v6.6.0

FEATURES:

• New Resource: google_dataproc_batch (#8306)
• New Resource: google_healthcare_pipeline_job (#8330)
• New Resource: google_site_verification_owner (#8287)

IMPROVEMENTS:

• assuredworkloads: added HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS and HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT enum values to compliance_regime in the google_assured_workloads_workload resource (#8326)
• compute: added bgp_best_path_selection_mode ,bgp_bps_always_compare_med and bgp_bps_inter_region_cost fields to google_compute_network resource (#8321)
• compute: added next_hop_origin ,next_hop_med and next_hop_inter_region_cost output fields to google_compute_route resource (#8321)
• compute: added enum STATEFUL_COOKIE_AFFINITY and strong_session_affinity_cookie field to google_compute_backend_service and google_compute_region_backend_service resource (#8296)
• compute: added TDX instance option for confidential_instance_type in google_compute_instance (#8320)
• containeraws: added kubelet_config field group to the google_container_aws_node_pool resource (#8326)
• dataproc: switched to the v1 API for google_dataproc_autoscaling_policy resource (#8306)
• pubsub: added GCS ingestion settings and platform log settings to google_pubsub_topic resource (#8298)
• sourcerepo: added create_ignore_already_exists field to google_sourcerepo_repository resource (#8329)
• sql: added in-place update support for settings.time_zone in google_sql_database_instance resource (#8293)
• tags: increased maximum accepted input length for the short_name field in google_tags_tag_key and google_tags_tag_value resources (#8324)

BUG FIXES:

• bigquery: fixed google_bigquery_dataset_iam_member to be able to delete itself and overwrite the existing iam members for bigquery dataset keeping the authorized datasets as they are. (#8304)
• bigquery: fixed an error which could occur with service account field values containing non-lower-case characters in google_bigquery_dataset_access (#8319)
• compute: fixed an issue where the boot_disk.initialize_params.resource_policies field in google_compute_instance forced a resource recreation when used in combination with google_compute_disk_resource_policy_attachment (#8309)
• compute: fixed the issue that labels was not set when creating the resource google_compute_interconnect (#8284)
• tags: removed google_tags_location_tag_binding resource from the Terraform state when its parent resource has been removed outside of Terraform (#8310)
• workbench: fixed a bug in the google_workbench_instance resource where the removal of labels was not functioning as expected. (#8280)

v6.5.0

DEPRECATIONS:

• compute: deprecated macsec.pre_shared_keys.fail_open field in google_compute_interconnect resource. Use the new macsec.fail_open field instead (#8245)

FEATURES:

• New Data Source: google_compute_region_instance_group_manager (#8259)
• New Data Source: google_privileged_access_manager_entitlement (#8253)
• New Data Source: google_secret_manager_regional_secret_version_access (#8220)
• New Data Source: google_secret_manager_regional_secret_version (#8209)
• New Data Source: google_secret_manager_regional_secrets (#8217)
• New Resource: google_compute_region_network_firewall_policy_with_rules (#8225)
• New Resource: google_compute_router_nat_address (#8227)
• New Resource: google_logging_log_scope (#8235)

IMPROVEMENTS:

• apigee: added activate field to google_apigee_nat_address resource (#8261)
• bigquery: added biglake_configuration field to google_bigquery_table resource to support BigLake Managed Tables (#8221)
• cloudrun: added node_selector field to google_cloud_run_service resource (#8216)
• cloudrunv2: added node_selector field to google_cloud_run_v2_service resource (#8216)
• compute: added existing_reservations field to google_compute_region_commitment resource (#8256)
• compute: added host_error_timeout_seconds field to google_compute_instance resource (#8252)
• compute: added hostname field to google_compute_instance data source (#8268)
• compute: added initial_nat_ip field to google_compute_router_nat resource (#8227)
• compute: added macsec.fail_open field to google_compute_interconnect resource (#8245)
• compute: added SUSPENDED as a possible value to desired_state field in google_compute_instance resource (#8257)
• compute: added import support for projects/{{project}}/meta-data/{{key}} format for google_compute_project_metadata_item resource (#8274)
• compute: marked customer_name and location fields as optional in google_compute_interconnect resource to support cross cloud interconnect (#8279)
• container: added linux_node_config.hugepages_config field to google_container_node_pool resource (#8210)
• looker: added psc_enabled and psc_config fields to google_looker_instance resource (#8211)
• networkconnectivity: added include_import_ranges field to google_network_connectivity_spoke resource for linked_vpn_tunnels, linked_interconnect_attachments and linked_router_appliance_instances (#8215)
• secretmanagerregional: added version_aliases field to google_secret_manager_regional_secret resource (#8209)
• workbench: increased create timeout to 20 minutes for google_workbench_instance resource (#8228)

