hashicorp/terraform-provider-aws
### [`v4.58.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4580-March-10-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.57.1...v4.58.0)
FEATURES:
- **New Data Source:** `aws_ecs_task_execution` ([#29783](https://togithub.com/hashicorp/terraform-provider-aws/issues/29783))
- **New Data Source:** `aws_licensemanager_grants` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741))
- **New Data Source:** `aws_licensemanager_received_license` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741))
- **New Data Source:** `aws_licensemanager_received_licenses` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741))
- **New Resource:** `aws_licensemanager_grant` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741))
- **New Resource:** `aws_licensemanager_grant_accepter` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741))
ENHANCEMENTS:
- data-source/aws_ec2\_transit_gateway_attachment: Add `association_state` and `association_transit_gateway_route_table_id` attributes ([#29648](https://togithub.com/hashicorp/terraform-provider-aws/issues/29648))
- data-source/aws_instances: Add `ipv6_addresses` attribute ([#29794](https://togithub.com/hashicorp/terraform-provider-aws/issues/29794))
- resource/aws_acm_certificate: Change `options` to `Computed` ([#29763](https://togithub.com/hashicorp/terraform-provider-aws/issues/29763))
- resource/aws_amplify_domain_association: Add `enable_auto_sub_domain` argument ([#29814](https://togithub.com/hashicorp/terraform-provider-aws/issues/29814))
- resource/aws_cloudhsm_v2\_hsm: Enforce `ExactlyOneOf` for `availability_zone` and `subnet_id` arguments ([#20891](https://togithub.com/hashicorp/terraform-provider-aws/issues/20891))
- resource/aws_db_instance: Add `listener_endpoint` attribute ([#28434](https://togithub.com/hashicorp/terraform-provider-aws/issues/28434))
- resource/aws_db_instance: Add plan time validations for `backup_retention_period`, `monitoring_interval`, and `monitoring_role_arn` ([#28434](https://togithub.com/hashicorp/terraform-provider-aws/issues/28434))
- resource/aws_flow_log: Add `deliver_cross_account_role` argument ([#29254](https://togithub.com/hashicorp/terraform-provider-aws/issues/29254))
- resource/aws_grafana_workspace: Add `network_access_control` argument ([#29793](https://togithub.com/hashicorp/terraform-provider-aws/issues/29793))
- resource/aws_sesv2\_configuration_set: Add `vdm_options` argument ([#28812](https://togithub.com/hashicorp/terraform-provider-aws/issues/28812))
- resource/aws_transfer_server: Add `protocol_details` argument ([#28621](https://togithub.com/hashicorp/terraform-provider-aws/issues/28621))
- resource/aws_transfer_workflow: Add `decrypt_step_details` to the `on_exception_steps` and `steps` configuration blocks ([#29692](https://togithub.com/hashicorp/terraform-provider-aws/issues/29692))
- resource/db_snapshot: Add `shared_accounts` argument ([#28424](https://togithub.com/hashicorp/terraform-provider-aws/issues/28424))
BUG FIXES:
- resource/aws_acm_certificate: Update `options.certificate_transparency_logging_preference` in place rather than replacing the resource ([#29763](https://togithub.com/hashicorp/terraform-provider-aws/issues/29763))
- resource/aws_batch_job_definition: Prevents perpetual diff when container properties environment variable has empty value. ([#29820](https://togithub.com/hashicorp/terraform-provider-aws/issues/29820))
- resource/aws_elastic_beanstalk_configuration_template: Map errors like `InvalidParameterValue: No Platform named '...' found.` to `resource.NotFoundError` so `terraform refesh` correctly removes the resource from state ([#29863](https://togithub.com/hashicorp/terraform-provider-aws/issues/29863))
- resource/aws_flow_log: Fix IAM eventual consistency errors on resource Create ([#29254](https://togithub.com/hashicorp/terraform-provider-aws/issues/29254))
- resource/aws_grafana_workspace: Allow removing `vpc_configuration` ([#29793](https://togithub.com/hashicorp/terraform-provider-aws/issues/29793))
- resource/aws_medialive_channel: Fix setting of the `include_fec` attribute in `fec_output_settings` ([#29808](https://togithub.com/hashicorp/terraform-provider-aws/issues/29808))
- resource/aws_medialive_channel: Fix setting of the `video_pid` attribute in `m2ts_settings` ([#29824](https://togithub.com/hashicorp/terraform-provider-aws/issues/29824))
### [`v4.57.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4571-March-6-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.57.0...v4.57.1)
BUG FIXES:
- resource/aws_lambda_function: Prevent `Provider produced inconsistent final plan` errors produced by null `skip_destroy` attribute value. NOTE: Because the maintainers have been unable to reproduce the reported problem, the fix is best effort and we ask for community support in verifying the fix. ([#29812](https://togithub.com/hashicorp/terraform-provider-aws/issues/29812))
### [`v4.57.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4570-March-3-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.56.0...v4.57.0)
NOTES:
- resource/aws_dms_endpoint: The `s3_settings` argument has been deprecated. All configurations using `aws_dms_endpoint.*.s3_settings` should be updated to use the `aws_dms_s3_endpoint` resource instead ([#29728](https://togithub.com/hashicorp/terraform-provider-aws/issues/29728))
- resource/aws_networkmanager_core_network: The `base_policy_region` argument is being deprecated in favor of the new `base_policy_regions` argument. ([#29623](https://togithub.com/hashicorp/terraform-provider-aws/issues/29623))
FEATURES:
- **New Resource:** `aws_lightsail_bucket_resource_access` ([#29460](https://togithub.com/hashicorp/terraform-provider-aws/issues/29460))
ENHANCEMENTS:
- data-source/aws_launch_template: Add `instance_requirements.allowed_instance_types` and `instance_requirements.network_bandwidth_gbps` attributes ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140))
- resource/aws_autoscaling_group: Add `auto_rollback` to the `instance_refresh.preferences` configuration block ([#29513](https://togithub.com/hashicorp/terraform-provider-aws/issues/29513))
- resource/aws_autoscaling_group: Add `mixed_instances_policy.launch_template.override.instance_requirements.allowed_instance_types` and `mixed_instances_policy.launch_template.override.instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140))
- resource/aws_autoscaling_policy: Add `metrics` to the `target_tracking_configuration.customized_metric_specification` configuration block in support of [metric math](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-target-tracking-metric-math.html) ([#28560](https://togithub.com/hashicorp/terraform-provider-aws/issues/28560))
