v3.65.0

FEATURES:

• New Data Source: aws_key_pair (#15829)
• New Resource: aws_cloudfront_field_level_encryption_config (#15033)
• New Resource: aws_cloudfront_field_level_encryption_profile (#12509)
• New Resource: aws_docdb_global_cluster (#20978)
• New Resource: aws_s3_bucket_intelligent_tiering_configuration (#20329)

ENHANCEMENTS:

• resource/aws_batch_job_queue: Remove limit of 3 items from the compute_environments argument (#21737)
• resource/aws_cloudfront_function: Add live_etag_version attribute (#19697)
• resource/aws_datasync_s3_location: Add validation to agent_arns, s3_bucket_arn and s3_config.bucket_access_role_arn arguments (#21661)
• resource/aws_docdb_cluster: Add global_cluster_identifier argument (#20978)
• resource/aws_ebs_encryption_by_default: Add import support (#21717)

BUG FIXES:

• data-source/aws_network_interface: Correctly set attachment attribute (#21542)
• data-source/aws_route: Fix lack of pagination when describing route tables (#21710)
• resource/aws_cloudfront_cache_policy: Fix assorted crashes (#12509)
• resource/aws_cloudfront_cache_policy: The parameters_in_cache_key_and_forwarded_to_origin argument is required (#12509)
• resource/aws_cloudfront_function: The etag attribute always the DEVELOPMENT version's value (#19697)
• resource/aws_cloudfront_origin_request_policy: Fix assorted crashes (#12509)
• resource/aws_default_route_table: Fix lack of pagination when describing route tables (#21710)
• resource/aws_eks_node_group: Respect order of configured instance_types (#21404)
• resource/aws_elasticsearch_domain: Fix tagging on creation (#21738)
• resource/aws_internet_gateway: Retry resource read after creation to deal with EC2 API eventual consistency (#21542)
• resource/aws_route_table: Fix lack of pagination when describing route tables (#21710)
• resource/aws_route_table_association: Fix lack of pagination when describing route tables (#21710)
• resource/aws_security_group_rule: Fix resource import for rules with icmp or icmpv6 protocol (#21163)
• resource/aws_servicecatalog_provisioned_product: Allow empty values in provisioning parameters (#21669)

v3.64.2

BUG FIXES:

• provider: Additional fixes to allow setting endpoints with non-standard, legacy keys. (#21657)

v3.64.1

BUG FIXES:

• provider: Fix bug preventing custom endpoints from being set (#21639)
• provider: Fix bug preventing proper assignment of custom endpoints (#21641)

v3.64.0

FEATURES:

• New Data Source: aws_cloudfront_response_headers_policy (#21620)
• New Data Source: aws_iam_user_ssh_key (#21335)
• New Resource: aws_backup_vault_lock_configuration (#21315)
• New Resource: aws_cloudfront_response_headers_policy (#21620)
• New Resource: aws_kms_replica_external_key (#20533)
• New Resource: aws_kms_replica_key (#20533)
• New Resource: aws_prometheus_alert_manager_definition (#21431)
• New Resource: aws_prometheus_rule_group_namespace (#21470)

ENHANCEMENTS:

• data-source/aws_kms_key: Add multi_region and multi_region_configuration attributes (#20533)
• data-source/aws_launch_template: Add network_card_index attribute to network_interfaces configuration block (#21555)
• data-source/aws_network_interface: Add arn attribute (#21265)
• data-source/aws_s3_bucket: Return hosted_zone_id attribute for cn-northwest-1 (Ningxia) region (#21337)
• resource/aws_apigateway_usage_plan : Add throttle argument for api_stages block. (#21461)
• resource/aws_batch_compute_environment: Add ec2_configuration argument to compute_resources configuration block (#21565)
• resource/aws_cloudfront_distribution: Add response_headers_policy_id argument to default_cache_behavior configuration block (#21620)
• resource/aws_cloudfront_distribution: Add response_headers_policy_id argument to ordered_cache_behavior configuration block (#21620)
• resource/aws_dms_endpoint: Add include_transaction_details, include_partition_value, partition_include_schema_table, include_table_alter_operations, include_control_details and include_null_and_empty arguments to kinesis_settings configuration block (#20084)
• resource/aws_eks_node_group: Support for BOTTLEROCKET_ARM_64 and BOTTLEROCKET_x86_64 ami_type argument values (#21616)
• resource/aws_glue_crawler: Add dlq_event_queue_arn and event_queue_arn arguments to the s3_target configuration block (#21467)
• resource/aws_glue_data_catalog_encryption_settings: Disable encryption on resource deletion (#21452)
• resource/aws_kinesisanalyticsv2_application: runtime_environment now supports FLINK-1_13 (#21341)
• resource/aws_kms_external_key: Add multi_region argument (#20533)
• resource/aws_kms_key: Add multi_region argument (#20533)
• resource/aws_launch_template: Add network_card_index argument to network_interfaces configuration block (#21555)
• resource/aws_network_interface: Add arn and owner_id attributes (#21265)
• resource/aws_network_interface: Add ipv4_prefix, ipv4_prefix_count, ipv6_prefix and ipv6_prefix_count arguments (#21265)
• resource/aws_route53_key_signing_key: Deactivate key-signing key with ACTION_NEEDED status before deletion (#21369)
• resource/aws_s3_bucket: Add metrics and replication_time arguments to replication_configuration.rules configuration block to support Amazon S3 Replication Time Control (#21176)
• resource/aws_s3_bucket: Return hosted_zone_id attribute for cn-northwest-1 (Ningxia) region (#21337)
• resource/aws_storage_gateway_nfs_file_share: Add audit_destination_arn argument. (#21482)

BUG FIXES:

• aws/resource_aws_lex_slot_type: Correctly determine version attribute (#21509)
• resource/aws_cloudwatch_metric_alarm: Fix imported 'treat_missing_data' diff (#21363)
• resource/aws_codedeploy_deployment_group: Correctly update deployment_group_name argument (#21362)
• resource/aws_db_event_subscription: Fix adding new event_categories to existing resource (#21338)
• resource/aws_flow_log: parameters of destination_options block now properly force resource rebuild (#21434)
• resource/aws_kinesisanalyticsv2_application: Correctly update run_configuration argument (#21303)
• resource/aws_placement_group: partition_count argument is Computed, preventing spurious resource diffs (#21555)

v3.63.0

FEATURES:

• New Resource: aws_chime_voice_connector_termination_credentials (#21162)
• New Resource: aws_glue_partition_index (#21234)
• New Resource: aws_sagemaker_model_package_group_policy (#21250)

ENHANCEMENTS:

• data-source/aws_instance: Add placement_partition_number attribute (#7777)
• data-source/glue_connection: Add tagging support. (#21226)
• resource/aws_flow_log: Add destination_options argument to support Apache Parquet, Hive-compatible prefixes and hourly partitioned files (#21285)
• resource/aws_glue_resource_policy: Add enable_hybrid argument. (#21239)
• resource/aws_instance: Add placement_partition_number argument (#7777)
• resource/aws_placement_group: Add partition_count argument (#15360)
• resource/aws_rds_cluster: Add db_instance_parameter_group_name attribute to allow major version upgrade using custom parameter groups (#17111)
• resource/aws_rds_cluster: Add enable_global_write_forwarding attribute (#17111)
• resource/glue_connection: Add tagging support. (#21226)
• resource/rds_cluster_instance: Add performance_insights_retention_period attribute (#17111)

BUG FIXES:

• resource/aws_glue_catalog_table: change partition_index.keys to list instead of set (#21234)
• resource/aws_imagebuilder_distribution_configuration: remove hard limit on distribution target accounts (#21254)
• resource/aws_rds_cluster: Add possible pending states for cluster update (#17111)
• resource/aws_rds_cluster_instance: Remove force new resource on the engine_version parameter to allow upgrade without remove instances (#17111)
• resource/glue_catalog_table: Ignore not exists errors on delete (#21227)

v3.62.0

FEATURES:

• New Resource: aws_dx_connection_confirmation (#16489)
• New Resource: aws_dx_hosted_connection (#16489)

ENHANCEMENTS:

• resource/aws_cloudformation_stack_set_instance: Add deployment_targets organizational_unit_ids argument (#21193)
• resource/aws_db_instance: Add replica_mode argument (#17991)
• resource/aws_default_route_table: Add custom timeouts block (#21161)
• resource/aws_dms_endpoint: Add message_format, include_transaction_details, include_partition_value, partition_include_schema_table, include_table_alter_operations, include_control_details, message_max_bytes, include_null_and_empty, security_protocol, ssl_client_certificate_arn, ssl_client_key_arn, ssl_client_key_password, ssl_ca_certificate_arn, sasl_username, sasl_password and no_hex_prefix arguments to kafka_settings configuration block (#20904)
• resource/aws_dms_endpoint: Add plan time validation for mongodb_settings.auth_type, mongodb_settings.auth_mechanism, mongodb_settings.nesting_level and s3_settings.compression_type arguments (#21174)
• resource/aws_dms_endpoint: Added missing engine_name values for sources and/or targets (#21174)
• resource/aws_dms_replication_task: Add cdc_start_position argument (#21201)
• resource/aws_dx_lag: Add connection_id argument (#16489)
• resource/aws_emr_cluster: Add log_encryption_kms_key_id argument (#17706)
• resource/aws_lex_bot: Added waiter support to account for BUILDING status (#21122)
• resource/aws_route_table: Add custom timeouts block (#21161)
• resource/aws_volume_attachment: Add stop_instance_before_detaching argument (#21144)
• resource/aws_vpn_gateway_route_propagation: Add custom timeouts block (#21161)

BUG FIXES:

• aws/resource_aws_lex_bot: Correctly determine version attribute (#20383)
• aws/resource_aws_lex_intent: Correctly determine version attribute (#20383)
• resource/aws_appstream_fleet: More error validation in waiter (#21125)
• resource/aws_appstream_stack: More error validation in waiter (#21125)
• resource/aws_autoscalingplans_scaling_plan: Fix updates to scaling_instruction argument (#17987)
• resource/aws_elasticache_replication_group: Properly updates tags on Replication Group member clusters when scaling up (#21185)
• resource/aws_elasticache_replication_group: Properly updates tags on the Replication Group in addition to the member clusters (#21185)
• resource/aws_lb_target_group: Handle attributes at creation: deregistration_delay, load_balancing_algorithm_type, preserve_client_ip, proxy_protocol_v2, slow_start, stickiness, and lambda_multi_value_headers_enabled (#21187)
• resource/aws_route: Use custom timeouts values (#21161)
• resource/aws_ses_configuration_set: Fix ARN (#21188)

v3.61.0

FEATURES:

New Data Source: aws_cloudcontrolapi_resource (#21110)
New Data Source: aws_db_proxy (#21053)
New Data Source: aws_ec2_host (#10817)
New Data Source: aws_kinesis_firehose_delivery_stream (#18445)
New Data Source: aws_ssm_parameters_by_path (#9615)
New Resource: aws_appstream_image_builder (#21036)
New Resource: aws_cloudcontrolapi_resource (#21110)
New Resource: aws_ec2_host (#10817)
New Resource: aws_iot_authorizer (#14671)
New Resource: aws_quicksight_data_source (#20710)
New Resource: aws_redshift_scheduled_action (#13474)
New Resource: aws_sagemaker_studio_lifecycle_config (#21041)
ENHANCEMENTS:

data-source/aws_lambda_function: Add support for Graviton2 with architectures attribute (#21091)
data-source/aws_lambda_layer_version: Add support for Graviton2 with compatible_architectures attribute (#21091)
provider: Add parameter http_proxy to provider configuration (#21077)
resource/aws_lambda_function: Add support for Graviton2 with architectures argument (#21091)
resource/aws_lambda_layer_version: Add support for Graviton2 with compatible_architectures argument (#21091)
resource/aws_sagemaker_app_image_config: Add tagging support. (#21037)
resource/aws_sagemaker_domain: Add default_user_settings.jupyter_server_app_settings.lifecycle_config_arns and default_user_settings.kernel_gateway_app_settings.lifecycle_config_arns arguments (#21041)
resource/aws_user_profile: Add user_settings.jupyter_server_app_settings.lifecycle_config_arns and user_settings.kernel_gateway_app_settings.lifecycle_config_arns arguments (#21041)
BUG FIXES:

resource/aws_dx_connection: Mark provider_name as Computed to avoid resource recreation with pre-v3.56.0 configurations (#21085)
resource/aws_dx_lag: Mark provider_name as Computed to avoid resource recreation with pre-v3.56.0 configurations (#21085)
resource/aws_route_table_association: Wait for up to 40 not found checks when creating a new route table association (#21062)

v3.60.0

FEATURES:

• New Data Source: aws_cloudfront_log_delivery_canonical_user_id (#15167)
• New Data Source: aws_cloudwatch_log_groups (#17151)
• New Data Source: aws_connect_contact_flow (#16854)
• New Data Source: aws_connect_instance (#16709)
• New Data Source: aws_iam_users (#20877)
• New Data Source: aws_msk_broker_nodes (#20615)
• New Data Source: aws_msk_kafka_version (#20638)
• New Resource: aws_appstream_fleet (#20543)
• New Resource: aws_chime_voice_connector_streaming (#20933)
• New Resource: aws_connect_contact_flow (#16854)
• New Resource: aws_connect_instance (#16709)
• New Resource: aws_ec2_managed_prefix_list_entry (#19394)
• New Resource: aws_fsx_ontap_filesystem (#20951)
• New Resource: aws_sagemaker_flow_definition (#20825)

ENHANCEMENTS:

• data-source/efs_file_system: Add transition_to_primary_storage_class to lifecycle_policy. (#20971)
• resource/aws_msk_cluster: Add zookeeper_connect_string_tls attribute (#15661)
• resource/aws_msk_cluster: Configurable Create, Update and Delete timeouts (#17726)

BUG FIXES:

• data-source/aws_launch_template: Fix error setting metadata_options (#21008)
• resource/aws_cognito_user_pool: Fix removal of lambda_config (#20952)
• resource/aws_msk_cluster: Don't recreate cluster if order of broker_node_group_info.client_subnets or broker_node_group_info.security_groups entries change (#14627)
• resource/efs_file_system: Allow multiple lifecycle policies. (#20971)

v3.59.0

FEATURES:

• New Data Source: aws_eks_clusters (#20315)
• New Data Source: aws_eks_node_group (#13564)
• New Data Source: aws_eks_node_groups (#13564)
• New Resource: aws_chime_voice_connector_logging (#20863)
• New Resource: aws_transfer_access (#20342)

ENHANCEMENTS:

• resource/aws_cloudtrail: Add advanced_event_selector argument (#19368)
• resource/aws_config_delivery_channel: Add s3_kms_key_arn argument (#20600)
• resource/aws_ec2_client_vpn_endpoint: Add self_service_portal and authentication_options.self_service_saml_provider_arn arguments to support self-service portal (#17897)
• resource/aws_ec2_managed_prefix_list: allow updating max_entries. (#20797)
• resource/aws_efs_file_system: Add lifecycle_policy.transition_to_primary_storage_class argument to support Intelligent-Tiering (#20874)
• resource/aws_efs_file_system_policy: Add bypass_policy_lockout_safety_check argument (#20838)
• resource/aws_iam_role: Add plan time validation for path, permissions_boundary, managed_policy_arns. (#19532)
• resource/aws_iam_role: Retry assume_role_policy updates for IAM eventual consistency (#12436)
• resource/aws_iam_role: name_prefix is now Computed (#20785)
• resource/aws_launch_template: add plan time validation to spot_options.block_duration_minutes (#20796)
• resource/aws_launch_template: add support for http_protocol_ipv6 to metadata_options. (#20796)
• resource/aws_mwaa_environment: Increase resource creation timeout to 2 hours (#20861)
• resource/aws_route53_health_check: Add plan time validation for regions (#20795)
• resource/aws_sagemaker_endpoint_configuration: Add async_inference_config argument (#20809)
• resource/aws_transfer_server: Add directory_id argument to support Microsoft Active Directory (AD) authentication (#20342)

BUG FIXES:

• resource/aws_cognito_user_pool: Fix continual diff on email_configuration.configuration_set (#20791)
• resource/aws_db_instance: Fix updating license_model. (#20779)
• resource/aws_iam_role: Change name_prefix validation to a range of 1 to 38 characters (#20785)
• resource/aws_imagebuilder_distribution_configuration: Improve validation error message of name argument (#20842)
• resource/aws_kms_key: Extends timeouts for policy and tag propagation to 5 minutes each (#20914)
• resource/aws_route53_health_check: Fix update for ip_address (#20795)

v3.58.0

FEATURES:

• New Resource: aws_chime_voice_connector_origination (#20676)
• New Resource: aws_chime_voice_connector_termination (#20667)
• New Resource: aws_quicksight_group_membership (#20687)