chore(deps): update terraform aws to v5

This PR contains the following updates:

Package	Type	Update	Change
aws (source)	required_provider	major	`~> 4.0` -> `~> 5.0`

Review

[ ] Updates have been tested and work
[ ] If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

Release Notes

hashicorp/terraform-provider-aws (aws)

### [`v5.40.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5400-March-7-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.39.1...v5.40.0) FEATURES: - **New Function:** `arn_build` ([#34952](https://togithub.com/hashicorp/terraform-provider-aws/issues/34952)) - **New Function:** `arn_parse` ([#34952](https://togithub.com/hashicorp/terraform-provider-aws/issues/34952)) - **New Resource:** `aws_account_region` ([#35739](https://togithub.com/hashicorp/terraform-provider-aws/issues/35739)) - **New Resource:** `aws_securitylake_subscriber` ([#35981](https://togithub.com/hashicorp/terraform-provider-aws/issues/35981)) ENHANCEMENTS: - data-source/aws_rds_engine_version: Add `has_major_target` and `has_minor_target` optional arguments and `valid_major_targets` and `valid_minor_targets` attributes ([#36246](https://togithub.com/hashicorp/terraform-provider-aws/issues/36246)) - resource/aws_batch_job_queue: added parameter `compute_environment_order` which conflicts with `compute_environments` but aligns with AWS API. `compute_environments` has been deprecated. ([#34750](https://togithub.com/hashicorp/terraform-provider-aws/issues/34750)) - resource/aws_cloudfront_distribution: Remove the upper limit on `origin.custom_origin_config.origin_read_timeout` ([#36088](https://togithub.com/hashicorp/terraform-provider-aws/issues/36088)) - resource/aws_db_instance: Add `io2` as a valid value for `storage_type` ([#36252](https://togithub.com/hashicorp/terraform-provider-aws/issues/36252)) - resource/aws_elasticache_serverless_cache: Add plan-time validation of `cache_usage_limits.ecpu_per_second.maximum` ([#35927](https://togithub.com/hashicorp/terraform-provider-aws/issues/35927)) - resource/aws_iot_policy: Add tagging support ([#36102](https://togithub.com/hashicorp/terraform-provider-aws/issues/36102)) - resource/aws_iot_role_alias: Add tagging support ([#36255](https://togithub.com/hashicorp/terraform-provider-aws/issues/36255)) - resource/aws_opensearch_domain: Add `use_off_peak_window` argument to the `auto_tune_options` configuration block ([#36067](https://togithub.com/hashicorp/terraform-provider-aws/issues/36067)) - resource/aws_rds_cluster: Add `io2` as a valid value for `storage_type` ([#36252](https://togithub.com/hashicorp/terraform-provider-aws/issues/36252)) - resource/aws_s3\_bucket_object: Adds attribute `arn`. ([#35710](https://togithub.com/hashicorp/terraform-provider-aws/issues/35710)) - resource/aws_s3\_object: Adds attribute `arn`. ([#35710](https://togithub.com/hashicorp/terraform-provider-aws/issues/35710)) - resource/aws_s3\_object_copy: Adds attribute `arn`. ([#35710](https://togithub.com/hashicorp/terraform-provider-aws/issues/35710)) - resource/aws_wafv2\_rule_group: Add `evaluation_window_sec` argument to the `rate_based_statement` configuration block ([#36045](https://togithub.com/hashicorp/terraform-provider-aws/issues/36045)) - resource/aws_wafv2\_web_acl: Add `evaluation_window_sec` argument to the `rate_based_statement` configuration block ([#36045](https://togithub.com/hashicorp/terraform-provider-aws/issues/36045)) BUG FIXES: - data-source/aws_rds_engine_version: Fix bugs that could limit engine version to a default version even when not appropriate ([#36246](https://togithub.com/hashicorp/terraform-provider-aws/issues/36246)) - resource/aws_db_instance: Correctly sets `parameter_group_name` when `replicate_source_db` is in different region. ([#36080](https://togithub.com/hashicorp/terraform-provider-aws/issues/36080)) - resource/aws_elastic_beanstalk_environment: Fix `InvalidParameterValue: Environment named ... is in an invalid state for this operation. Must be Ready` errors when `tags` are updated along with other attributes ([#36074](https://togithub.com/hashicorp/terraform-provider-aws/issues/36074)) - resource/aws_elasticache_serverless_cache: Change `cache_usage_limits.data_storage.maximum` and `cache_usage_limits.ecpu_per_second.maximum` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#35927](https://togithub.com/hashicorp/terraform-provider-aws/issues/35927)) - resource/aws_medialive_channel: Fix handling of optional `encoder_settings.audio_descriptions` arguments ([#36097](https://togithub.com/hashicorp/terraform-provider-aws/issues/36097)) - resource/aws_rds_global_cluster: Fix bugs and delays that could occur when performing major or minor version upgrades ([#36246](https://togithub.com/hashicorp/terraform-provider-aws/issues/36246)) - resource/aws_s3\_bucket: Tags with empty values no longer remove all tags. ([#35710](https://togithub.com/hashicorp/terraform-provider-aws/issues/35710)) - resource/aws_s3\_bucket_object: Tags with empty values no longer remove all tags. ([#35710](https://togithub.com/hashicorp/terraform-provider-aws/issues/35710)) - resource/aws_s3\_object: Tags with empty values no longer remove all tags. ([#35710](https://togithub.com/hashicorp/terraform-provider-aws/issues/35710)) - resource/aws_s3\_object_copy: Tags with empty values no longer remove all tags. ([#35710](https://togithub.com/hashicorp/terraform-provider-aws/issues/35710)) - resource/aws_vpclattice_listener_rule: Remove `action.forward.target_groups` maximum item limit ([#36095](https://togithub.com/hashicorp/terraform-provider-aws/issues/36095)) ### [`v5.39.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5391-March-1-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.39.0...v5.39.1) BUG FIXES: - data-source/aws_instance: Fix `panic: Invalid address to set` related to `root_block_device.0.tags_all` ([#36054](https://togithub.com/hashicorp/terraform-provider-aws/issues/36054)) ### [`v5.39.