- resource/aws_cloudtrail_event_data_store: Add `kms_key_id` argument ([#29224](https://togithub.com/hashicorp/terraform-provider-aws/issues/29224))
- resource/aws_dms_endpoint: Add ability to use AWS Secrets Manager with the `db2` engine ([#29380](https://togithub.com/hashicorp/terraform-provider-aws/issues/29380))
- resource/aws_dms_endpoint: Add support for `azure-sql-managed-instance` `engine_name` value ([#28960](https://togithub.com/hashicorp/terraform-provider-aws/issues/28960))
- resource/aws_dms_s3\_endpoint: Add `detach_target_on_lob_lookup_failure_parquet` argument ([#29772](https://togithub.com/hashicorp/terraform-provider-aws/issues/29772))
- resource/aws_ec2\_fleet: Add `fleet_instance_set`, `fleet_state`, `fulfilled_capacity`, and `fulfilled_on_demand_capacity` attributes ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181))
- resource/aws_ec2\_fleet: Add `launch_template_config.override.instance_requirements.allowed_instance_types` and `launch_template_config.override.instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140))
- resource/aws_ec2\_fleet: Add `on_demand_options.capacity_reservation_options`,`on_demand_options.max_total_price`, `on_demand_options.min_target_capacity`, `on_demand_options.single_availability_zone` and `on_demand_options.single_instance_type` arguments ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181))
- resource/aws_ec2\_fleet: Add `spot_options.maintenance_strategies.capacity_rebalance.termination_delay` argument ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181))
- resource/aws_ec2\_fleet: Add `valid_from` and `valid_until` arguments ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181))
- resource/aws_lambda_function: Add `skip_destroy` argument ([#29646](https://togithub.com/hashicorp/terraform-provider-aws/issues/29646))
- resource/aws_lambda_function: Add configurable timeout for Delete ([#29646](https://togithub.com/hashicorp/terraform-provider-aws/issues/29646))
- resource/aws_lambda_function: Add plan time validators for `memory_size`, `role`, and `timeout` ([#29721](https://togithub.com/hashicorp/terraform-provider-aws/issues/29721))
- resource/aws_lambda_function: Retry (up to the configurable timeout) deletion of replicated Lambda@Edge functions ([#29646](https://togithub.com/hashicorp/terraform-provider-aws/issues/29646))
- resource/aws_launch_template: Add `instance_requirements.allowed_instance_types` and `instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140))
- resource/aws_networkmanager_core_network: Add `base_policy_regions` argument ([#29623](https://togithub.com/hashicorp/terraform-provider-aws/issues/29623))
- resource/aws_spot_fleet_request: Add `launch_template_config.overrides.instance_requirements.allowed_instance_types` and `launch_template_config.overrides.instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140))
- resource/aws_transfer_server: Add support for `on_partial_upload` block on the `workflow_details` attribute. ([#27730](https://togithub.com/hashicorp/terraform-provider-aws/issues/27730))
- resource/aws_transfer_user: Add configurable timeout for Delete ([#27563](https://togithub.com/hashicorp/terraform-provider-aws/issues/27563))
BUG FIXES:
- resource/aws_dms_endpoint: Trigger updates based on adding new `extra_connection_attributes` ([#29772](https://togithub.com/hashicorp/terraform-provider-aws/issues/29772))
- resource/aws_instance: When encountering `InsufficientInstanceCapacity` errors, do not retry in order to fail faster, as this error is typically not resolvable in the near future ([#21293](https://togithub.com/hashicorp/terraform-provider-aws/issues/21293))
- resource/aws_transfer_server: Allow the removal of `workflow_details` attribute. ([#27730](https://togithub.com/hashicorp/terraform-provider-aws/issues/27730))
- resource/aws_transfer_user: Fix bug preventing removal of all `home_directory_mappings` due to empty list validation error ([#27563](https://togithub.com/hashicorp/terraform-provider-aws/issues/27563))
### [`v4.56.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4560-February-24-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.55.0...v4.56.0)
NOTES:
- resource/aws_lambda_function: Updated to AWS SDK V2 ([#29615](https://togithub.com/hashicorp/terraform-provider-aws/issues/29615))
FEATURES:
- **New Data Source:** `aws_vpc_security_group_rule` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484))
- **New Data Source:** `aws_vpc_security_group_rules` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484))
- **New Resource:** `aws_networkmanager_connect_peer` ([#29296](https://togithub.com/hashicorp/terraform-provider-aws/issues/29296))
- **New Resource:** `aws_vpc_security_group_egress_rule` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484))
- **New Resource:** `aws_vpc_security_group_ingress_rule` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484))
ENHANCEMENTS:
- data-source/aws_ecr_image: Add `most_recent` argument to return the most recently pushed image ([#26857](https://togithub.com/hashicorp/terraform-provider-aws/issues/26857))
- data-source/aws_ecr_repository: Add `most_recent_image_tags` attribute containing the most recently pushed image tag(s) in an ECR repository ([#26857](https://togithub.com/hashicorp/terraform-provider-aws/issues/26857))
- resource/aws_lb_ssl_negotiation_policy: Add `triggers` attribute to force resource updates ([#29482](https://togithub.com/hashicorp/terraform-provider-aws/issues/29482))
- resource/aws_load_balancer_listener_policy: Add `triggers` attribute to force resource updates ([#29482](https://togithub.com/hashicorp/terraform-provider-aws/issues/29482))
- resource/aws_organizations_policy: Add `skip_destroy` attribute ([#29382](https://togithub.com/hashicorp/terraform-provider-aws/issues/29382))
- resource/aws_organizations_policy_attachment: Add `skip_destroy` attribute ([#29382](https://togithub.com/hashicorp/terraform-provider-aws/issues/29382))
- resource/aws_sns_topic: Add `signature_version` and `tracing_config` arguments ([#29462](https://togithub.com/hashicorp/terraform-provider-aws/issues/29462))
BUG FIXES:
- resource/aws_acmpca_certificate_authority: `revocation_configuration.crl_configuration.expiration_in_days` is Optional ([#29613](https://togithub.com/hashicorp/terraform-provider-aws/issues/29613))
- resource/aws_default_vpc: Change `enable_network_address_usage_metrics` to Optional+Computed, matching the `aws_vpc` resource ([#29607](https://togithub.com/hashicorp/terraform-provider-aws/issues/29607))
