resource. (#18166)
• datastream: added create_without_validation field to google_datastream_connection_profile, google_datastream_private_connection and google_datastream_stream resources (#18176)
• network-security: added trust_config, min_tls_version, tls_feature_profile and custom_tls_features fields to google_network_security_tls_inspection_policy resource (#18139)
• networkservices: made field load_balancing_scheme immutable in resource google_network_services_lb_traffic_extension, as in-place updating is always failing (#18195)
• networkservices: made required fields extension_chains.extensions.authority and extension_chains.extensions.timeout optional in resource google_network_services_lb_traffic_extension (#18195)
• networkservices: removed unsupported load balancing scheme LOAD_BALANCING_SCHEME_UNSPECIFIED from the field load_balancing_scheme in resource google_network_services_lb_traffic_extension (#18195)
• pubsub: added cloud_storage_config.filename_datetime_format field to google_pubsub_subscription resource (#18180)
• tpu: added type of accelerator_config to google_tpu_v2_vm resource (#18148)

BUG FIXES:

• monitoring: fixed a permadiff with monitored_resource.labels property in the google_monitoring_uptime_check_config resource (#18174)
• storage: fixed a bug where field autoclass block is generating permadiff whenever the block is removed from the config in google_storage_bucket resource (#18197)
• storagetransfer: fixed a permadiff with transfer_spec.0.aws_s3_data_source.0.aws_access_key resource_storage_transfer_job (#18190)

v5.30.0

FEATURES:

• New Data Source: google_cloud_asset_resources_search_all (#18129)
• New Resource: google_compute_interconnect (#18064)
• New Resource: google_network_services_lb_traffic_extension (#18138)

IMPROVEMENTS:

• compute: added kms_key_name field to google_bigquery_connection resource (#18057)
• compute: added auto_network_tier field to google_compute_router_nat resource (#18055)
• compute: promoted enable_ipv4, ipv4_nexthop_address and peer_ipv4_nexthop_address fields in google_compute_router_peer resource to GA (#18056)
• compute: promoted identifier_range field in google_compute_router resource to GA (#18056)
• compute: promoted ip_version field in google_compute_router_interface resource to GA (#18056)
• container: added KUBELET and CADVISOR options to monitoring_config.enable_components in google_container_cluster resource (#18090)
• dataproc: added local_ssd_interface to google_dataproc_cluster resource (#18137)
• dataprocmetastore: promoted google_dataproc_metastore_federation to GA (#18084)
• dlp: added cloud_sql_target field to google_data_loss_prevention_discovery_config resource (#18063)
• netapp: added FLEX value to field service_level in google_netapp_storage_pool resource (#18088)
• networksecurity: added trust_config, min_tls_version, tls_feature_profile and custom_tls_features fields to google_network_security_tls_inspection_policy resource (#18139)
• networkservices: supported in-place update for gateway_security_policy and certificate_urls fields in google_network_services_gateway resource (#18082)

BUG FIXES:

• compute: fixed a perma-diff on machine_type field in google_compute_instance resource (#18071)
• compute: fixed a perma-diff on type field in google_compute_disk resource (#18071)
• storage: fixed update issue for lifecycle_rule.condition.custom_time_before and lifecycle_rule.condition.noncurrent_time_before in google_storage_bucket resource (#18127)

v5.29.1

5.29.1 (May 14, 2024)

BREAKING CHANGES:

• compute: removed secondary_ip_range.reserved_internal_range field from google_compute_subnetwork (18133)

v5.29.0

BREAKING CHANGES:

• compute: added required reserved_internal_range subfield to reserved_internal_range in google_compute_subnetwork. This field can be set to null as an equivalent to leaving it unspecified.

