Skip to content

Releases: hashicorp/terraform-provider-google

v6.12.0

18 Nov 18:16
Compare
Choose a tag to compare

FEATURES:

  • New Data Source: google_access_context_manager_access_policy (#20295)
  • New Resource: google_dataproc_gdc_spark_application (#20242)
  • New Resource: google_managed_kafka_cluster and google_managed_kafka_topic (#20237)

IMPROVEMENTS:

  • artifactregistry: added common_repository field to google_artifact_registry_repository resource (#20305)
  • cloudrunv2: added urls output field to google_cloud_run_v2_service resource (#20313)
  • compute: added IDPF as a possible value for the network_interface.nic_type field in google_compute_instance resource (#20250)
  • compute: added IDPF as a possible value for the guest_os_features.type field in google_compute_image resource (#20250)
  • compute: added replica_names field to sql_database_instance resource (#20202)
  • filestore: added performance_config field to google_filestore_instance (#20218)
  • redis: added persistence_config to google_redis_cluster. (#20212)
  • securesourcemanager: added workforce_identity_federation_config field to google_secure_source_manager_instance resource (#20290)
  • spanner: added default_backup_schedule_type field to google_spanner_instance (#20213)
  • sql: added psc_auto_connections fields to google_sql_database_instance resource (#20307)

BUG FIXES:

  • accesscontextmanager: fixed permadiff in perimeter google_access_context_manager_service_perimeter_ingress_policy and google_access_context_manager_service_perimeter_egress_policy resources when there are duplicate resources in the rules (#20294)
    • accesscontextmanager: fixed comparison of identity_type in ingress_from and egress_from when the IDENTITY_TYPE_UNSPECIFIED is set (#20221)
  • compute: fixed permadiff on attempted type field updates in google_computer_security_policy, updating this field will now force recreation of the resource (#20316)
  • identityplatform: fixed perma-diff originating from the sign_in.anonymous.enabled field in google_identity_platform_config (#20244)

v6.11.2

15 Nov 17:51
1001a9f
Compare
Choose a tag to compare

BUG FIXES:

  • vertexai: fixed issue with google_vertex_ai_endpoint where upgrading to 6.11.0 would delete all traffic splits that were set outside Terraform (which was previously a required step for all meaningful use of this resource). (#20350)

v6.11.1

12 Nov 23:16
Compare
Choose a tag to compare

BUG FIXES:

  • container: fixed diff on google_container_cluster.user_managed_keys_config field for resources that had not set it. (#20314)
  • container: marked google_container_cluster.user_managed_keys_config as immutable because it can't be updated in place. (#20314)

v6.11.0

11 Nov 17:55
7c40702
Compare
Choose a tag to compare

NOTES:

  • compute: migrated google_compute_firewall_policy_rule from DCL engine to MMv1 engine. (#20160)

BREAKING CHANGES:

  • looker: made oauth_config a required field in google_looker_instance, as creating this resource without that field always triggers an API error (#20196)

FEATURES:

  • New Data Source: google_spanner_database (#20114)
  • New Resource: google_apigee_api (#20113)
  • New Resource: google_dataproc_gdc_application_environment (#20165)
  • New Resource: google_dataproc_gdc_service_instance (#20147)
  • New Resource: google_memorystore_instance (#20108)

IMPROVEMENTS:

  • apigee: added in-place update support for google_apigee_env_references (#20182)
  • apigee: added in-place update support for google_apigee_environment resource (#20189)
  • cloudrun: added empty_dir field to google_cloud_run_service (#20185)
  • cloudrunv2: added empty_dir field to google_cloud_run_v2_service and google_cloud_run_v2_job (#20185)
  • compute: added disks field to google_compute_node_template resource (#20180)
  • compute: added preconfigured_waf_config field to google_compute_security_policy resource (#20183)
  • compute: added replica_names field to sql_database_instance resource (#20202)
  • compute: added instance_flexibility_policy field to google_compute_region_instance_group_manager resource (#20132)
  • compute: increased google_compute_security_policy timeouts from 20 minutes to 30 minutes (#20145)
  • container: added control_plane_endpoints_config field to google_container_cluster resource. (#20193)
  • container: added parallelstore_csi_driver_config field to google_container_cluster resource. (#20163)
  • container: added user_managed_keys_config field to google_container_cluster resource. (#20105)
  • firestore: allowed single field indexes to support __name__ DESC indexes in google_firestore_index resources (#20124)
  • privateca: added support for sub-CA to be activated into STAGED state (#20103)
  • spanner: added default_backup_schedule_type field to google_spanner_instance (#20213)
  • vertexai: added traffic_split, private_service_connect_config, predict_request_response_logging_config, dedicated_endpoint_enabled, and dedicated_endpoint_dns fields to google_vertex_ai_endpoint resource (#20179)
  • workflows: added deletion_protection field to google_workflows_workflow resource (#20106)