- resource/aws_lambda_function: Fix missing `ValidationException` message body ([#29615](https://togithub.com/hashicorp/terraform-provider-aws/issues/29615))
- resource/aws_medialive_channel: Fix setting of `m2ts_settings` `arib_captions_pid` and `arib_captions_pid_control` attributes ([#29467](https://togithub.com/hashicorp/terraform-provider-aws/issues/29467))
- resource/aws_resourceexplorer2\_view: Fix `Unexpected Planned Resource State on Destroy` errors when using Terraform CLI v1.3 and above ([#29550](https://togithub.com/hashicorp/terraform-provider-aws/issues/29550))
- resource/aws_servicecatalog_provisioned_product: Fix to allow `outputs` to be `Computed` when the resource changes ([#29559](https://togithub.com/hashicorp/terraform-provider-aws/issues/29559))
- resource/aws_sns_topic_subscription: Fix `filter_policy_scope` update from `MessageAttributes` to `MessageBody` with nested objects in `filter_policy` ([#28572](https://togithub.com/hashicorp/terraform-provider-aws/issues/28572))
- resource/aws_wafv2\_web_acl: Prevent erroneous diffs and attempts to remove AWS-added rule when applying to CF distribution using AWS Shield to automatically mitigate DDoS ([#29575](https://togithub.com/hashicorp/terraform-provider-aws/issues/29575))
### [`v4.55.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4550-February-16-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.54.0...v4.55.0)
FEATURES:
- **New Data Source:** `aws_organizations_organizational_unit_child_accounts` ([#24350](https://togithub.com/hashicorp/terraform-provider-aws/issues/24350))
- **New Data Source:** `aws_organizations_organizational_unit_descendant_accounts` ([#24350](https://togithub.com/hashicorp/terraform-provider-aws/issues/24350))
- **New Resource:** `aws_route53_cidr_collection` ([#29407](https://togithub.com/hashicorp/terraform-provider-aws/issues/29407))
- **New Resource:** `aws_route53_cidr_location` ([#29407](https://togithub.com/hashicorp/terraform-provider-aws/issues/29407))
- **New Resource:** `aws_vpc_ipam_resource_discovery` ([#29216](https://togithub.com/hashicorp/terraform-provider-aws/issues/29216))
- **New Resource:** `aws_vpc_ipam_resource_discovery_association` ([#29216](https://togithub.com/hashicorp/terraform-provider-aws/issues/29216))
ENHANCEMENTS:
- data-source/aws_s3\_bucket_object: Expand content types that can be read from S3 to include some human-readable application types (e.g., `application/xml`, `application/atom+xml`) ([#27704](https://togithub.com/hashicorp/terraform-provider-aws/issues/27704))
- data-source/aws_s3\_object: Expand content types that can be read from S3 to include some human-readable application types (e.g., `application/xml`, `application/atom+xml`) ([#27704](https://togithub.com/hashicorp/terraform-provider-aws/issues/27704))
- resource/aws_autoscaling_policy: Make `resource_label` optional in `predefined_load_metric_specification`, `predefined_metric_pair_specification`, and `predefined_scaling_metric_specification` ([#29277](https://togithub.com/hashicorp/terraform-provider-aws/issues/29277))
- resource/aws_cloudwatch_log_group: Allow `retention_in_days` attribute to accept a three year retention period (1096 days) ([#29426](https://togithub.com/hashicorp/terraform-provider-aws/issues/29426))
- resource/aws_db_proxy: Add `auth.client_password_auth_type` attribute ([#28432](https://togithub.com/hashicorp/terraform-provider-aws/issues/28432))
- resource/aws_firehose_delivery_stream: Add `ForceNew` to `dynamic_partitioning_configuration` attribute ([#29093](https://togithub.com/hashicorp/terraform-provider-aws/issues/29093))
- resource/aws_firehose_delivery_stream: Add configurable timeouts for create, update, and delete ([#28469](https://togithub.com/hashicorp/terraform-provider-aws/issues/28469))
- resource/aws_neptune_cluster: Add `neptune_instance_parameter_group_name` argument, used only when upgrading major version ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051))
- resource/aws_neptune_global_cluster: Increase Update timeout to 120 minutes (per global cluster member) ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051))
- resource/aws_route53\_cidr_location: Add `cidr_routing_policy` argument ([#29407](https://togithub.com/hashicorp/terraform-provider-aws/issues/29407))
- resource/aws_s3\_bucket: Accept 'NoSuchTagSetError' responses from S3-compatible services ([#28530](https://togithub.com/hashicorp/terraform-provider-aws/issues/28530))
- resource/aws_s3\_bucket: Add error handling for `NotImplemented` errors when reading `lifecycle_rule` or `replication_configuration` into terraform state. ([#28790](https://togithub.com/hashicorp/terraform-provider-aws/issues/28790))
- resource/aws_s3\_object: Accept 'NoSuchTagSetError' responses from S3-compatible services ([#28530](https://togithub.com/hashicorp/terraform-provider-aws/issues/28530))
BUG FIXES:
- data-source/aws_elb: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202))
- resource/aws_appflow_connector_profile: Fix bug in connector_profile_config.0.connector_profile_properties.0.sapo_data.0.logon_language validation regex ([#28550](https://togithub.com/hashicorp/terraform-provider-aws/issues/28550))
- resource/aws_appflow_flow: Fix misspelled `source_connector_properties.0.sapo_data.0.object`, which never worked, to be `object_path` ([#28600](https://togithub.com/hashicorp/terraform-provider-aws/issues/28600))
- resource/aws_appmesh_route: Fix RequiredWith setting for `spec.0.grpc_route.0.match.0.method_name` attribute ([#29217](https://togithub.com/hashicorp/terraform-provider-aws/issues/29217))
- resource/aws_autoscaling_policy: Fix type of target_value for predictive scaling ([#28444](https://togithub.com/hashicorp/terraform-provider-aws/issues/28444))
- resource/aws_cloudfront_response_headers_policy: Allow `server_timing_headers_config.0.sampling_rate` to be `0` ([#27778](https://togithub.com/hashicorp/terraform-provider-aws/issues/27778))
- resource/aws_codebuild_project: Fix err check on delete ([#29042](https://togithub.com/hashicorp/terraform-provider-aws/issues/29042))
- resource/aws_ecs_service: Allow multiple `service` blocks within `service_connect_configuration` ([#28813](https://togithub.com/hashicorp/terraform-provider-aws/issues/28813))
- resource/aws_ecs_service: Mark `service_connect_configuration.service.client_alias` as optional and ensure that only 1 such block can be provided ([#28813](https://togithub.com/hashicorp/terraform-provider-aws/issues/28813))
