FEATURES:
- New Resource:
aws_cloudwatch_dashboard[GH-1172] - New Data Source:
aws_internet_gateway[GH-1196] - New Data Source:
aws_efs_mount_target[GH-1255]
IMPROVEMENTS:
- AWS SDK to log extra debug details on request errors [GH-1210]
- resource/aws_spot_fleet_request: Add support for
wait_for_fulfillment[GH-1241] - resource/aws_autoscaling_schedule: Allow empty value [GH-1268]
- resource/aws_ssm_association: Add support for OutputLocation and Schedule Expression [GH-1253]
- resource/aws_ssm_patch_baseline: Update support for Operating System [GH-1260]
- resource/aws_db_instance: Expose db_instance ca_cert_identifier [GH-1256]
- resource/aws_rds_cluster: Add support for iam_roles to rds_cluster [GH-1258]
- resource/aws_rds_cluster_parameter_group: Support > 20 parameters [GH-1298]
- data-source/aws_iam_role: Normalize the IAM role data source [GH-1330]
- resource/aws_kinesis_stream: Increase Timeouts, add Timeout Support [GH-1345]
BUG FIXES:
- resource/aws_instance: Guard check for aws_instance UserData to prevent panic [GH-1288]
- resource/aws_config: Set AWS Config Configuration recorder & Delivery channel names as ForceNew [GH-1247]
- resource/aws_cloudtrail: Retry if IAM role isn't propagated yet [GH-1312]
- resource/aws_cloudtrail: Fix CloudWatch role ARN/group updates [GH-1357]
- resource/aws_eip_association: Avoid crash in EC2 Classic [GH-1344]
- resource/aws_elasticache_parameter_group: Allow removing parameters [GH-1309]
- resource/aws_kinesis: add retries for Kinesis throttling exceptions [GH-1085]
- resource/aws_kinesis_firehose: adding support for
ExtendedS3DestinationConfiguration[GH-1015] - resource/aws_spot_fleet_request: Ignore empty
key_name[GH-1203] - resource/aws_emr_instance_group: fix crash when changing
instance_group.count[GH-1287] - resource/aws_elasticsearch_domain: Fix updating config when update doesn't involve EBS [GH-1131]
- resource/aws_s3_bucket: Avoid crashing when no lifecycle rule is defined [GH-1316]
- resource/elastic_transcoder_preset: Fix provider validation [GH-1338]
- resource/aws_s3_bucket: Avoid crashing when
filteris not set [GH-1350]
FEATURES:
- New Data Source:
aws_iam_instance_profile(#1024) - New Data Source:
aws_alb_target_group(#1037) - New Data Source:
aws_iam_group(#1140) - New Resource:
aws_api_gateway_request_validator(#1064) - New Resource:
aws_api_gateway_gateway_response(#1168) - New Resource:
aws_iot_policy(#986) - New Resource:
aws_iot_certificate(#1225)
IMPROVEMENTS:
- resource/aws_sqs_queue: Add support for Server-Side Encryption (#962)
- resource/aws_vpc: Add support for classiclink_dns_support (#1079)
- resource/aws_lambda_function: Add support for lambda_function vpc_config update (#1080)
- resource/aws_lambda_function: Add support for lambda_function dead_letter_config update (#1080)
- resource/aws_route53_health_check: add support for health_check regions (#1116)
- resource/aws_spot_instance_request: add support for request launch group (#1097)
- resource/aws_rds_cluster_instance: Export the RDI Resource ID for the instance (#1142)
- resource/aws_sns_topic_subscription: Support password-protected HTTPS endpoints (#861)
BUG FIXES:
- provider: Remove assumeRoleHash (#1227)
- resource/aws_ami: Retry on
InvalidAMIID.NotFound(#1035) - resource/aws_iam_server_certificate: Fix restriction on length of
name_prefix(#1217) - resource/aws_autoscaling_group: Fix handling of empty
vpc_zone_identifier(EC2 classic & default VPC) (#1191) - resource/aws_ecr_repository_policy: Add retry logic to work around IAM eventual consistency (#1165)
- resource/aws_ecs_service: Fixes normalization issues in placement_strategy (#1025)
- resource/aws_eip: Retry reading EIPs on creation (#1053)
- resource/aws_elastic_beanstalk_environment: Avoid spurious diffs of JSON-based
settings (#901) - resource/aws_opsworks_permission: Fix 'set permissions' failing to set ssh access (#1038)
- resource/aws_s3_bucket_notification: Fix missing
bucketfield after import (#978) - resource/aws_sfn_state_machine: Handle another NotFound exception type (#1062)
- resource/aws_ssm_parameter: ForceNew on ssm_parameter rename (#1022)
- resource/aws_instance: Update SourceDestCheck modification on new resources (#1065)
- resource/aws_spot_instance_request: fixed and issue with network interfaces configuration (#1070)
- resource/aws_rds_cluster: Modify RDS Cluster after restoring from snapshot, if required (#926)