BUG FIXES:

  • compute: fixed a diff based on server-side reordering of match.src_address_groups and match.dest_address_groups in google_compute_network_firewall_policy_rule (#20148)
  • compute: fixed permadiff on the preconfigured_waf_config field for google_compute_security_policy resource (#20183)
  • container: fixed in-place updates for node_config.containerd_config in google_container_cluster and google_container_node_pool (#20112)

v5.45.0

11 Nov 17:24
c875b30
Compare
Choose a tag to compare

NOTES:

  • 5.45.0 is a backport release, responding to a new Spanner feature that may result in creation of unwanted backups for users. The changes in this release will be available in 6.11.0 and users upgrading to 6.X should upgrade to that version or higher.

IMPROVEMENTS:

  • spanner: added default_backup_schedule_type field to google_spanner_instance (#20213)

v6.10.0

04 Nov 18:25
72ca3b4
Compare
Choose a tag to compare

FEATURES:

  • New Data Source: google_compute_instance_guest_attributes (#20095)
  • New Data Source: google_service_accounts (#20062)
  • New Resource: google_iap_settings (#20085)

IMPROVEMENTS:

  • apphub: added GLOBAL enum value to scope.type field in google_apphub_application resource (#20015)
  • assuredworkloads: added workload_options field to google_assured_workloads_workload resource (#19985)
  • bigquery: added external_catalog_dataset_options fields to google_bigquery_dataset resource (beta) (#20097)
  • bigquery: added descriptive validation errors for missing required fields in google_bigquery_job destination table configuration (#20077)
  • compute: desired_status on google_compute_instance can now be set to TERMINATED or SUSPENDED on instance creation (#20031)
  • compute: added header_action and redirect_options fields to google_compute_security_policy_rule resource (#20079)
  • compute: added interface.ipv6-address field in google_compute_external_vpn_gateway resource (#20091)
  • compute: added propagated_connection_limit and connected_endpoints.propagated_connection_count fields to google_compute_service_attachment resource (#20016)
  • compute: added plan-time validation to name on google_compute_instance (#20036)
  • compute: added support for advanced_machine_features.turbo_mode to google_compute_instance, google_compute_instance_template, and google_compute_region_instance_template (#20090)
  • container: added in-place update support for labels, resource_manager_tags and workload_metadata_config in google_container_cluster.node_config (#20038)
  • filestore: added protocol property to resource google_filestore_instance (#19982)
  • memorystore: added mode flag to google_memorystore_instance (#19988)
  • netapp: added zone and replica_zone fields to google_netapp_storage_pool resource (#19980)
  • netapp: added zone and replica_zone fields to google_netapp_volume resource (#19980)
  • networksecurity: added tls_inspection_policy field to google_network_security_gateway_security_policy (#19986)
  • resourcemanager: added disabled to google_service_account datasource (#20034)
  • spanner: added asymmetric_autoscaling_options field to google_spanner_instance (#20014)
  • sql: removed the client-side default of ENTERPRISE for edition in google_sql_database_instance so that edition is determined by the API when unset. This will cause new instances to use ENTERPRISE_PLUS as the default for POSTGRES_16. (#19977)
  • vmwareengine: added autoscaling_settings to google_vmwareengine_private_cloud resource (#20057)

BUG FIXES:

  • accesscontextmanager: fixed permadiff for perimeter ingress / egress rule resources (#20046)
  • compute: fixed an error in google_compute_security_policy_rule that prevented updating the default rule (#20066)
  • container: fixed missing in-place updates for some google_container_cluster.node_config subfields (#20038)

v6.9.0

28 Oct 17:04
39e428d
Compare
Choose a tag to compare

DEPRECATIONS:

  • containerattached: deprecated security_posture_config field in google_container_attached_cluster resource (#19912)

FEATURES:

  • New Data Source: google_oracle_database_autonomous_database (#19903)
  • New Data Source: google_oracle_database_autonomous_databases (#19901)
  • New Data Source: google_oracle_database_cloud_exadata_infrastructures (#19884)
  • New Data Source: google_oracle_database_cloud_vm_clusters (#19900)
  • New Resource: google_apigee_app_group (#19921)
  • New Resource: google_apigee_developer (#19911)
  • New Resource: google_network_connectivity_group (#19902)

IMPROVEMENTS:

  • compute: google_compute_network_firewall_policy_association now uses MMv1 engine instead of DCL. (#19976)
  • compute: google_compute_region_network_firewall_policy_association now uses MMv1 engine instead of DCL. (#19976)
  • compute: added creation_timestamp field to google_compute_instance, google_compute_instance_template, google_compute_region_instance_template (#19906)
  • compute: added key_revocation_action_type to google_compute_instance and related resources (#19952)
  • looker: added deletion_policy to google_looker_instance to allow force-destroying instances with nested resources by setting deletion_policy = FORCE (#19924)
  • monitoring: added alert_strategy.notification_prompts field to google_monitoring_alert_policy (#19928)
  • storage: added hierarchical_namespace to google_storage_bucket resource (#19882)
  • sql: removed the client-side default of ENTERPRISE for edition in google_sql_database_instance so that edition is determined by the API when unset. This will cause new instances to use ENTERPRISE_PLUS as the default for POSTGRES_16. (#19977)
  • vmwareengine: added autoscaling_settings to google_vmwareengine_cluster resource (#19962)
  • workstations: added max_usable_workstations field to google_workstations_workstation_config resource. (#19872)

BUG FIXES:

  • compute: fixed an issue where immutable distribution_zones was incorrectly sent to the API when updating distribution_policy_target_shape in google_compute_region_instance_group_manager resource (#19949)
  • container: fixed a crash in google_container_node_pool caused by an occasional nil pointer (#19922)
  • essentialcontacts: fixed google_essential_contacts_contact import to include required parent field. (#19877)
  • sql: made google_sql_database_instance.0.settings.0.data_cache_config accept server-side changes when unset. When unset, no diffs will be created when instances change in edition and the feature is enabled or disabled as a result. (#19972)
  • storage: removed retry on 404s during refresh for google_storage_bucket, preventing hanging when refreshing deleted buckets (#19964)

v6.8.0

21 Oct 18:23
e1ff027
Compare
Choose a tag to compare

FEATURES:

  • New Data Source: google_oracle_database_cloud_exadata_infrastructure (#19856)
  • New Data Source: google_oracle_database_cloud_vm_cluster (#19859)
  • New Data Source: google_oracle_database_db_nodes (#19871)
  • New Data Source: google_oracle_database_db_servers (#19823)
  • New Resource: google_oracle_database_autonomous_database (#19860)
  • New Resource: google_oracle_database_cloud_exadata_infrastructure (#19798)
  • New Resource: google_oracle_database_cloud_vm_cluster (#19837)
  • New Resource: google_transcoder_job_template (#19854)
  • New Resource: google_transcoder_job (#19854)

IMPROVEMENTS:

  • cloudfunctions: increased the timeouts to 20 minutes for google_cloudfunctions_function resource (#19799)
  • cloudrunv2: added invoker_iam_disabled field to google_cloud_run_v2_service (#19833)
  • compute: made google_compute_network_firewall_policy_rule use MMv1 engine instead of DCL. (#19862)
  • compute: made google_compute_region_network_firewall_policy_rule use MMv1 engine instead of DCL. (#19862)
  • compute: added ip_address_selection_policy field to google_compute_backend_service and google_compute_region_backend_service. (#19863)
  • compute: added provisioned_throughput field to google_compute_instance_template resource (#19852)
  • compute: added provisioned_throughput field to google_compute_region_instance_template resource (#19852)
  • container: added support for additional values KCP_CONNECTION, and KCP_SSHDin google_container_cluster.logging_config (#19812)
  • dialogflowcx: added advanced_settings.logging_settings and advanced_settings.speech_settings to google_dialogflow_cx_agent and google_dialogflow_cx_flow (#19801)
  • networkconnectivity: added linked_producer_vpc_network field to google_network_connectivity_spoke resource (#19806)
  • secretmanager: added is_secret_data_base64 field to google_secret_manager_secret_version and google_secret_manager_secret_version_access datasources (#19831)
  • secretmanager: added is_secret_data_base64 field to google_secret_manager_regional_secret_version and google_secret_manager_regional_secret_version_access datasources (#19831)
  • spanner: added kms_key_names to encryption_config in google_spanner_database (#19846)
  • workstations: added max_usable_workstations field to google_workstations_workstation_config resource (#19872)
  • workstations: added field allowed_ports to google_workstations_workstation_config (#19845)