- resource/aws_ecs_service: Require `service_connect_configuration.log_configuration.log_driver` to be provided ([#28813](https://togithub.com/hashicorp/terraform-provider-aws/issues/28813))
- resource/aws_elb: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202))
- resource/aws_emr_cluster: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202))
- resource/aws_globalaccelerator_endpoint_group: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202))
- resource/aws_kms_key: Increase `policy propagation` eventual consistency timeouts from 5 minutes to 10 minutes ([#28636](https://togithub.com/hashicorp/terraform-provider-aws/issues/28636))
- resource/aws_medialive_channel: Fix issue causing `dbv_sub_pids` attribute to be configured incorrectly in `m2ts_settings` ([#29371](https://togithub.com/hashicorp/terraform-provider-aws/issues/29371))
- resource/aws_medialive_channel: Fix issue preventing `audio_pids` attribute from being configured in `m2ts_settings` ([#29371](https://togithub.com/hashicorp/terraform-provider-aws/issues/29371))
- resource/aws_neptune_cluster: Fix [restore-from-snapshot functionality](https://docs.aws.amazon.com/neptune/latest/userguide/backup-restore-restore-snapshot.html) using the `snapshot_identifier` argument on resource Create ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051))
- resource/aws_neptune_cluster: Fix major version upgrade ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051))
- resource/aws_sagemaker_user_profile: Change `user_settings.0.jupyter_server_app_settings.0.default_resource_spec` to be optional ([#28581](https://togithub.com/hashicorp/terraform-provider-aws/issues/28581))
### [`v4.54.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4540-February-9-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.53.0...v4.54.0)
NOTES:
- provider: Resolves provider crashes reporting `Error: Plugin did not respond` and `fatal error: concurrent map writes` with updated upstream package (`terraform-plugin-log`) ([#29269](https://togithub.com/hashicorp/terraform-provider-aws/issues/29269))
- resource/aws_networkmanager_core_network: The `policy_document` attribute is being deprecated in favor of the new `aws_networkmanager_core_network_policy_attachment` resource. ([#29097](https://togithub.com/hashicorp/terraform-provider-aws/issues/29097))
FEATURES:
- **New Resource:** `aws_evidently_launch` ([#28752](https://togithub.com/hashicorp/terraform-provider-aws/issues/28752))
- **New Resource:** `aws_lightsail_bucket_access_key` ([#28699](https://togithub.com/hashicorp/terraform-provider-aws/issues/28699))
- **New Resource:** `aws_networkmanager_core_network_policy_attachment` ([#29097](https://togithub.com/hashicorp/terraform-provider-aws/issues/29097))
ENHANCEMENTS:
- data-source/aws_cloudtrail_service_account: Add service account ID for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103))
- data-source/aws_elb_hosted_zone_id: Add hosted zone ID for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103))
- data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103))
- data-source/aws_s3\_bucket: Add hosted zone ID for `ap-south-2` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103))
- data-source/aws_s3\_bucket: Add hosted zone ID for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103))
- provider: Support `ap-southeast-4` as a valid AWS region ([#29329](https://togithub.com/hashicorp/terraform-provider-aws/issues/29329))
- resource/aws_dynamodb_table: Add `arn`, `stream_arn`, and `stream_label` attributes to `replica` to obtain this information for replicas ([#29269](https://togithub.com/hashicorp/terraform-provider-aws/issues/29269))
- resource/aws_efs_mount_target: Add configurable timeouts for Create and Delete ([#27991](https://togithub.com/hashicorp/terraform-provider-aws/issues/27991))
- resource/aws_lambda_function: Add `replace_security_groups_on_destroy` and `replacement_security_group_ids` attributes ([#29289](https://togithub.com/hashicorp/terraform-provider-aws/issues/29289))
- resource/aws_networkfirewall_firewall: Add `ip_address_type` attribute to the `subnet_mapping` configuration block ([#29010](https://togithub.com/hashicorp/terraform-provider-aws/issues/29010))
- resource/aws_networkmanager_core_network: Add `base_policy_region` and `create_base_policy` arguments ([#29097](https://togithub.com/hashicorp/terraform-provider-aws/issues/29097))
BUG FIXES:
- data-source/aws_kms_key: Reinstate support for KMS multi-Region key ID or ARN values for the `key_id` argument ([#29266](https://togithub.com/hashicorp/terraform-provider-aws/issues/29266))
- resource/aws_cloudwatch_log_group: Fix IAM eventual consistency error when setting a retention policy ([#29325](https://togithub.com/hashicorp/terraform-provider-aws/issues/29325))
- resource/aws_dynamodb_table: Avoid recreating table replicas when enabling PITR on them ([#29269](https://togithub.com/hashicorp/terraform-provider-aws/issues/29269))
- resource/aws_ec2\_client_vpn_endpoint: Change `authentication_options` from `TypeList` to `TypeSet` as order is not significant ([#29294](https://togithub.com/hashicorp/terraform-provider-aws/issues/29294))
- resource/aws_kms_grant: Retries until valid principal ARNs are returned instead of not updating state ([#29245](https://togithub.com/hashicorp/terraform-provider-aws/issues/29245))
- resource/aws_opsworks_permission: `stack_id` and `user_arn` are both Required and ForceNew ([#27991](https://togithub.com/hashicorp/terraform-provider-aws/issues/27991))
- resource/aws_prometheus_workspace: Create a logging configuration on resource update if none existed previously ([#27472](https://togithub.com/hashicorp/terraform-provider-aws/issues/27472))
- resource/aws_s3\_bucket: Fix crash when `logging` is empty ([#29243](https://togithub.com/hashicorp/terraform-provider-aws/issues/29243))
- resource/aws_sns_topic: Fixes potential race condition when reading policy document. ([#29226](https://togithub.com/hashicorp/terraform-provider-aws/issues/29226))
- resource/aws_sns_topic_policy: Fixes potential race condition when reading policy document. ([#29226](https://togithub.com/hashicorp/terraform-provider-aws/issues/29226))
### [`v4.53.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4530-February-3-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.52.0...v4.53.0)
ENHANCEMENTS:
- provider: Adds structured fields in logging ([#29223](https://togithub.com/hashicorp/terraform-provider-aws/issues/29223))
- provider: Masks authentication fields in HTTP header logging ([#29223](https://togithub.com/hashicorp/terraform-provider-aws/issues/29223))