BUG FIXES:

• bigquery: fixed in-place update of google_bigquery_table resource when external_data_configuration.schema field is set (#8234)
• bigquerydatapolicy: fixed permadiff on policy_tag field in google_bigquery_datapolicy_data_policy resource (#8239)
• composer: fixed storage_config.bucket field to support a bucket name with or without "gs://" prefix (#8229)
• container: added support for setting addons_config.gcp_filestore_csi_driver_config and enable_autopilot in the same google_container_cluster (#8260)
• container: fixed node_config.kubelet_config updates in google_container_cluster resource (#8238)
• container: fixed a bug where specifying node_pool_defaults.node_config_defaults with enable_autopilot = true would cause google_container_cluster resource creation failure (#8223)
• workbench: fixed a bug in the google_workbench_instance resource where the removal of labels was not functioning as expected (#8280)

v6.4.0

DEPRECATIONS:

• securitycenterv2: deprecated google_scc_v2_organization_scc_big_query_exports. Use google_scc_v2_organization_scc_big_query_export instead. (#8166)

FEATURES:

• New Data Source: google_secret_manager_regional_secret_version (#8209)
• New Data Source: google_secret_manager_regional_secret (#8189)
• New Resource: google_compute_firewall_policy_with_rules (#8181)
• New Resource: google_database_migration_service_migration_job (#8187)
• New Resource: google_discovery_engine_target_site (#8174)
• New Resource: google_healthcare_workspace (#8179)
• New Resource: google_scc_folder_scc_big_query_export (#8183)
• New Resource: google_scc_organization_scc_big_query_export (#8172)
• New Resource: google_scc_project_scc_big_query_export (#8173)
• New Resource: google_scc_v2_organization_scc_big_query_export (#8166)
• New Resource: google_secret_manager_regional_secret_version (#8199)
• New Resource: google_secret_manager_regional_secret (#8170)
• New Resource: google_site_verification_web_resource (#8180)
• New Resource: google_spanner_backup_schedule (#8160)

IMPROVEMENTS:

• alloydb: added enable_outbound_public_ip field to google_alloydb_instance resource (#8156)
• apigee: added in-place update for consumer_accept_list field in google_apigee_instance resource (#8155)
• compute: added interface field to google_compute_attached_disk resource (#8154)
• compute: added in-place update in google_compute_interconnect resource except for remote_location and requested_features fields (#8203)
• filestore: added deletion_protection_enabled and deletion_protection_reason fields to google_filestore_instance resource (#8158)
• looker: added fips_enabled field to google_looker_instance resource (#8206)
• metastore: added deletion_protection field to google_dataproc_metastore_service resource (#8200)
• netapp: added allow_auto_tiering field to google_netapp_storage_pool resource (#8163)
• netapp: added tiering_policy field to google_netapp_volume resource (#8163)
• secretmanagerregional: added version_aliases field to google_secret_manager_regional_secret resource (#8209)
• spanner: added edition field to google_spanner_instance resource (#8160)

BUG FIXES:

• compute: fixed a permadiff on iap field in google_compute_backend and google_compute_region_backend resources (#8204)
• container: fixed a bug where specifying node_pool_defaults.node_config_defaults with enable_autopilot = true will cause google_container_cluster resource creation failure (#8223)
• container: fixed a permadiff on node_config.gcfs_config field in google_container_cluster and google_container_node_pool resources (#8207)
• container: fixed the in-place update for node_config.gcfs_config in google_container_cluster and google_container_node_pool resources (#8207)
• container: made node_config.kubelet_config.cpu_manager_policy field optional to fix its update in google_container_cluster resource (#8171)
• dns: fixed a permadiff on dnssec_config field in google_dns_managed_zone resource (#8165)
• pubsub: allowed filter field to contain line breaks in google_pubsub_subscription resource (#8161)

v5.44.1

NOTES:

• 5.44.1 is a backport release, intended to pull in critical container improvements and fixes for issues introduced in 5.44.0

IMPROVEMENTS:

• container: added in-place update support for gcfs_config in in google_container_cluster and google_container_node_pool (#8101) (#8207)

BUG FIXES:

• container: fixed a permadiff on gcfs_config in google_container_cluster and google_container_node_pool (#8207)
• container: fixed a bug where specifying node_pool_defaults.node_config_defaults with enable_autopilot = true will cause google_container_cluster resource creation failure. (#8223)

v6.3.0

FEATURES:

• New Data Source: google_bigquery_tables (#8130)
• New Resource: google_compute_network_firewall_policy_with_rules (#8118)
• New Resource: google_developer_connect_connection (#8150)
• New Resource: google_developer_connect_git_repository_link (#8150)
• New Resource: google_memorystore_instance (#8126)

IMPROVEMENTS:

• compute: added connected_endpoints.consumer_network and connected_endpoints.psc_connection_id fields to google_compute_service_attachment resource (#8148)
• compute: added propagated_connection_limit and connected_endpoints.propagated_connection_count fields to google_compute_service_attachment resource (#8148)
• compute: added field http_keep_alive_timeout_sec to google_region_compute_target_http_proxy and google_region_compute_target_http_proxy resources (#8151)
• compute: added support for boot_disk.initialize_params.resource_policies in google_compute_instance and google_instance_template (#8134)
• container: added storage_pools to node_config in google_container_cluster and google_container_node_pool (#8146)
• containerattached: added security_posture_config field to google_container_attached_cluster resource (#8137)
• netapp: added large_capacity and multiple_endpoints to google_netapp_volume resource (#8116)
• resourcemanager: added tags field to google_folder to allow setting tags for folders at creation time (#8113)

BUG FIXES:

• compute: setting network_ip to "" will no longer cause diff and will be treated the same as null (#8128)
• dataproc: updated google_dataproc_cluster to protect against handling nil kerberos_config values (#8129)
• dns: added a mutex to google_dns_record_set to prevent conflicts when multiple resources attempt to operate on the same record set (#8139)
• managedkafka: added 5 second wait post google_managed_kafka_topic creation to fix eventual consistency errors (#8149)

v5.44.0

NOTES:

• 5.44.0 is a backport release, intended to pull in critical container improvements from 6.2.0

IMPROVEMENTS:

• container: added insecure_kubelet_readonly_port_enabled to node_pool.node_config.kubelet_config and node_config.kubelet_config in google_container_node_pool resource. (#8071)
• container: added insecure_kubelet_readonly_port_enabled to node_pool_defaults.node_config_defaults, node_pool.node_config.kubelet_config, and node_config.kubelet_config in google_container_cluster resource. (#8071)
• container: added node_pool_auto_config.node_kublet_config.insecure_kubelet_readonly_port_enabled field to google_container_cluster. (#8076)

v6.2.0

FEATURES:

• New Data Source: google_certificate_manager_certificates (#8099)
• New Resource: google_backup_dr_backup_vault (#8083)
• New Resource: google_scc_v2_folder_scc_big_query_export (#8079)
• New Resource: google_scc_v2_project_scc_big_query_export (#8070)

IMPROVEMENTS:

• assuredworkload: added field partner_service_billing_account to google_assured_workloads_workload (#8097)
• bigtable: added support for column_family.type in google_bigtable_table (#8069)
• cloudrunv2: added template.service_mesh to google_cloud_run_v2_service (#8096)
• compute: added boot_disk.interface field to google_compute_instance resource (#8075)
• container: added node_pool_auto_config.node_kublet_config.insecure_kubelet_readonly_port_enabled field to google_container_cluster. (#8076)
• container: added insecure_kubelet_readonly_port_enabled to node_pool.node_config.kubelet_config and node_config.kubelet_config in google_container_node_pool resource. (#8071)
• container: added insecure_kubelet_readonly_port_enabled to node_pool_defaults.node_config_defaults, node_pool.node_config.kubelet_config, and node_config.kubelet_config in google_container_cluster resource. (#8071)
• container: added support for in-place updates for google_compute_node_pool.node_config.gcfs_config and google_container_cluster.node_config.gcfs_cluster and google_container_cluster.node_pool.node_config.gcfs_cluster (#8101)
• iambeta: added x509 field to google_iam_workload_identity_pool_provider resource (#8110)
• networkconnectivity: added include_export_ranges to google_network_connectivity_spoke (#8088)
• pubsub: added cloud_storage_config.max_messages and cloud_storage_config.avro_config.use_topic_schema fields to google_pubsub_subscription resource (#8086)
• redis: added the maintenance_policy field to the google_redis_cluster resource (#8087)
• resourcemanager: added tags field to google_project to allow setting tags for projects at creation time (#8091)
• securitycenter: added support for empty streaming_config.filter values in google_scc_notification_config resources (#8105)