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5390-February-29-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.38.0...v5.39.0) FEATURES: - **New Data Source:** `aws_redshift_data_shares` ([#35937](https://togithub.com/hashicorp/terraform-provider-aws/issues/35937)) - **New Resource:** `aws_apprunner_deployment` ([#35758](https://togithub.com/hashicorp/terraform-provider-aws/issues/35758)) - **New Resource:** `aws_config_retention_configuration` ([#15136](https://togithub.com/hashicorp/terraform-provider-aws/issues/15136)) - **New Resource:** `aws_securityhub_automation_rule` ([#34781](https://togithub.com/hashicorp/terraform-provider-aws/issues/34781)) - **New Resource:** `aws_shield_proactive_engagement` ([#34667](https://togithub.com/hashicorp/terraform-provider-aws/issues/34667)) ENHANCEMENTS: - aws_kinesis_firehose_delivery_stream: Add `custom_time_zone` and `file_extension` arguments to the `extended_S3_configuration` configuration block ([#35969](https://togithub.com/hashicorp/terraform-provider-aws/issues/35969)) - resource/aws_appflow_flow: Allow `task.source_fields` to be a `null` value ([#35993](https://togithub.com/hashicorp/terraform-provider-aws/issues/35993)) - resource/aws_codepipeline: Add `trigger` configuration block ([#35475](https://togithub.com/hashicorp/terraform-provider-aws/issues/35475)) - resource/aws_config_configuration_recorder: Add plan-time validation of `aws_config_organization_custom_rule.lambda_function_arn` ([#15136](https://togithub.com/hashicorp/terraform-provider-aws/issues/15136)) - resource/aws_instance: Add configurable `read` timeout ([#35955](https://togithub.com/hashicorp/terraform-provider-aws/issues/35955)) - resource/aws_instance: Apply default tags to volumes/block devices managed through an `aws_instance`, add `ebs_block_device.*.tags_all` and `root_block_device.*.tags_all` attributes which include default tags ([#33769](https://togithub.com/hashicorp/terraform-provider-aws/issues/33769)) - resource/aws_mq_broker: Add `data_replication_mode` and `data_replication_primary_broker_arn` arguments, enabling support for cross-region data replication ([#35990](https://togithub.com/hashicorp/terraform-provider-aws/issues/35990)) - resource/aws_mwaa_environment: Add `endpoint_management` attribute ([#35961](https://togithub.com/hashicorp/terraform-provider-aws/issues/35961)) - resource/aws_redshiftserverless_namespace: Add attributes `admin_password_secret_kms_key_id` and `manage_admin_password` ([#35965](https://togithub.com/hashicorp/terraform-provider-aws/issues/35965)) - resource/aws_shield_drt_access_log_bucket_association: Support resource import ([#34667](https://togithub.com/hashicorp/terraform-provider-aws/issues/34667)) - resource/aws_shield_drt_access_role_arn_association: Support resource import ([#34667](https://togithub.com/hashicorp/terraform-provider-aws/issues/34667)) - resource/aws_spot_instance_request: Add configurable `read` timeout ([#35955](https://togithub.com/hashicorp/terraform-provider-aws/issues/35955)) - resource/aws_wafv2\_web_acl: Add `application_integration_url` attribute ([#35974](https://togithub.com/hashicorp/terraform-provider-aws/issues/35974)) BUG FIXES: - data/aws_redshiftserverless_namespace: Properly set `iam_roles` attribute on read ([#35965](https://togithub.com/hashicorp/terraform-provider-aws/issues/35965)) - resource/aws_appflow_flow: Fix perpetual diff when `task.task_type` is set to `Map_all` ([#35993](https://togithub.com/hashicorp/terraform-provider-aws/issues/35993)) - resource/aws_config_configuration_recorder: Fix `panic: interface conversion: interface {} is nil, not map[string]interface {}` when `recording_group.exclusion_by_resource_types` is empty ([#15136](https://togithub.com/hashicorp/terraform-provider-aws/issues/15136)) - resource/aws_config_rule: Change `name` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#15136](https://togithub.com/hashicorp/terraform-provider-aws/issues/15136)) - resource/aws_config_rule: Fix `InvalidParameterValueException: PolicyText is required when Owner is CUSTOM_POLICY` errors on resource Update ([#15136](https://togithub.com/hashicorp/terraform-provider-aws/issues/15136)) - resource/aws_ecs_task_definition: Fix perpetual `container_definitions` diffs when `Name`s are ordered differently ([#36029](https://togithub.com/hashicorp/terraform-provider-aws/issues/36029)) - resource/aws_msk_replicator: Fix incorrect `detect_and_copy_new_topics` attribute value from state read/refresh ([#35966](https://togithub.com/hashicorp/terraform-provider-aws/issues/35966)) - resource/aws_redshiftserverless_workgroup: Fix `max_capacity` removal ([#36032](https://togithub.com/hashicorp/terraform-provider-aws/issues/36032)) - resource/aws_redshiftserverless_workgroup: Fix updating both `base_capacity` and `max_capacity` ([#36032](https://togithub.com/hashicorp/terraform-provider-aws/issues/36032)) - resource/aws_shield_drt_access_log_bucket_association: Change `log_bucket` and `role_arn_association_id` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#34667](https://togithub.com/hashicorp/terraform-provider-aws/issues/34667)) ### [`v5.38.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5380-February-22-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.37.0...v5.38.0) FEATURES: - **New Data Source:** `aws_batch_job_definition` ([#34663](https://togithub.com/hashicorp/terraform-provider-aws/issues/34663)) - **New Data Source:** `aws_cognito_user_group` ([#34046](https://togithub.com/hashicorp/terraform-provider-aws/issues/34046)) - **New Data Source:** `aws_cognito_user_groups` ([#34046](https://togithub.com/hashicorp/terraform-provider-aws/issues/34046)) ENHANCEMENTS: - data-source/aws_alb_target_group: Add `load_balancer_arns` attribute ([#34364](https://togithub.com/hashicorp/terraform-provider-aws/issues/34364)) - data-source/aws_ec2\_instance_type: Add `maximum_network_cards` attribute ([#35840](https://togithub.com/hashicorp/terraform-provider-aws/issues/35840)) - data-source/aws_elasticache_subnet_group: Add `vpc_id` attribute ([#35887](https://togithub.com/hashicorp/terraform-provider-aws/issues/35887)) - data-source/aws_lb_target_group: Add `load_balancer_arns` attribute ([#34364](https://togithub.com/hashicorp/terraform-provider-aws/issues/34364)) - provider: Add `token_bucket_rate_limiter_capacity` parameter ([#35926](https://togithub.com/hashicorp/terraform-provider-aws/issues/35926)) - resource/aws_alb_target_group: Add `load_balancer_arns` attribute ([#34364](https://togithub.com/hashicorp/terraform-provider-aws/issues/34364)) - resource/aws_codedeploy_deployment_config: Add `arn` attribute ([#35888](https://togithub.com/hashicorp/terraform-provider-aws/issues/35888)) - resource/aws_codepipeline: Add `execution_mode` argument ([#35875](https://togithub.com/hashicorp/terraform-provider-aws/issues/35875)) - resource/aws_config_configuration_recorder: Add `recording_mode` configuration block ([#35527](https://togithub.com/hashicorp/terraform-provider-aws/issues/35527)) - resource/aws_db_instance: Add plan-time validation of `performance_insights_retention_period` ([#35870](https://togithub.com/hashicorp/terraform-provider-aws/issues/35870)) - resource/aws_elasticache_subnet_group: Add `vpc_id` attribute ([#35887](https://togithub.com/hashicorp/terraform-provider-aws/issues/35887)) - resource/aws_lb_target_group: Add `load_balancer_arns` attribute ([#34364](https://togithub.com/hashicorp/terraform-provider-aws/issues/34364)) - resource/aws_redshiftserverless_workgroup: Add `max_capacity` argument ([#35720](https://togithub.com/hashicorp/terraform-provider-aws/issues/35720)) - resource/aws_transfer_server: Add `TransferSecurityPolicy-2024-01` and `TransferSecurityPolicy-FIPS-2024-01` as valid values for `security_policy_name` ([#35879](https://togithub.com/hashicorp/terraform-provider-aws/issues/35879)) BUG FIXES: - data-source/aws_caller_identity: Fix authentication signature error when alternate `sts_region` is specified ([#35860](https://togithub.com/hashicorp/terraform-provider-aws/issues/35860)) - data-source/aws_eks_access_entry: Fix `cluster_name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - data-source/aws_eks_addon: Fix `cluster_name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - data-source/aws_eks_cluster: Fix `name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - resource/aws_cloudsearch_domain: Prevent panic when reading nil `index_field` options response values ([#35900](https://togithub.com/hashicorp/terraform-provider-aws/issues/35900)) - resource/aws_eks_access_entry: Fix `cluster_name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - resource/aws_eks_access_policy_association: Fix `cluster_name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - resource/aws_eks_addon: Fix `cluster_name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - resource/aws_eks_cluster: Fix `name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - resource/aws_eks_fargate_profile: Fix `cluster_name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - resource/aws_eks_node_group: Fix `cluster_name` plan-time validation, allowing single-character names ([#35874](https://togithub.com/hashicorp/terraform-provider-aws/issues/35874)) - resource/aws_prometheus_scraper: Fixes invalid result after apply error. ([#35844](https://togithub.com/hashicorp/terraform-provider-aws/issues/35844)) - resource/aws_sqs_queue_policy: Retry IAM eventual consistency errors ([#35861](https://togithub.com/hashicorp/terraform-provider-aws/issues/35861)) ### [`v5.37.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5370-February-15-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.36.0...v5.37.0) NOTES: - provider: Updates to Go 1.21 (used by Terraform starting with v1.6.0), which, for Windows, requires at least Windows 10 or Windows Server 2016--support for previous versions has been discontinued--and, for macOS, requires macOS 10.15 Catalina or later--support for previous versions has been discontinued. ([#35832](https://togithub.com/hashicorp/terraform-provider-aws/issues/35832)) - resource/aws_bedrock_provisioned_model_throughput: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#35689](https://togithub.com/hashicorp/terraform-provider-aws/issues/35689)) FEATURES: - **New Data Source:** `aws_db_parameter_group` ([#35698](https://togithub.com/hashicorp/terraform-provider-aws/issues/35698)) - **New Resource:** `aws_bedrock_provisioned_model_throughput` ([#35689](https://togithub.com/hashicorp/terraform-provider-aws/issues/35689)) - **New Resource:** `aws_cloudfront_key_value_store` ([#35663](https://togithub.com/hashicorp/terraform-provider-aws/issues/35663)) - **New Resource:** `aws_redshift_data_share_consumer_association` ([#35771](https://togithub.com/hashicorp/terraform-provider-aws/issues/35771)) ENHANCEMENTS: - data-source/aws_ecr_pull_through_cache_rule: Add `credential_arn` attribute ([#34475](https://togithub.com/hashicorp/terraform-provider-aws/issues/34475)) - data-source/aws_ecs_task_execution: Add `client_token` argument ([#34402](https://togithub.com/hashicorp/terraform-provider-aws/issues/34402)) - data-source/aws_neptune_cluster_instance: Add `skip_final_snapshot` argument ([#35698](https://togithub.com/hashicorp/terraform-provider-aws/issues/35698)) - data-source/aws_rds_engine_version: Improve search functionality and options by adding `latest`, `preferred_major_targets`, and `preferred_upgrade_targets`. Add `version_actual` attribute ([#35698](https://togithub.com/hashicorp/terraform-provider-aws/issues/35698)) - data-source/aws_rds_orderable_db_instance: Improve search functionality and options by adding `engine_latest_version` and `supports_clusters` arguments and converting `read_replica_capable`, `supported_engine_modes`, `supported_network_types`, and `supports_multi_az` to arguments for use as search criteria ([#35698](https://togithub.com/hashicorp/terraform-provider-aws/issues/35698)) - resource/aws_appsync_graphql_api: Add `introspection_config`, `query_depth_limit`, and `resolver_count_limit` arguments ([#35631](https://togithub.com/hashicorp/terraform-provider-aws/issues/35631)) - resource/aws_codeartifact_domain: Add `s3_bucket_arn` attribute ([#35760](https://togithub.com/hashicorp/terraform-provider-aws/issues/35760)) - resource/aws_ecr_pull_through_cache_rule: Add `credential_arn` argument ([#34475](https://togithub.com/hashicorp/terraform-provider-aws/issues/34475)) - resource/aws_ecs_service: Add `service_connect_configuration.service.timeout` and `service_connect_configuration.service.tls` configuration blocks ([#35684](https://togithub.com/hashicorp/terraform-provider-aws/issues/35684)) - resource/aws_ecs_task_definition: Add `track_latest` argument ([#30154](https://togithub.com/hashicorp/terraform-provider-aws/issues/30154)) - resource/aws_glue_catalog_database: Add `federated_database` argument ([#35799](https://togithub.com/hashicorp/terraform-provider-aws/issues/35799)) - resource/aws_glue_trigger: Add configurable `timeouts` ([#35542](https://togithub.com/hashicorp/terraform-provider-aws/issues/35542)) - resource/aws_rds_cluster: Add `domain` and `domain_iam_role_name` arguments to support [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RDS_Fea_Regions_DB-eng.Feature.KerberosAuthentication.html) ([#35753](https://togithub.com/hashicorp/terraform-provider-aws/issues/35753)) - resource/aws_route53\_record: Add `geoproximity_routing_policy` configuration block to support [geoproximity routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geoproximity.html) ([#35565](https://togithub.com/hashicorp/terraform-provider-aws/issues/35565)) - resource/aws_route53\_resolver_rule: Add `target_ip.protocol` argument ([#35744](https://togithub.com/hashicorp/terraform-provider-aws/issues/35744)) - resource/aws_sagemaker_endpoint_configuration: Add `routing_config` argument. Enables the specification of a `routing_strategy`. ([#34777](https://togithub.com/hashicorp/terraform-provider-aws/issues/34777)) - resource/aws_sagemaker_space: Add `ownership_settings`, `space_sharing_settings`, `space_settings.app_type`, `space_settings.code_editor_app_settings`, `space_settings.custom_file_system`, `space_settings.jupyter_lab_app_settings`, and `space_settings.space_storage_settings` arguments ([#35116](https://togithub.com/hashicorp/terraform-provider-aws/issues/35116)) BUG