### [`v4.52.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4520-January-27-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.51.0...v4.52.0)
NOTES:
- resource/aws_dynamodb_table: In the past, in certain situations, `kms_key_arn` could be populated with the default DynamoDB key `alias/aws/dynamodb`. This was an error because it would then be sent back to AWS and should not be. ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_dynamodb_table: In the past, in certain situations, `server_side_encryption.0.kms_key_arn` or `replica.*.kms_key_arn` could be populated with the default DynamoDB key `alias/aws/dynamodb`. This was an error because it would then be sent back to AWS and should not be. ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_dynamodb_table: Updating `replica.*.kms_key_arn` or `replica.*.point_in_time_recovery`, when the `replica`'s `kms_key_arn` is set, requires recreating the replica. ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_dynamodb_table_replica: Updating `kms_key_arn` forces replacement of the replica now as required to re-encrypt the replica ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
FEATURES:
- **New Data Source:** `aws_auditmanager_framework` ([#28989](https://togithub.com/hashicorp/terraform-provider-aws/issues/28989))
- **New Resource:** `aws_auditmanager_assessment_delegation` ([#29099](https://togithub.com/hashicorp/terraform-provider-aws/issues/29099))
- **New Resource:** `aws_auditmanager_framework_share` ([#29049](https://togithub.com/hashicorp/terraform-provider-aws/issues/29049))
- **New Resource:** `aws_auditmanager_organization_admin_account_registration` ([#29018](https://togithub.com/hashicorp/terraform-provider-aws/issues/29018))
ENHANCEMENTS:
- resource/aws_wafv2\_rule_group: Add `oversize_handling` argument to `body` block of the `field_to_match` block ([#29082](https://togithub.com/hashicorp/terraform-provider-aws/issues/29082))
BUG FIXES:
- resource/aws_api_gateway_integration: Prevent drift of `connection_type` attribute when `aws_api_gateway_deployment` `triggers` are used ([#29016](https://togithub.com/hashicorp/terraform-provider-aws/issues/29016))
- resource/aws_dynamodb_table: Fix perpetual diffs when using default AWS-managed keys ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_dynamodb_table: Fix to allow updating of `replica.*.kms_key_arn` ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_dynamodb_table: Fix to allow updating of `replica.*.point_in_time_recovery` when a `replica` has `kms_key_arn` set ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_dynamodb_table: Fix unexpected state 'DISABLED' error when waiting for PITR to update ([#29086](https://togithub.com/hashicorp/terraform-provider-aws/issues/29086))
- resource/aws_dynamodb_table_replica: Fix to allow creation of the replica without errors when `kms_key_arn` is set ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_dynamodb_table_replica: Fix to allow updating of `kms_key_arn` ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102))
- resource/aws_medialive_channel: Add missing `rate_control_mode` in `acc_settings` for `audio_descriptions` ([#29051](https://togithub.com/hashicorp/terraform-provider-aws/issues/29051))
- resource/aws_medialive_input: Fix eventual consistency error when updating ([#29051](https://togithub.com/hashicorp/terraform-provider-aws/issues/29051))
- resource/aws_vpc_ipam_pool_cidr_allocation: Added support for eventual consistency on read operations after create. ([#29022](https://togithub.com/hashicorp/terraform-provider-aws/issues/29022))
- resource/aws_wafv2\_web_acl: Fix error when setting `aws_managed_rules_bot_control_rule_set` in `manage_rule_group_config` ([#28810](https://togithub.com/hashicorp/terraform-provider-aws/issues/28810))
### [`v4.51.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4510-January-19-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.50.0...v4.51.0)
NOTES:
- resource/aws_ce_anomaly_subscription: Deprecate `threshold` argument in favour of `threshold_expression` ([#28573](https://togithub.com/hashicorp/terraform-provider-aws/issues/28573))
FEATURES:
- **New Data Source:** `aws_auditmanager_control` ([#28967](https://togithub.com/hashicorp/terraform-provider-aws/issues/28967))
- **New Resource:** `aws_datasync_location_object_storage` ([#23154](https://togithub.com/hashicorp/terraform-provider-aws/issues/23154))
- **New Resource:** `aws_rds_export_task` ([#28831](https://togithub.com/hashicorp/terraform-provider-aws/issues/28831))
- **New Resource:** `aws_resourceexplorer2_view` ([#28841](https://togithub.com/hashicorp/terraform-provider-aws/issues/28841))
ENHANCEMENTS:
- resource/aws_appmesh_gateway_route: Add `port` on the `match` attribute for routes ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799))
- resource/aws_appmesh_route: Add `port` on the `weighted_target` attribute ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799))
- resource/aws_appmesh_virtual_gateway: Add the functionality to be able specify multi listeners ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799))
- resource/aws_appmesh_virtual_node: Add the functionality to be able specify multi listeners ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799))
- resource/aws_appmesh_virtual_router: Add the functionality to be able specify multi listeners ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799))
- resource/aws_apprunner_service: Add `source_configuration.code_repository.code_configuration.runtime_environment_secrets` and `source_configuration.image_repository.image_configuration.runtime_environment_secrets` argument ([#28871](https://togithub.com/hashicorp/terraform-provider-aws/issues/28871))
- resource/aws_ce_anomaly_subscription: Add `threshold_expression` argument ([#28573](https://togithub.com/hashicorp/terraform-provider-aws/issues/28573))
- resource/aws_grafana_workspace: Add `configuration` argument ([#28569](https://togithub.com/hashicorp/terraform-provider-aws/issues/28569))
- resource/aws_imagbuilder_component: Add `skip_destroy` argument ([#28905](https://togithub.com/hashicorp/terraform-provider-aws/issues/28905))
- resource/aws_lambda_event_source_mapping: Add `scaling_config` argument ([#28876](https://togithub.com/hashicorp/terraform-provider-aws/issues/28876))
- resource/aws_lambda_function: Add configurable timeout for Update ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963))
- resource/aws_rum_app_monitor: Add `custom_events` argument ([#28431](https://togithub.com/hashicorp/terraform-provider-aws/issues/28431))