- resource/aws_kms_alias: Retry lookups after creation (#1040)
- resource/aws_internet_gateway: Retry deletion properly on
DependencyViolation(#1021) - resource/aws_elb: Cleanup ENIs after deleting ELB (#1036)
- resource/aws_kms_key: Retry lookups after creation (#1039)
- resource/aws_dms_replication_instance: Add modifying as a pending creation state (#1114)
- resource/aws_redshift_cluster: Trigger ForceNew aws_redshift_cluster on encrypted change (#1120)
- resource/aws_default_network_acl: Add support for ipv6_cidr_block (#1113)
- resource/aws_autoscaling_group: Suppress diffs when an empty set is specified for
availability_zones(#1190) - resource/aws_vpc: Ignore ClassicLink DNS support in unsupported regions (#1176)
- resource/elastic_beanstalk_configuration_template: Handle missing platform (#1222)
- r/elasticache_parameter_group: support more than 20 parameters (#1221)
- data-source/aws_db_instance: Fix the output of subnet_group_name (#1141)
- data-source/aws_iam_server_certificate: Fix restriction on length of
name_prefix(#1217)
FEATURES:
IMPROVEMENTS:
- Added ability to change the deadline for the EC2 metadata API endpoint (#950)
- resource/aws_api_gateway_integration: Add support for specifying cache key parameters (#893)
- resource/aws_cloudwatch_event_target: Add ecs_target (#977)
- resource/aws_vpn_connection: Add BGP related information on aws_vpn_connection (#973)
- resource/aws_cloudformation_stack: Add timeout support (#994)
- resource/aws_ssm_parameter: Add support for ssm parameter overwrite (#1006)
- resource/aws_codebuild_project: Add support for environment privileged_mode [GH1009]
- resource/aws_dms_endpoint: Add support for dynamodb as an endpoint target (#1002)
- resource/aws_s3_bucket: Support lifecycle tags filter (#899)
- resource/aws_s3_bucket_object: Allow to set WebsiteRedirect on S3 object (#1020)
BUG FIXES:
- resource/aws_waf: Only set FieldToMatch.Data if not empty (#953)
- resource/aws_elastic_beanstalk_application_version: Scope labels to application (#956)
- resource/aws_s3_bucket: Allow use of
days = 0with lifecycle transition (#957) - resource/aws_ssm_maintenance_window_task: Make task_parameters updateable on aws_ssm_maintenance_window_task resource (#965)
- resource/aws_kinesis_stream: don't force stream destroy on shard_count update (#894)
- resource/aws_cloudfront_distribution: Remove validation from custom_origin params (#987)
- resource_aws_route53_record: Allow import of Route 53 records with underscores in the name (#14717)
- d/aws_db_snapshot: Id was being set incorrectly (#992)
- resource/aws_spot_fleet_request: Raise the create timeout to be 10m (#993)
- d/aws_ecs_cluster: Add ARN as an exported param for aws_ecs_cluster (#991)
- resource/aws_ebs_volume: Not setting the state for ebs_volume correctly (#999)
- resource/aws_network_acl: Make action in ingress / egress case insensitive (#1000)
BUG FIXES:
- Fixing malformed ARN attribute for aws_security_group data source (#910)
BACKWARDS INCOMPATIBILITIES / NOTES:
FEATURES:
- New Resource:
aws_vpn_gateway_route_propagation[#15137](hashicorp/terraform#15137)
IMPROVEMENTS:
- resource/ebs_snapshot: Add support for tags (#3)
- resource/aws_elasticsearch_domain: now retries on IAM role association failure (#12)
- resource/codebuild_project: Increase timeout for creation retry (IAM) (#904)
- resource/dynamodb_table: Expose stream_label attribute (#20)
- resource/opsworks: Add support for configurable timeouts in AWS OpsWorks Instances. (#857)
- Fix handling of AdRoll's hologram clients (#17)
- resource/sqs_queue: Add support for name_prefix to aws_sqs_queue (#855)
- resource/iam_role: Add support for iam_role tp force_detach_policies (#890)
BUG FIXES:
- fix aws cidr validation error [#15158](hashicorp/terraform#15158)
- resource/elasticache_parameter_group: Retry deletion on InvalidCacheParameterGroupState (#8)
- resource/security_group: Raise creation timeout (#9)
- resource/rds_cluster: Retry modification on InvalidDBClusterStateFault (#18)
- resource/lambda: Fix incorrect GovCloud regexes (#16)
- Allow ipv6_cidr_block to be assigned to peering_connection (#879)
- resource/rds_db_instance: Correctly create cross-region encrypted replica (#865)
- resource/eip: dissociate EIP on update (#878)
- resource/iam_server_certificate: Increase deletion timeout (#907)