FIXES: - provider: Fix `failed to get rate limit token, retry quota exceeded` errors ([#35817](https://togithub.com/hashicorp/terraform-provider-aws/issues/35817)) - resource/aws_apigateway_domain_name: Properly send changes to `ownership_verification_certificate_arn` on update ([#35777](https://togithub.com/hashicorp/terraform-provider-aws/issues/35777)) - resource/aws_apigatewayv2\_route: Fix `BadRequestException: Unable to update route. Authorizer type is invalid or null` errors when updating `authorizer_id` ([#35821](https://togithub.com/hashicorp/terraform-provider-aws/issues/35821)) - resource/aws_autoscaling_group: Fix version to computed for inconsistent final plan issue ([#35774](https://togithub.com/hashicorp/terraform-provider-aws/issues/35774)) - resource/aws_datasync_task: Fix crash when reading empty `report_override` values ([#35778](https://togithub.com/hashicorp/terraform-provider-aws/issues/35778)) - resource/aws_datasync_task: Prevent ValidationErrors when empty values are sent with `report_override` arguments ([#35778](https://togithub.com/hashicorp/terraform-provider-aws/issues/35778)) - resource/aws_db_proxy: Change `auth` from `TypeList` to `TypeSet` as order is not significant ([#35819](https://togithub.com/hashicorp/terraform-provider-aws/issues/35819)) - resource/aws_ecs_account_setting_default: Remove plan-time validation of `value` ([#33393](https://togithub.com/hashicorp/terraform-provider-aws/issues/33393)) - resource/aws_ecs_task_definition: Fix perpetual `container_definitions` diffs when `Secrets` are ordered differently ([#35792](https://togithub.com/hashicorp/terraform-provider-aws/issues/35792)) - resource/aws_eks_access_policy_association: Retry IAM eventual consistency errors on create ([#35736](https://togithub.com/hashicorp/terraform-provider-aws/issues/35736)) - resource/aws_instance: Fix `ReservationCapacityExceeded` errors when updating `instance_type` and `capacity_reservation_specification.capacity_reservation_target.capacity_reservation_id` ([#33412](https://togithub.com/hashicorp/terraform-provider-aws/issues/33412)) - resource/aws_lakeformation_resource: Properly handle configured `false` values for `use_service_linked_role` ([#35799](https://togithub.com/hashicorp/terraform-provider-aws/issues/35799)) - resource/aws_medialive_channel: Added `client_cache` to `hls_group_settings`. ([#35738](https://togithub.com/hashicorp/terraform-provider-aws/issues/35738)) - resource/aws_ram_resource_share_accepter: Fix handling of out-of-band resource share deletion ([#35800](https://togithub.com/hashicorp/terraform-provider-aws/issues/35800)) - resource/aws_redshift_data_share_authorization: Fix read operation to properly handle shares in `ACTIVE` status ([#35771](https://togithub.com/hashicorp/terraform-provider-aws/issues/35771)) - resource/aws_s3\_bucket_acl: Correctly updates `access_control_policy` when switching configuration to `acl`. ([#35775](https://togithub.com/hashicorp/terraform-provider-aws/issues/35775)) - resource/resource_share_acceptor: Wait until RAM resource share available after accepting the invitation ([#34753](https://togithub.com/hashicorp/terraform-provider-aws/issues/34753)) ### [`v5.36.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5360-February-8-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.35.0...v5.36.0) NOTES: - data-source/aws_media_convert_queue: The AWS Elemental MediaConvert service has been converted to use standard [Regional endpoints](https://docs.aws.amazon.com/general/latest/gr/mediaconvert.html#mediaconvert_region) instead of deprecated per-account endpoints ([#35615](https://togithub.com/hashicorp/terraform-provider-aws/issues/35615)) - resource/aws_controltower_landing_zone: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#34595](https://togithub.com/hashicorp/terraform-provider-aws/issues/34595)) - resource/aws_media_convert_queue: The AWS Elemental MediaConvert service has been converted to use standard [Regional endpoints](https://docs.aws.amazon.com/general/latest/gr/mediaconvert.html#mediaconvert_region) instead of deprecated per-account endpoints ([#35615](https://togithub.com/hashicorp/terraform-provider-aws/issues/35615)) FEATURES: - **New Resource:** `aws_controltower_landing_zone` ([#34595](https://togithub.com/hashicorp/terraform-provider-aws/issues/34595)) - **New Resource:** `aws_osis_pipeline` ([#35582](https://togithub.com/hashicorp/terraform-provider-aws/issues/35582)) - **New Resource:** `aws_redshift_data_share_authorization` ([#35703](https://togithub.com/hashicorp/terraform-provider-aws/issues/35703)) - **New Resource:** `aws_securitylake_custom_log_source` ([#35354](https://togithub.com/hashicorp/terraform-provider-aws/issues/35354)) ENHANCEMENTS: - resource/aws_cloudwatch_metric_stream: Add plan-time validation of `output_format` ([#35569](https://togithub.com/hashicorp/terraform-provider-aws/issues/35569)) - resource/aws_db_instance: Add `diag.log` and `notify.log` as valid values for `enabled_cloudwatch_logs_exports` ([#35626](https://togithub.com/hashicorp/terraform-provider-aws/issues/35626)) - resource/aws_db_instance: Add `domain_auth_secret_arn`, `domain_dns_ips`, `domain_fqdn`, and `domain_ou` arguments to support [self-managed Active Directory](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_SQLServer_SelfManagedActiveDirectory.html) ([#35500](https://togithub.com/hashicorp/terraform-provider-aws/issues/35500)) - resource/aws_s3\_bucket_metric: Add `filter.access_point` argument ([#35590](https://togithub.com/hashicorp/terraform-provider-aws/issues/35590)) - resource/aws_verifiedaccess_group: Add `sse_configuration` argument ([#34055](https://togithub.com/hashicorp/terraform-provider-aws/issues/34055)) BUG FIXES: - resource/aws_db_instance: Creating resource from point-in-time recovery now handles `password` attribute correctly ([#35589](https://togithub.com/hashicorp/terraform-provider-aws/issues/35589)) - resource/aws_dynamodb_table: Ensure that `replica`s are always set on Read ([#35630](https://togithub.com/hashicorp/terraform-provider-aws/issues/35630)) - resource/aws_emr_cluster: Properly normalize `launch_specifications.on_demand_specification.allocation_strategy` and `launch_specifications.spot_specification.allocation_strategy` values to fix perpetual state differences ([#34367](https://togithub.com/hashicorp/terraform-provider-aws/issues/34367)) - resource/aws_kinesis_firehose_delivery_stream: Change `extended_s3_configuration.processing_configuration.processors.parameters` from `TypeList` to `TypeSet` as order is not significant ([#35672](https://togithub.com/hashicorp/terraform-provider-aws/issues/35672)) - resource/aws_lambda_function: Resolve consecutive diff issue in `logging_config` when values for `application_log_level` or `system_log_level` are not specified ([#35694](https://togithub.com/hashicorp/terraform-provider-aws/issues/35694)) - resource/aws_lb_listener: Fixes unexpected diff when using `default_action` parameters which don't match the `type`. ([#35678](https://togithub.com/hashicorp/terraform-provider-aws/issues/35678)) - resource/aws_lb_listener: Was incorrectly reporting conflicting `default_action[].target_group_arn` when `ignore_changes` was set. ([#35671](https://togithub.com/hashicorp/terraform-provider-aws/issues/35671)) - resource/aws_lb_listener: Was not storing `default_action[].forward` in state if only a single `target_group` was set. ([#35671](https://togithub.com/hashicorp/terraform-provider-aws/issues/35671)) - resource/aws_lb_listener_rule: Fixes unexpected diff when using `action` parameters which don't match the `type`. ([#35678](https://togithub.com/hashicorp/terraform-provider-aws/issues/35678)) - resource/aws_lb_listener_rule: Was incorrectly reporting conflicting `action[].target_group_arn` when `ignore_changes` was set. ([#35671](https://togithub.com/hashicorp/terraform-provider-aws/issues/35671)) - resource/aws_lb_listener_rule: Was not storing `action[].forward` in state if only a single `target_group` was set. ([#35671](https://togithub.com/hashicorp/terraform-provider-aws/issues/35671)) - resource/aws_ssm_patch_baseline: Mark `json` as Computed if there are content changes ([#35606](https://togithub.com/hashicorp/terraform-provider-aws/issues/35606)) ### [`v5.35.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5350-February-2-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.34.0...v5.35.0) FEATURES: - **New Data Source:** `aws_bedrock_custom_model` ([#34310](https://togithub.com/hashicorp/terraform-provider-aws/issues/34310)) - **New Data Source:** `aws_bedrock_custom_models` ([#34310](https://togithub.com/hashicorp/terraform-provider-aws/issues/34310)) - **New Data Source:** `aws_ssmcontacts_rotation` ([#32710](https://togithub.com/hashicorp/terraform-provider-aws/issues/32710)) - **New Resource:** `aws_bedrock_custom_model` ([#34310](https://togithub.com/hashicorp/terraform-provider-aws/issues/34310)) - **New Resource:** `aws_lexv2models_slot` ([#34617](https://togithub.com/hashicorp/terraform-provider-aws/issues/34617)) - **New Resource:** `aws_lexv2models_slot_type` ([#35555](https://togithub.com/hashicorp/terraform-provider-aws/issues/35555)) - **New Resource:** `aws_rekognition_collection` ([#35407](https://togithub.com/hashicorp/terraform-provider-aws/issues/35407)) - **New Resource:** `aws_sesv2_email_identity_policy` ([#35486](https://togithub.com/hashicorp/terraform-provider-aws/issues/35486)) - **New Resource:** `aws_ssmcontacts_rotation` ([#32710](https://togithub.com/hashicorp/terraform-provider-aws/issues/32710)) ENHANCEMENTS: - data-source/aws_redshift_cluster: Add `multi_az` attribute ([#35508](https://togithub.com/hashicorp/terraform-provider-aws/issues/35508)) - resource/aws_lakeformation_resource: Add `hybrid_access_enabled` argument ([#35571](https://togithub.com/hashicorp/terraform-provider-aws/issues/35571)) - resource/aws_lakeformation_resource: Add `with_federation` argument ([#35154](https://togithub.com/hashicorp/terraform-provider-aws/issues/35154)) - resource/aws_redshift_cluster: Add `multi_az` argument ([#35508](https://togithub.com/hashicorp/terraform-provider-aws/issues/35508)) - resource/aws_redshiftserverless_endpoint_access: Add `owner_account` argument ([#35509](https://togithub.com/hashicorp/terraform-provider-aws/issues/35509)) - resource/aws_wafv2\_rule_group: Add `header_order` to `field_to_match` configuration blocks ([#35521](https://togithub.com/hashicorp/terraform-provider-aws/issues/35521)) - resource/aws_wafv2\_web_acl: Add `header_order`to `field_to_match` configuration blocks ([#35521](https://togithub.com/hashicorp/terraform-provider-aws/issues/35521)) BUG FIXES: - data-source/aws_networkmanager_core_network_policy_document: Remove `core_network_configuration.edge_locations` maximum item limit ([#35585](https://togithub.com/hashicorp/terraform-provider-aws/issues/35585)) - resource/aws_backup_plan: Fix `InvalidParameterValueException: Invalid lifecycle. EBS Cold Tier is not yet supported` errors on resource Create in AWS GovCloud (US) ([#35560](https://togithub.com/hashicorp/terraform-provider-aws/issues/35560)) - resource/aws_cognito_user_group: Allow import of user groups with names containing `/` ([#35501](https://togithub.com/hashicorp/terraform-provider-aws/issues/35501)) - resource/aws_dms_event_subscription: Mark `source_ids` as Optional. This fixes a regression introduced in [v5.31.0](https://togithub.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md#5310-december-15-2023) ([#35541](https://togithub.com/hashicorp/terraform-provider-aws/issues/35541)) - resource/aws_efs_file_system: Increase `lifecycle_policy` maximum item limit to 3 ([#35522](https://togithub.com/hashicorp/terraform-provider-aws/issues/35522)) - resource/aws_eks_access_entry: Retry IAM eventual consistency errors on create ([#35535](https://togithub.com/hashicorp/terraform-provider-aws/issues/35535)) - resource/aws_finspace_kx_cluster: Increase `command_line_arguments` max length restriction from 50 to 1024. ([#35581](https://togithub.com/hashicorp/terraform-provider-aws/issues/35581)) ### [`v5.34.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5340-January-26-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.33.0...v5.34.0) FEATURES: - **New Resource:** `aws_rekognition_project` ([#35429](https://togithub.com/hashicorp/terraform-provider-aws/issues/35429)) - **New Resource:** `aws_route53domains_delegation_signer_record` ([#33596](https://togithub.com/hashicorp/terraform-provider-aws/issues/33596)) ENHANCEMENTS: - data-source/aws_codecommit_repository: Add `kms_key_id` attribute ([#35095](https://togithub.com/hashicorp/terraform-provider-aws/issues/35095)) - data-source/aws_imagebuilder_components: Add support for `ThirdParty` `owner` value ([#35286](https://togithub.com/hashicorp/terraform-provider-aws/issues/35286)) - data-source/aws_imagebuilder_container_recipes: Add support for `ThirdParty` `owner` value ([#35286](https://togithub.com/hashicorp/terraform-provider-aws/issues/35286)) - data-source/aws_imagebuilder_image_recipes: Add support for `ThirdParty` `owner` value ([#35286](https://togithub.com/hashicorp/terraform-provider-aws/issues/35286)) - data-source/aws_ssm_patch_baseline: Add `json` attribute to facilitate use with S3 buckets ([#33402](https://togithub.com/hashicorp/terraform-provider-aws/issues/33402)) - resource/aws_accessanalyzer_analyzer: Add `configuration` configuration block ([#35310](https://togithub.com/hashicorp/terraform-provider-aws/issues/35310)) - resource/aws_appflow_flow: Add `flow_status` attribute ([#34948](https://togithub.com/hashicorp/terraform-provider-aws/issues/34948)) - resource/aws_codecommit_repository: Add `kms_key_id` argument ([#35095](https://togithub.com/hashicorp/terraform-provider-aws/issues/35095)) - resource/aws_codecommit_trigger: Add plan-time validation of `trigger.destination_arn` and `trigger.events` ([#35095](https://togithub.com/hashicorp/terraform-provider-aws/issues/35095)) - resource/aws_ecs_capacity_provider: Add `auto_scaling_group_provider.managed_draining` argument ([#35421](https://togithub.com/hashicorp/terraform-provider-aws/issues/35421)) - resource/aws_fis_experiment_template: Add support for `AutoScalingGroups`, `Buckets`, `ReplicationGroups`, `Tables` and `TransitGateways` to `action.