- resource/aws_servicecatalog_portfolio_share: Add `share_principals` argument ([#28619](https://togithub.com/hashicorp/terraform-provider-aws/issues/28619))
BUG FIXES:
- data-source/aws_eks_cluster: Add `outpost_config.control_plane_placement` attribute ([#28924](https://togithub.com/hashicorp/terraform-provider-aws/issues/28924))
- data-source/aws_identitystore_group: Restore use of `ListGroups` API when `filter` is specified ([#28937](https://togithub.com/hashicorp/terraform-provider-aws/issues/28937))
- data-source/aws_identitystore_user: Restore use of `ListUsers` API when `filter` is specified ([#28937](https://togithub.com/hashicorp/terraform-provider-aws/issues/28937))
- data-source/aws_lambda_function: Fix `AccessDeniedException` errors in [AWS Regions where AWS Signer is not supported](https://docs.aws.amazon.com/general/latest/gr/signer.html#signer_lambda_region) ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963))
- data-source/aws_lambda_function: Remove any qualifier from `invoke_arn` ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963))
- resource/aws_appstream_image_builder: Fix IAM eventual consistency error for optional role ([#26677](https://togithub.com/hashicorp/terraform-provider-aws/issues/26677))
- resource/aws_appstream_image_builder: Fix refresh error when `domain_join_info` and `vpc_config` are not empty ([#26677](https://togithub.com/hashicorp/terraform-provider-aws/issues/26677))
- resource/aws_elasticsearch_domain: Prevent persistent `iops` diff ([#28901](https://togithub.com/hashicorp/terraform-provider-aws/issues/28901))
- resource/aws_grafana_workspace: Fix updating `vpc_configuration` ([#28569](https://togithub.com/hashicorp/terraform-provider-aws/issues/28569))
- resource/aws_iam_server_certificate: Avoid errors on delete when no error occurred ([#28968](https://togithub.com/hashicorp/terraform-provider-aws/issues/28968))
- resource/aws_lambda_function: Don't persist invalid `filename`, `s3_bucket`, `s3_key` or `s3_object_version` values on resource Update ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963))
- resource/aws_lambda_function: Retry `ResourceNotFoundException` errors on resource Create ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963))
- resource/aws_lb_listener_certificate: Show errors in certain cases where they were previously only logged and resource was removed from state ([#28968](https://togithub.com/hashicorp/terraform-provider-aws/issues/28968))
- resource/aws_opensearch_domain: Omit `throughput` and `iops` for unsupported volume types ([#28862](https://togithub.com/hashicorp/terraform-provider-aws/issues/28862))
- resource/aws_sagemaker_app: Correctly list all apps so as not to lose track in an environment where there are many apps ([#28561](https://togithub.com/hashicorp/terraform-provider-aws/issues/28561))
### [`v4.50.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4500-January-13-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.49.0...v4.50.0)
FEATURES:
- **New Data Source:** `aws_lbs` ([#27161](https://togithub.com/hashicorp/terraform-provider-aws/issues/27161))
- **New Resource:** `aws_sesv2_configuration_set_event_destination` ([#27565](https://togithub.com/hashicorp/terraform-provider-aws/issues/27565))
ENHANCEMENTS:
- data-source/aws_lb_target_group: Support querying by `tags` ([#27261](https://togithub.com/hashicorp/terraform-provider-aws/issues/27261))
- resource/aws_redshiftdata_statement: Add `workgroup_name` argument ([#28751](https://togithub.com/hashicorp/terraform-provider-aws/issues/28751))
- resource/aws_service_discovery_service: Add `type` argument ([#28778](https://togithub.com/hashicorp/terraform-provider-aws/issues/28778))
BUG FIXES:
- resource/aws_acmpca_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28788](https://togithub.com/hashicorp/terraform-provider-aws/issues/28788))
- resource/aws_api_gateway_rest_api: Improve refresh to avoid unnecessary diffs in `policy` ([#28789](https://togithub.com/hashicorp/terraform-provider-aws/issues/28789))
- resource/aws_api_gateway_rest_api_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28789](https://togithub.com/hashicorp/terraform-provider-aws/issues/28789))
- resource/aws_apprunner_service: `observability_configuration_arn` is optional ([#28620](https://togithub.com/hashicorp/terraform-provider-aws/issues/28620))
- resource/aws_apprunner_vpc_connector: Fix `default_tags` not handled correctly ([#28736](https://togithub.com/hashicorp/terraform-provider-aws/issues/28736))
- resource/aws_appstream_stack: Fix panic on user_settings update ([#28766](https://togithub.com/hashicorp/terraform-provider-aws/issues/28766))
- resource/aws_appstream_stack: Prevent unnecessary replacements on update ([#28766](https://togithub.com/hashicorp/terraform-provider-aws/issues/28766))
- resource/aws_backup_vault_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28791](https://togithub.com/hashicorp/terraform-provider-aws/issues/28791))
- resource/aws_cloudsearch_domain_service_access_policy: Improve refresh to avoid unnecessary diffs in `access_policy` ([#28792](https://togithub.com/hashicorp/terraform-provider-aws/issues/28792))
- resource/aws_cloudwatch_event_bus_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28802](https://togithub.com/hashicorp/terraform-provider-aws/issues/28802))
- resource/aws_codeartifact_domain_permissions_policy: Improve refresh to avoid unnecessary diffs in `policy_document` ([#28794](https://togithub.com/hashicorp/terraform-provider-aws/issues/28794))
- resource/aws_codeartifact_repository_permissions_policy: Improve refresh to avoid unnecessary diffs in `policy_document` ([#28794](https://togithub.com/hashicorp/terraform-provider-aws/issues/28794))
- resource/aws_codebuild_resource_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28796](https://togithub.com/hashicorp/terraform-provider-aws/issues/28796))
- resource/aws_dms_replication_subnet_group: Fix error ("Provider produced inconsistent result") when an error is encountered during creation ([#28748](https://togithub.com/hashicorp/terraform-provider-aws/issues/28748))
- resource/aws_dms_replication_task: Allow updates to `aws_dms_replication_task` even when `migration_type` and `table_mappings` have not changed ([#28047](https://togithub.com/hashicorp/terraform-provider-aws/issues/28047))
- resource/aws_dms_replication_task: Fix error with `cdc_path` when used with `aws_dms_s3_endpoint` ([#28704](https://togithub.com/hashicorp/terraform-provider-aws/issues/28704))