NOTES:

• compute: added documentation for md5_authentication_key field in google_compute_router_peer resource. The field was introduced in v5.12.0, but documentation was unintentionally omitted at that time. (#17991)

FEATURES:

• New Resource: google_bigtable_authorized_view (#18006)
• New Resource: google_integration_connectors_managed_zone (#18029)
• New Resource: google_network_connectivity_regional_endpoint (#18014)
• New Resource: google_network_security_security_profile (#18025)
• New Resource: google_network_security_security_profile_group (#18025)
• New Resource: google_network_security_firewall_endpoint (#18025)
• New Resource: google_network_security_firewall_endpoint_association (#18025)

IMPROVEMENTS:

• clouddeploy: added custom_target field to google_clouddeploy_target resource (#18000)
• clouddeploy: added google_cloud_build_repo to custom_target_type resource (#18040)
• compute: added preconfigured_waf_config field to google_compute_region_security_policy_rule resource; (#18039)
• compute: added rate_limit_options field to google_compute_region_security_policy_rule resource; (#18039)
• compute: added security_profile_group, tls_inspect to google_compute_firewall_policy_rule (#18000)
• compute: added security_profile_group, tls_inspect to google_compute_network_firewall_policy_rule (#18000)
• compute: added fields reserved_internal_range and secondary_ip_ranges.reserved_internal_range to google_compute_subnetwork resource (#18026)
• container: added dns_config.additive_vpc_scope_dns_domain field to google_container_cluster resource (#18031)
• container: added enable_nested_virtualization field to google_container_node_pool and google_container_cluster resource. (#18015)
• iam: added extra_attributes_oauth2_client field to google_iam_workforce_pool_provider resource (#18027)
• privateca: added maximum_lifetime field to google_privateca_certificate_template resource (#18000)

v5.28.0

DEPRECATIONS:

• integrations: deprecated create_sample_workflows and provision_gmek fields in google_integrations_client. (#17945)

FEATURES:

• New Data Source: google_storage_buckets (#17960)
• New Resource: google_compute_security_policy_rule (#17937)

IMPROVEMENTS:

• alloydb: added maintenance_update_policy field to google_alloydb_cluster resource (#17954)
• bigquery: added external_dataset_reference field to google_bigquery_dataset (#17944)
• composer: enabled in-place update for config.software_config.image_version in google_composer_environment (#17986)
• container: added node_config.secondary_boot_disks field to google_container_node_pool (#17962)
• integrations: added create_sample_integrations field to google_integrations_client, replacing deprecated field create_sample_workflows. (#17945)
• redis: added redis_configs field to google_redis_cluster resource (#17956)

BUG FIXES:

• dns: fixed bug where the deletion of google_dns_managed_zone resources was blocked by any associated SOA-type google_dns_record_set resources (#17989)
• storage: fixed an issue where google_storage_bucket_object and google_storage_bucket_objects data sources would ignore custom endpoints (#17952)

v5.27.0

FEATURES:

• New Data Source: google_storage_bucket_objects (#17920)
• New Resource: google_compute_security_policy_rule (#17937)
• New Resource: google_data_loss_prevention_discovery_config (#17887)
• New Resource: google_integrations_auth_config (#17917)
• New Resource: google_network_connectivity_internal_range (#17909)

IMPROVEMENTS:

• alloydb: added network_config field to google_alloydb_instance resource (#17921)
• alloydb: added public_ip_address field to google_alloydb_instance resource (#17921)
• apigee: added forward_proxy_uri field to google_apigee_environment resource (#17902)
• bigquerydatapolicy: added data_masking_policy.routine field to google_bigquery_data_policy resource (#17885)
• compute: added server_tls_policy field to google_compute_region_target_https_proxy resource (#17934)
• logging: added intercept_children field to google_logging_organization_sink and google_logging_folder_sink resources (#17932)
• monitoring: added service_agent_authentication field to google_monitoring_uptime_check_config resource (#17929)
• privateca: added subject_key_id field to google_privateca_certificate and google_privateca_certificate_authority resources (#17923)
• secretmanager: added version_destroy_ttl field to google_secret_manager_secret resource (#17888)

BUG FIXES:

• appengine: added suppression for a diff in google_app_engine_standard_app_version.automatic_scaling when the block is unset in configuration (#17905)
• sql: fixed issues with updating the enable_google_ml_integration field in google_sql_database_instance resource (#17878)

v5.26.0

FEATURES:

• New Resource: google_project_iam_member_remove (#17871)

IMPROVEMENTS:

• apigee: added support for api_consumer_data_location, api_consumer_data_encryption_key_name, and control_plane_encryption_key_name in google_apigee_organization (#17874)
• artifactregistry: added remote_repository_config.<facade>_repository.custom_repository.uri field to google_artifact_registry_repository resource. (#17840)
• bigquery: added resource_tags field to google_bigquery_table resource (#17876)
• billing: added ownership_scope field to google_billing_budget resource (#17868)
• cloudfunctions2: added build_config.service_account field to google_cloudfunctions2_function resource (#17841)
• resourcemanager: added the field api_method to datasource google_active_folder so you can use either SEARCH or LIST to find your folder (#17877)
• storage: added labels validation to google_storage_bucket resource (#17806)

BUG FIXES:

• apigee: fixed permadiff in ordering of google_apigee_organization.properties.property. (#17850)
• cloudrun: fixed the bug that computed metadata.0.labels and metadata.0.annotations fields don't appear in terraform plan when creating resource google_cloud_run_service and google_cloud_run_domain_mapping (#17815)
• dns: fixed bug where some methods of authentication didn't work when using dns data sources (#17847)
• iam: fixed a bug that prevented setting create_ignore_already_exists on existing resources in google_service_account. (#17856)
• sql: fixed issues with updating the enable_google_ml_integration field in google_sql_database_instance resource (#17878)
• storage: added validation to name field in google_storage_bucket resource (#17858)
• vmwareengine: fixed stretched cluster creation in google_vmwareengine_private_cloud (#17875)

v5.25.0

FEATURES:

• New Data Source: google_tags_tag_keys (#17782)
• New Data Source: google_tags_tag_values (#17782)

IMPROVEMENTS:

• bigquery: added in-place schema column drop support for google_bigquery_table resource (#17777)
• compute: added endpoint_types field to google_compute_router_nat resource (#17771)
• compute: increased timeouts from 8 minutes to 20 minutes for google_compute_security_policy resource (#17793)
• compute: promoted google_compute_instance_settings to GA (#17781)
• container: added stateful_ha_config field to google_container_cluster resource (#17796)
• firestore: added vector_config field to google_firestore_index resource (#17758)
• gkebackup: added backup_schedule.rpo_config field to google_gke_backup_backup_plan resource (#17805)
• networksecurity: added disabled field to google_network_security_firewall_endpoint_association resource; (#17762)
• sql: added enable_google_ml_integration field to google_sql_database_instance resource (#17798)
• storage: added labels validation to google_storage_bucket resource (#17806)
• vmwareengine: added preferred_zone and secondary_zone fields to google_vmwareengine_private_cloud resource (#17803)

BUG FIXES:

• networksecurity: fixed an issue where google_network_security_firewall_endpoint_association resources could not be created due to a bad parameter (#17762)
• privateca: fixed permission issue by specifying signer certs chain when activating a sub-CA across regions for google_privateca_certificate_authority resource (#17783)

v5.24.0

IMPROVEMENTS:

• container: added enable_cilium_clusterwide_network_policy field to google_container_cluster resource (#17738)
• container: added node_pool_auto_config.resource_manager_tags field to google_container_cluster resource (#17715)
• gkeonprem: added disable_bundled_ingress field to google_gkeonprem_vmware_cluster resource (#17718)
• redis: added node_type and precise_size_gb fields to google_redis_cluster (#17742)
• storage: added project_number attribute to google_storage_bucket resource and data source (#17719)
• storage: added ability to provide project argument to google_storage_bucket data source. This will not impact reading the resource's data, instead this helps users avoid calls to the Compute API within the data source. (#17719)

BUG FIXES:

• appengine: fixed a crash in google_app_engine_flexible_app_version due to the deployment field not being returned by the API (#17744)
• bigquery: fixed a crash when google_bigquery_table had a primary_key.columns entry set to "" (#17721)
• compute: fixed update scenarios ongoogle_compute_region_target_https_proxy and google_compute_target_https_proxy resources. (#17733)