*.target` ([#35300](https://togithub.com/hashicorp/terraform-provider-aws/issues/35300)) - resource/aws_fsx_openzfs_file_system: Add `skip_final_backup` argument ([#35320](https://togithub.com/hashicorp/terraform-provider-aws/issues/35320)) - resource/aws_network_interface_sg_attachment: Increase default timeouts to 3 minutes and allow them to be configured ([#35435](https://togithub.com/hashicorp/terraform-provider-aws/issues/35435)) - resource/aws_prometheus_scraper: Add `role_arn` attribute ([#35453](https://togithub.com/hashicorp/terraform-provider-aws/issues/35453)) - resource/aws_route53domains_registered_domain: Support resource import ([#33596](https://togithub.com/hashicorp/terraform-provider-aws/issues/33596)) - resource/aws_ssm_patch_baseline: Add `json` attribute to facilitate use with S3 buckets ([#33402](https://togithub.com/hashicorp/terraform-provider-aws/issues/33402)) - resource/aws_wafv2\_web_acl: Add `challenge_config` argument ([#35367](https://togithub.com/hashicorp/terraform-provider-aws/issues/35367)) BUG FIXES: - resource/aws_codebuild_project: Allow `build_batch_config` to be removed on Update ([#34121](https://togithub.com/hashicorp/terraform-provider-aws/issues/34121)) - resource/aws_eks_access_entry: Mark `kubernetes_groups` as Computed ([#35391](https://togithub.com/hashicorp/terraform-provider-aws/issues/35391)) - resource/aws_eks_access_entry: Mark `type` and `user_name` as Optional, allowing values to be configured ([#35391](https://togithub.com/hashicorp/terraform-provider-aws/issues/35391)) - resource/aws_grafana_license_association: Fix missing `workspace_id` attribute after import ([#35290](https://togithub.com/hashicorp/terraform-provider-aws/issues/35290)) - resource/aws_security_group_rule: Fix `UnsupportedOperation: The functionality you requested is not available in this region` errors on Read in certain partitions ([#33484](https://togithub.com/hashicorp/terraform-provider-aws/issues/33484)) ### [`v5.33.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5330-January-18-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.32.1...v5.33.0) FEATURES: - **New Data Source:** `aws_eks_access_entry` ([#35037](https://togithub.com/hashicorp/terraform-provider-aws/issues/35037)) - **New Resource:** `aws_eks_access_entry` ([#35037](https://togithub.com/hashicorp/terraform-provider-aws/issues/35037)) - **New Resource:** `aws_eks_access_policy_association` ([#35037](https://togithub.com/hashicorp/terraform-provider-aws/issues/35037)) - **New Resource:** `aws_lexv2models_intent` ([#34891](https://togithub.com/hashicorp/terraform-provider-aws/issues/34891)) ENHANCEMENTS: - data-source/aws_eks_cluster: Add `access_config` attribute ([#35037](https://togithub.com/hashicorp/terraform-provider-aws/issues/35037)) - data-source/aws_secretsmanager_secret: Add `created_date` and `last_changed_date` attributes ([#35117](https://togithub.com/hashicorp/terraform-provider-aws/issues/35117)) - data-source/aws_secretsmanager_secret_version: Add `created_date` attribute ([#35117](https://togithub.com/hashicorp/terraform-provider-aws/issues/35117)) - resource/aws_backup_plan: Add `rule.lifecycle.opt_in_to_archive_for_supported_resources` and `rule.copy_action.lifecycle.opt_in_to_archive_for_supported_resources` and arguments ([#34994](https://togithub.com/hashicorp/terraform-provider-aws/issues/34994)) - resource/aws_eks_cluster: Add `access_config` configuration block ([#35037](https://togithub.com/hashicorp/terraform-provider-aws/issues/35037)) - resource/aws_lakeformation_resource: Add `use_service_linked_role` argument ([#35284](https://togithub.com/hashicorp/terraform-provider-aws/issues/35284)) - resource/aws_secretsmanager_secret_rotation: Add `rotate_immediately` argument ([#35105](https://togithub.com/hashicorp/terraform-provider-aws/issues/35105)) BUG FIXES: - resource/aws_datasync_task: Allow `schedule` to be removed successfully ([#35282](https://togithub.com/hashicorp/terraform-provider-aws/issues/35282)) - resource/aws_fis_experiment_template: Fix validation error when not using `target.resource_arns` or `target.resource_tag` attributes. ([#35254](https://togithub.com/hashicorp/terraform-provider-aws/issues/35254)) - resource/aws_lb_listener: Fix `ValidationError: Mutual Authentication mode passthrough does not support ignoring certificate expiry` errors when `mutual_authentication.mode` is set to `passthrough` ([#35289](https://togithub.com/hashicorp/terraform-provider-aws/issues/35289)) - resource/aws_secretsmanager_secret_version: Fix `InvalidParameterException: The parameter RemoveFromVersionId can't be empty. Staging label AWSCURRENT is currently attached to version ..., so you must explicitly reference that version in RemoveFromVersionId` errors when a secret is updated outside Terraform ([#19943](https://togithub.com/hashicorp/terraform-provider-aws/issues/19943)) ### [`v5.32.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5321-January-12-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.32.0...v5.32.1) BUG FIXES: - data-source/aws_ecr_image: Fix error when `most_recent` is not also `latest` ([#35269](https://togithub.com/hashicorp/terraform-provider-aws/issues/35269)) - resource/aws_iot_ca_certificate: Change `registration_config.role_arn` from `TypeBool` to `TypeString`, fixing `Inappropriate value for attribute "role_arn": a bool is required` errors ([#35234](https://togithub.com/hashicorp/terraform-provider-aws/issues/35234)) - resource/aws_mq_broker: Fix `interface conversion: interface {} is *schema.Set, not []string` panic ([#35265](https://togithub.com/hashicorp/terraform-provider-aws/issues/35265)) ### [`v5.32.