- resource/aws_dms_s3\_endpoint: Fix error with `cdc_path` when used with `aws_dms_replication_task` ([#28704](https://togithub.com/hashicorp/terraform-provider-aws/issues/28704))
- resource/aws_ecr_registry_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28799](https://togithub.com/hashicorp/terraform-provider-aws/issues/28799))
- resource/aws_ecr_repository_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28799](https://togithub.com/hashicorp/terraform-provider-aws/issues/28799))
- resource/aws_ecrpublic_repository_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28799](https://togithub.com/hashicorp/terraform-provider-aws/issues/28799))
- resource/aws_efs_file_system_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28800](https://togithub.com/hashicorp/terraform-provider-aws/issues/28800))
- resource/aws_elasticsearch_domain: Improve refresh to avoid unnecessary diffs in `access_policies` ([#28801](https://togithub.com/hashicorp/terraform-provider-aws/issues/28801))
- resource/aws_elasticsearch_domain_policy: Improve refresh to avoid unnecessary diffs in `access_policies` ([#28801](https://togithub.com/hashicorp/terraform-provider-aws/issues/28801))
- resource/aws_glacier_vault: Improve refresh to avoid unnecessary diffs in `access_policy` ([#28804](https://togithub.com/hashicorp/terraform-provider-aws/issues/28804))
- resource/aws_glacier_vault_lock: Improve refresh to avoid unnecessary diffs in `policy` ([#28804](https://togithub.com/hashicorp/terraform-provider-aws/issues/28804))
- resource/aws_glue_resource_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28807](https://togithub.com/hashicorp/terraform-provider-aws/issues/28807))
- resource/aws_iam_group_policy: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868))
- resource/aws_iam_group_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777))
- resource/aws_iam_group_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836))
- resource/aws_iam_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777))
- resource/aws_iam_policy: Improve refresh to avoid unnecessary diffs in `policy`, `tags` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836))
- resource/aws_iam_role: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868))
- resource/aws_iam_role: Improve refresh to avoid unnecessary diffs in `assume_role_policy` and `inline_policy` `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777))
- resource/aws_iam_role: Improve refresh to avoid unnecessary diffs in `inline_policy.*.policy`, `tags` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836))
- resource/aws_iam_role_policy: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868))
- resource/aws_iam_role_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777))
- resource/aws_iam_role_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836))
- resource/aws_iam_user_policy: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868))
- resource/aws_iam_user_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777))
- resource/aws_iam_user_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836))
- resource/aws_iot_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28838](https://togithub.com/hashicorp/terraform-provider-aws/issues/28838))
- resource/aws_kms_external_key: Improve refresh to avoid unnecessary diffs in `policy` ([#28853](https://togithub.com/hashicorp/terraform-provider-aws/issues/28853))
- resource/aws_kms_key: Improve refresh to avoid unnecessary diffs in `policy` ([#28853](https://togithub.com/hashicorp/terraform-provider-aws/issues/28853))
- resource/aws_lb_target_group: Change `protocol_version` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#17845](https://togithub.com/hashicorp/terraform-provider-aws/issues/17845))
- resource/aws_lb_target_group: When creating a new target group, return an error if there is an existing target group with the same name. Use [`terraform import`](https://developer.hashicorp.com/terraform/cli/commands/import) for existing target groups ([#26977](https://togithub.com/hashicorp/terraform-provider-aws/issues/26977))
- resource/aws_mq_configuration: Improve refresh to avoid unnecessary diffs in `data` ([#28837](https://togithub.com/hashicorp/terraform-provider-aws/issues/28837))
- resource/aws_s3\_access_point: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866))
- resource/aws_s3\_bucket: Improve refresh to avoid unnecessary diffs in `policy` ([#28855](https://togithub.com/hashicorp/terraform-provider-aws/issues/28855))
- resource/aws_s3\_bucket_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28855](https://togithub.com/hashicorp/terraform-provider-aws/issues/28855))
- resource/aws_s3control_access_point_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866))
- resource/aws_s3control_bucket_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866))
- resource/aws_s3control_multi_region_access_point_policy: Improve refresh to avoid unnecessary diffs in `details` `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866))
- resource/aws_s3control_object_lambda_access_point_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866))
- resource/aws_sagemaker_model_package_group_policy: Improve refresh to avoid unnecessary diffs in `resource_policy` ([#28865](https://togithub.com/hashicorp/terraform-provider-aws/issues/28865))
- resource/aws_schemas_registry_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28864](https://togithub.com/hashicorp/terraform-provider-aws/issues/28864))
- resource/aws_secretsmanager_secret: Improve refresh to avoid unnecessary diffs in `policy` ([#28863](https://togithub.com/hashicorp/terraform-provider-aws/issues/28863))
- resource/aws_secretsmanager_secret_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28863](https://togithub.com/hashicorp/terraform-provider-aws/issues/28863))
- resource/aws_ses_identity_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28861](https://togithub.com/hashicorp/terraform-provider-aws/issues/28861))
- resource/aws_sns_topic: Improve refresh to avoid unnecessary diffs in `policy` ([#28860](https://togithub.com/hashicorp/terraform-provider-aws/issues/28860))
- resource/aws_sns_topic_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28860](https://togithub.com/hashicorp/terraform-provider-aws/issues/28860))
- resource/aws_sqs_queue: Improve refresh to avoid unnecessary diffs in `policy` ([#28840](https://togithub.com/hashicorp/terraform-provider-aws/issues/28840))
- resource/aws_sqs_queue_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28840](https://togithub.com/hashicorp/terraform-provider-aws/issues/28840))