BUG FIXES:

• compute: fixed google_compute_interconnect to support correct available_features option of IF_MACSEC (#8082)
• compute: fixed a bug where advertised_route_priority was accidentally set to 0 during updates in google_compute_router_peer (#8102)
• compute: fixed a permadiff caused by setting start_time in an incorrect H:mm format in google_compute_resource_policies resources (#8067)
• compute: fixed network_interface.subnetwork_project validation to match with the project in network_interface.subnetwork field when network_interface.subnetwork has full self_link in google_compute_instance resource (#8089)
• kms: updated the google_kms_autokey_config resource's folder field to accept values that are either full resource names (folders/{folder_id}) or just the folder id ({folder_id} only) (#8100)
• storage: added retry support for 429 errors in google_storage_bucket resource (#8092)

v6.1.0

FEATURES:

• New Data Source: google_kms_crypto_key_latest_version (#8032)
• New Data Source: google_kms_crypto_key_versions (#8026)

IMPROVEMENTS:

• databasemigrationservice: added support in google_database_migration_service_connection_profile for creating DMS connection profiles that link to existing Cloud SQL instances/AlloyDB clusters. (#8062)
• alloydb: added subscription_type and trial_metadata field to google_alloydb_cluster resource (#8042)
• bigquery: added encryption_configuration field to google_bigquery_data_transfer_config resource (#8045)
• bigqueryanalyticshub: added selected_resources, and restrict_direct_table_access to google_bigquery_analytics_hub_listing resource (#8029)
• bigqueryanalyticshub: added sharing_environment_config to google_bigquery_analytics_hub_data_exchange resource (#8029)
• cloudtasks: added http_target field to google_cloud_tasks_queue resource (#8033)
• compute: added accelerators field to google_compute_node_template resource (#8063)
• compute: allowed disabling 'server_tls_policy' during update in 'google_compute_target_https_proxy' resources (#8023)
• datastream: added transaction_logs and change_tables to datastream_stream resource (#8031)
• discoveryengine: added chunking_config and layout_parsing_config fields to google_discovery_engine_data_store resource (#8049)
• dlp: added inspect_template_modified_cadence field to big_query_target and cloud_sql_target in google_data_loss_prevention_discovery_config resource (#8054)
• dlp: added tag_resources field to google_data_loss_prevention_discovery_config resource (#8054)

BUG FIXES:

• bigquery: fixed an error which could occur with email field values containing non-lower-case characters in google_bigquery_dataset_access resource (#8039)
• bigqueryanalyticshub: made bigquery_dataset immutable in google_bigquery_analytics_hub_listing as it was not updatable in the API. Now modifying the field in Terraform will correctly recreate the resource rather than causing Terraform to report it would attempt an invalid update. (#8029)
• container: fixed update inconsistency in google_container_cluster resource (#8030)
• pubsub: fixed a validation bug that didn't allow empty filter definitions for google_pubsub_subscription resources (#8055)
• resourcemanager: fixed a bug where data.google_client_config failed silently when inadequate credentials were used to configure the provider (#8057)
• sql: fixed importing google_sql_user where host is an IPv4 CIDR (#8028)
• sql: fixed overwriting of name field for IAM Group user for google_sql_user resource (#8024)

v5.43.1

NOTES:

• 5.43.1 is a backport release, and some changes will not appear in 6.X series releases until 6.1.0

BUG FIXES:

• pubsub: fixed a validation bug that didn't allow empty filter definitions for google_pubsub_subscription resources (#8055)

v6.0.1

BREAKING CHANGES:

• sql: removed settings.ip_configuration.require_ssl from google_sql_database_instance in favor of settings.ip_configuration.ssl_mode. This field was intended to be removed in 6.0.0. (#8043)