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5320-January-11-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.31.0...v5.32.0) FEATURES: - **New Data Source:** `aws_mq_broker_engine_types` ([#34232](https://togithub.com/hashicorp/terraform-provider-aws/issues/34232)) - **New Data Source:** `aws_msk_bootstrap_brokers` ([#32484](https://togithub.com/hashicorp/terraform-provider-aws/issues/32484)) - **New Data Source:** `aws_verifiedpermissions_policy_store` ([#32204](https://togithub.com/hashicorp/terraform-provider-aws/issues/32204)) - **New Resource:** `aws_ebs_fast_snapshot_restore` ([#35211](https://togithub.com/hashicorp/terraform-provider-aws/issues/35211)) - **New Resource:** `aws_elasticache_serverless_cache` ([#34951](https://togithub.com/hashicorp/terraform-provider-aws/issues/34951)) - **New Resource:** `aws_imagebuilder_workflow` ([#35097](https://togithub.com/hashicorp/terraform-provider-aws/issues/35097)) - **New Resource:** `aws_kinesis_resource_policy` ([#35167](https://togithub.com/hashicorp/terraform-provider-aws/issues/35167)) - **New Resource:** `aws_prometheus_scraper` ([#34749](https://togithub.com/hashicorp/terraform-provider-aws/issues/34749)) - **New Resource:** `aws_securitylake_aws_log_source` ([#34974](https://togithub.com/hashicorp/terraform-provider-aws/issues/34974)) - **New Resource:** `aws_ssoadmin_application_access_scope` ([#34811](https://togithub.com/hashicorp/terraform-provider-aws/issues/34811)) - **New Resource:** `aws_verifiedpermissions_policy_store` ([#32204](https://togithub.com/hashicorp/terraform-provider-aws/issues/32204)) - **New Resource:** `aws_verifiedpermissions_policy_template` ([#32205](https://togithub.com/hashicorp/terraform-provider-aws/issues/32205)) - **New Resource:** `aws_verifiedpermissions_schema` ([#32204](https://togithub.com/hashicorp/terraform-provider-aws/issues/32204)) ENHANCEMENTS: - data-source/aws_batch_compute_environment: Add `update_policy` attribute ([#34353](https://togithub.com/hashicorp/terraform-provider-aws/issues/34353)) - data-source/aws_ecr_image: Add `image_uri` attribute ([#24526](https://togithub.com/hashicorp/terraform-provider-aws/issues/24526)) - data-source/aws_efs_file_system: Add `lifecycle_policy.transition_to_archive` attribute ([#35096](https://togithub.com/hashicorp/terraform-provider-aws/issues/35096)) - data-source/aws_efs_file_system: Add `protection` attribute ([#35029](https://togithub.com/hashicorp/terraform-provider-aws/issues/35029)) - data-source/aws_elastic_beanstalk_hosted_zone: Add hosted zone ID for `il-central-1` AWS Region ([#35131](https://togithub.com/hashicorp/terraform-provider-aws/issues/35131)) - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for `ca-west-1` AWS Region ([#35131](https://togithub.com/hashicorp/terraform-provider-aws/issues/35131)) - data-source/aws_fsx_ontap_file_system: Add `ha_pairs` and `throughput_capacity_per_ha_pair` attributes ([#34993](https://togithub.com/hashicorp/terraform-provider-aws/issues/34993)) - data-source/aws_glue_catalog_table: Add `region` attribute to `target_table` block. ([#34817](https://togithub.com/hashicorp/terraform-provider-aws/issues/34817)) - data-source/aws_lambda_function: Add `logging_config` attribute ([#35050](https://togithub.com/hashicorp/terraform-provider-aws/issues/35050)) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for `ca-west-1` AWS Region ([#35131](https://togithub.com/hashicorp/terraform-provider-aws/issues/35131)) - data-source/aws_lb_target_group: Add `load_balancing_anomaly_mitigation` attribute ([#35083](https://togithub.com/hashicorp/terraform-provider-aws/issues/35083)) - data-source/aws_msk_configuration: Remove `name` length validation ([#34399](https://togithub.com/hashicorp/terraform-provider-aws/issues/34399)) - data-source/aws_networkfirewall_firewall_policy: Add `firewall_policy.tls_inspection_configuration_arn` attribute ([#35094](https://togithub.com/hashicorp/terraform-provider-aws/issues/35094)) - data-source/aws_prometheus_workspace: Add `kms_key_arn` attribute ([#35062](https://togithub.com/hashicorp/terraform-provider-aws/issues/35062)) - data-source/aws_route53\_resolver_endpoint: Add `protocols` attribute ([#35098](https://togithub.com/hashicorp/terraform-provider-aws/issues/35098)) - data-source/aws_route53\_resolver_endpoint: Add `resolver_endpoint_type` attribute ([#34798](https://togithub.com/hashicorp/terraform-provider-aws/issues/34798)) - data-source/aws_s3\_bucket: Add hosted zone ID for `ca-west-1` AWS Region ([#35131](https://togithub.com/hashicorp/terraform-provider-aws/issues/35131)) - provider: Support `ca-west-1` as a valid AWS Region ([#35131](https://togithub.com/hashicorp/terraform-provider-aws/issues/35131)) - resource/aws_appflow_flow: Add `destination_connector_properties.s3.s3_output_format_config.target_file_size` argument ([#35215](https://togithub.com/hashicorp/terraform-provider-aws/issues/35215)) - resource/aws_appstream_fleet: Increase `idle_disconnect_timeout_in_seconds` max value for validation to 360000 ([#35173](https://togithub.com/hashicorp/terraform-provider-aws/issues/35173)) - resource/aws_autoscaling_group: Add `instance_refresh.preferences.max_healthy_percentage` attribute ([#34929](https://togithub.com/hashicorp/terraform-provider-aws/issues/34929)) - resource/aws_autoscaling_group: Fix `ValidationError: The instance ... is not part of Auto Scaling group ...` errors on resource Delete when disabling scale-in protection for instances that are already fully terminated ([#35071](https://togithub.com/hashicorp/terraform-provider-aws/issues/35071)) - resource/aws_batch_compute_environment: Add `update_policy` parameter ([#34353](https://togithub.com/hashicorp/terraform-provider-aws/issues/34353)) - resource/aws_batch_job_definition: Add `scheduling_priority` argument and `arn_prefix` attribute ([#34997](https://togithub.com/hashicorp/terraform-provider-aws/issues/34997)) - resource/aws_cloud9\_environment_ec2: Add `amazonlinux-2023-x86_64` and `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64` as valid values for `image_id` ([#35020](https://togithub.com/hashicorp/terraform-provider-aws/issues/35020)) - resource/aws_codepipeline: Add `pipeline_type` argument and `variable` configuration block ([#34841](https://togithub.com/hashicorp/terraform-provider-aws/issues/34841)) - resource/aws_dms_replication_task: Allow `cdc_start_time` to use [RFC3339](https://www.rfc-editor.org/rfc/rfc3339) formatted dates in addition to UNIX timestamps ([#31917](https://togithub.com/hashicorp/terraform-provider-aws/issues/31917)) - resource/aws_dms_replication_task: Remove [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) from `replication_instance_arn`, allowing in-place migration between DMS instances ([#30721](https://togithub.com/hashicorp/terraform-provider-aws/issues/30721)) - resource/aws_efs_file_system: Add `lifecycle_policy.transition_to_archive` argument ([#35096](https://togithub.com/hashicorp/terraform-provider-aws/issues/35096)) - resource/aws_efs_file_system: Add `protection` configuration block ([#35029](https://togithub.com/hashicorp/terraform-provider-aws/issues/35029)) - resource/aws_efs_replication_configuration: Increase Create timeout to 20 minutes ([#34955](https://togithub.com/hashicorp/terraform-provider-aws/issues/34955)) - resource/aws_efs_replication_configuration: Mark `destination.file_system_id` as Optional, enabling [EFS replication fallback](https://docs.aws.amazon.com/efs/latest/ug/replication-use-cases.html#replicate-existing-destination) ([#34955](https://togithub.com/hashicorp/terraform-provider-aws/issues/34955)) - resource/aws_finspace_kx_dataview: Increase default create, update, and delete timeouts to 4 hours ([#35207](https://togithub.com/hashicorp/terraform-provider-aws/issues/35207)) - resource/aws_finspace_kx_scaling_group: Increase default create, delete timeouts to 4 hours ([#35206](https://togithub.com/hashicorp/terraform-provider-aws/issues/35206)) - resource/aws_fsx_lustre_file_system: Allow `per_unit_storage_throughput` to be updated in-place ([#34932](https://togithub.com/hashicorp/terraform-provider-aws/issues/34932)) - resource/aws_fsx_ontap_file_system: Add `ha_pairs` and `throughput_capacity_per_ha_pair` arguments ([#34993](https://togithub.com/hashicorp/terraform-provider-aws/issues/34993)) - resource/aws_fsx_ontap_file_system: Increase maximum value of `disk_iops_configuration.iops` to `2400000` ([#34993](https://togithub.com/hashicorp/terraform-provider-aws/issues/34993)) - resource/aws_fsx_ontap_file_system: `throughput_capacity` is Optional ([#34993](https://togithub.com/hashicorp/terraform-provider-aws/issues/34993)) - resource/aws_glue_catalog_table: Add `region` attribute to `target_table` block. ([#34817](https://togithub.com/hashicorp/terraform-provider-aws/issues/34817)) - resource/aws_glue_classifier: Add `csv_classifier.serde` argument ([#34251](https://togithub.com/hashicorp/terraform-provider-aws/issues/34251)) - resource/aws_kinesis_firehose_delivery_stream: Add `opensearch_configuration.document_id_options` configuration block ([#35137](https://togithub.com/hashicorp/terraform-provider-aws/issues/35137)) - resource/aws_kinesis_firehose_delivery_stream: Add `splunk_configuration.buffering_interval` and `splunk_configuration.buffering_size` arguments ([#35137](https://togithub.com/hashicorp/terraform-provider-aws/issues/35137)) - resource/aws_kinesis_firehose_delivery_stream: Adjust `elasticsearch_configuration.buffering_interval`, `http_endpoint_configuration.buffering_interval`, `opensearch_configuration.buffering_interval`, `opensearchserverless_configuration.buffering_interval`, `redshift_configuration.s3_backup_configuration.buffering_interval`,`extended_s3_configuration.s3_backup_configuration.buffering_interval`, `elasticsearch_configuration.s3_configuration.buffering_interval`, `http_endpoint_configuration.s3_configuration.buffering_interval`, `opensearch_configuration.s3_configuration.buffering_interval`, `opensearchserverless_configuration.s3_configuration.buffering_interval`, `redshift_configuration.s3_configuration.buffering_interval` and `splunk_configuration.s3_configuration.buffering_interval` minimum values to `0` to support zero buffering ([#35137](https://togithub.com/hashicorp/terraform-provider-aws/issues/35137)) - resource/aws_kms_key: Add `xks_key_id` attribute ([#31216](https://togithub.com/hashicorp/terraform-provider-aws/issues/31216)) - resource/aws_lambda_function: Add `logging_config` configuration block in support of [advanced logging controls](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-cloudwatchlogs.html#monitoring-cloudwatchlogs-advanced) ([#35050](https://togithub.com/hashicorp/terraform-provider-aws/issues/35050)) - resource/aws_lambda_function: Add support for `python3.12` `runtime` value ([#35049](https://togithub.com/hashicorp/terraform-provider-aws/issues/35049)) - resource/aws_lambda_layer_version: Add support for `python3.12` `compatible_runtimes` value ([#35049](https://togithub.com/hashicorp/terraform-provider-aws/issues/35049)) - resource/aws_lb_target_group: Add `load_balancing_anomaly_mitigation` argument ([#35083](https://togithub.com/hashicorp/terraform-provider-aws/issues/35083)) - resource/aws_lb_target_group: Add `weighted_random` as a valid value for `load_balancing_algorithm_type` ([#35083](https://togithub.com/hashicorp/terraform-provider-aws/issues/35083)) - resource/aws_neptune_cluster: Add `storage_type` argument ([#34985](https://togithub.com/hashicorp/terraform-provider-aws/issues/34985)) - resource/aws_neptune_cluster_instance: Add `storage_type` attribute ([#34985](https://togithub.com/hashicorp/terraform-provider-aws/issues/34985)) - resource/aws_networkfirewall_firewall: Add configurable timeouts ([#34918](https://togithub.com/hashicorp/terraform-provider-aws/issues/34918)) - resource/aws_networkfirewall_firewall_policy: Add `firewall_policy.tls_inspection_configuration_arn` argument ([#35094](https://togithub.com/hashicorp/terraform-provider-aws/issues/35094)) - resource/aws_prometheus_workspace: Add `kms_key_arn` argument, enabling encryption at-rest using AWS KMS Customer Managed Keys (CMK) ([#35062](https://togithub.com/hashicorp/terraform-provider-aws/issues/35062)) - resource/aws_redshiftserverless_workgroup: Add `port` argument ([#34925](https://togithub.com/hashicorp/terraform-provider-aws/issues/34925)) - resource/aws_route53\_resolver_endpoint: Add `protocols` argument ([#35098](https://togithub.com/hashicorp/terraform-provider-aws/issues/35098)) - resource/aws_route53\_resolver_endpoint: Add `resolver_endpoint_type` argument ([#34798](https://togithub.com/hashicorp/terraform-provider-aws/issues/34798)) - resource/aws_s3\_bucket: Modify resource Read to support third-party S3 API implementations. Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#35035](https://togithub.com/hashicorp/terraform-provider-aws/issues/35035)) - resource/aws_s3\_bucket: Modify server-side encryption configuration error handling, enabling support for NetApp StorageGRID ([#34890](https://togithub.com/hashicorp/terraform-provider-aws/issues/34890)) - resource/aws_transfer_server: Add `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04` as valid values for `security_policy_name` ([#35129](https://togithub.com/hashicorp/terraform-provider-aws/issues/35129)) - resource/aws_verifiedaccess_endpoint: Add `policy_document` argument ([#34264](https://togithub.com/hashicorp/terraform-provider-aws/issues/34264)) BUG FIXES: - data-source/aws_lb_target_group: Change `deregistration_delay` from `TypeInt` to `TypeString` ([#31436](https://togithub.com/hashicorp/terraform-provider-aws/issues/31436)) - data-source/aws_s3\_bucket_object: Remove any leading `./` from `key` to maintain AWS SDK for Go v1 (pre-v5.17.0) compatibility ([#35223](h

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

cds-snc / dns