BUG FIXES:

  • bigquery: fixed a regression that caused google_bigquery_dataset_iam_* resources to attempt to set deleted IAM members, thereby triggering an API error (#19857)
  • compute: fixed an issue in google_compute_backend_service and google_compute_region_backend_service to allow sending false for iap.enabled (#19795)
  • container: node_config.linux_node_config, node_config.workload_metadata_config and node_config.kubelet_config will now successfully send empty messages to the API when terraform plan indicates they are being removed, rather than null, which caused an error. The sole reliable case is node_config.linux_node_config when the block is removed, where there will still be a permadiff, but the update request that's triggered will no longer error and other changes displayed in the plan should go through. (#19842)

v6.7.0

14 Oct 18:04
5a33a2b
Compare
Choose a tag to compare

FEATURES:

  • New Resource: google_healthcare_pipeline_job (#19717)
  • New Resource: google_secure_source_manager_branch_rule (#19773)

IMPROVEMENTS:

  • container: google_container_cluster will now accept server-specified values for node_pool_auto_config.0.node_kubelet_config when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817)
  • discoveryengine: added chat_engine_config.dialogflow_agent_to_link field to google_discovery_engine_chat_engine resource (#19723)
  • networkconnectivity: added field migration to resource google_network_connectivity_internal_range (#19757)
  • networkservices: added routing_mode field to google_network_services_gateway resource (#19764)

BUG FIXES:

  • bigtable: fixed an error where BigTable IAM resources could be created with conditions but the condition was not stored in state (#19725)
  • container: fixed issue which caused to not being able to disable enable_cilium_clusterwide_network_policy field on google_container_cluster. (#19736)
  • container: fixed a diff triggered by a new API-side default value for node_config.0.kubelet_config.0.insecure_kubelet_readonly_port_enabled. Terraform will now accept server-specified values for node_config.0.kubelet_config when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817)
  • dataproc: fixed a bug in google_dataproc_cluster that prevented creation of clusters with internal_ip_only set to false (#19782)
  • iam: addressed google_service_account creation issues caused by the eventual consistency of the GCP IAM API by ignoring 403 errors returned on polling the service account after creation. (#19727)
  • logging: fixed the whitespace permadiff on exclusions.filter field in google_logging_billing_account_sink, google_logging_folder_sink, google_logging_organization_sink and google_logging_project_sink resources (#19744)
  • pubsub: fixed permadiff with configuring an empty retry_policy in google_pubsub_subscription (#19784)
  • secretmanager: fixed the issue of unpopulated fields labels, annotations and version_destroy_ttl in the terraform state for the google_secret_manager_secrets datasource (#19748)

v5.44.2

14 Oct 19:01
Compare
Choose a tag to compare

Notes:

  • 5.44.2 is a backport release, responding to a GKE rollout that created permadiffs for many users. The changes in this release will be available in 6.7.0 and users upgrading to 6.X should upgrade to that version or higher.

IMPROVEMENTS:

  • container: google_container_cluster will now accept server-specified values for node_pool_auto_config.0.node_kubelet_config when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817)

BUG FIXES:

  • container: fixed a diff triggered by a new API-side default value for node_config.0.kubelet_config.0.insecure_kubelet_readonly_port_enabled. Terraform will now accept server-specified values for node_config.0.kubelet_config when it is not defined in configuration and will not detect drift. Note that this means that removing the value from configuration will now preserve old settings instead of reverting the old settings. (#19817)