- resource/aws_transfer_access: Improve refresh to avoid unnecessary diffs in `policy` ([#28859](https://togithub.com/hashicorp/terraform-provider-aws/issues/28859))
- resource/aws_transfer_user: Improve refresh to avoid unnecessary diffs in `policy` ([#28859](https://togithub.com/hashicorp/terraform-provider-aws/issues/28859))
- resource/aws_vpc_endpoint: Improve refresh to avoid unnecessary diffs in `policy` ([#28798](https://togithub.com/hashicorp/terraform-provider-aws/issues/28798))
- resource/aws_vpc_endpoint_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28798](https://togithub.com/hashicorp/terraform-provider-aws/issues/28798))
### [`v4.49.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4490-January-5-2023)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.48.0...v4.49.0)
NOTES:
- resource/aws_dms_endpoint: For `s3_settings` `cdc_min_file_size`, AWS changed the multiplier to kilobytes instead of megabytes. In other words, prior to the change, a value of `32` represented 32 MiB. After the change, a value of `32` represents 32 KB. Change your configuration accordingly. ([#28578](https://togithub.com/hashicorp/terraform-provider-aws/issues/28578))
- resource/aws_fsx_ontap_storage_virtual_machine: The `subtype` attribute is no longer deprecated ([#28567](https://togithub.com/hashicorp/terraform-provider-aws/issues/28567))
FEATURES:
- **New Data Source:** `aws_s3control_multi_region_access_point` ([#28373](https://togithub.com/hashicorp/terraform-provider-aws/issues/28373))
- **New Resource:** `aws_appsync_type` ([#28437](https://togithub.com/hashicorp/terraform-provider-aws/issues/28437))
- **New Resource:** `aws_auditmanager_assessment` ([#28643](https://togithub.com/hashicorp/terraform-provider-aws/issues/28643))
- **New Resource:** `aws_auditmanager_assessment_report` ([#28663](https://togithub.com/hashicorp/terraform-provider-aws/issues/28663))
- **New Resource:** `aws_ec2_instance_state` ([#28639](https://togithub.com/hashicorp/terraform-provider-aws/issues/28639))
- **New Resource:** `aws_lightsail_bucket` ([#28585](https://togithub.com/hashicorp/terraform-provider-aws/issues/28585))
- **New Resource:** `aws_ssoadmin_instance_access_control_attributes` ([#23317](https://togithub.com/hashicorp/terraform-provider-aws/issues/23317))
ENHANCEMENTS:
- data-source/aws_autoscaling_group: Add `desired_capacity_type` attribute ([#28658](https://togithub.com/hashicorp/terraform-provider-aws/issues/28658))
- data-source/aws_kms_secrets: Add `encryption_algorithm` and `key_id` arguments in support of [asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) ([#21054](https://togithub.com/hashicorp/terraform-provider-aws/issues/21054))
- resource/aws_appflow_connector_profile: Add support for `connector_type` CustomConnector. Add `cluster_identifier`, `database_name`, and `data_api_role_arn` attributes for `redshift` `connection_profile_properties` ([#26766](https://togithub.com/hashicorp/terraform-provider-aws/issues/26766))
- resource/aws_appsync_resolver: Add `runtime` and `code` arguments ([#28436](https://togithub.com/hashicorp/terraform-provider-aws/issues/28436))
- resource/aws_appsync_resolver: Add plan time validation for `caching_config.ttl` ([#28436](https://togithub.com/hashicorp/terraform-provider-aws/issues/28436))
- resource/aws_athena_workgroup: Add `configuration.execution_role` argument ([#28420](https://togithub.com/hashicorp/terraform-provider-aws/issues/28420))
- resource/aws_autoscaling_group: Add `desired_capacity_type` argument ([#28658](https://togithub.com/hashicorp/terraform-provider-aws/issues/28658))
- resource/aws_dms_endpoint: Change `s3_settings` `cdc_min_file_size` default to 32000 in order to align with AWS's change from megabytes to kilobytes for this setting ([#28578](https://togithub.com/hashicorp/terraform-provider-aws/issues/28578))
- resource/aws_ecs_service: Add `alarms` argument ([#28521](https://togithub.com/hashicorp/terraform-provider-aws/issues/28521))
- resource/aws_lightsail_instance: Add `add_on` configuration block. ([#28602](https://togithub.com/hashicorp/terraform-provider-aws/issues/28602))
- resource/aws_lightsail_instance_public_ports: Add `cidr_list_aliases` argument ([#28376](https://togithub.com/hashicorp/terraform-provider-aws/issues/28376))
- resource/aws_s3\_access_point: Add `bucket_account_id` argument ([#28564](https://togithub.com/hashicorp/terraform-provider-aws/issues/28564))
- resource/aws_s3control_storage_lens_configuration: Add `advanced_cost_optimization_metrics`, `advanced_data_protection_metrics`, and `detailed_status_code_metrics` arguments to the `storage_lens_configuration.account_level` and `storage_lens_configuration.account_level.bucket_level` configuration blocks ([#28564](https://togithub.com/hashicorp/terraform-provider-aws/issues/28564))
- resource/aws_wafv2\_rule_group: Add `rule.action.captcha` argument ([#28435](https://togithub.com/hashicorp/terraform-provider-aws/issues/28435))
- resource/aws_wafv2\_web_acl: Add `rule.action.challenge` argument ([#28305](https://togithub.com/hashicorp/terraform-provider-aws/issues/28305))
- resource/aws_wafv2\_web_acl: Add support for ManagedRuleGroupConfig ([#28594](https://togithub.com/hashicorp/terraform-provider-aws/issues/28594))
BUG FIXES:
- data-source/aws_cloudwatch_log_group: Restore use of `ListTagsLogGroup` API ([#28492](https://togithub.com/hashicorp/terraform-provider-aws/issues/28492))
- resource/aws_cloudwatch_log_group: Restore use of
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
4.0.0
->4.58.0
Release Notes
hashicorp/terraform-provider-aws
### [`v4.58.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4580-March-10-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.57.1...v4.58.0) FEATURES: - **New Data Source:** `aws_ecs_task_execution` ([#29783](https://togithub.com/hashicorp/terraform-provider-aws/issues/29783)) - **New Data Source:** `aws_licensemanager_grants` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741)) - **New Data Source:** `aws_licensemanager_received_license` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741)) - **New Data Source:** `aws_licensemanager_received_licenses` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741)) - **New Resource:** `aws_licensemanager_grant` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741)) - **New Resource:** `aws_licensemanager_grant_accepter` ([#29741](https://togithub.com/hashicorp/terraform-provider-aws/issues/29741)) ENHANCEMENTS: - data-source/aws_ec2\_transit_gateway_attachment: Add `association_state` and `association_transit_gateway_route_table_id` attributes ([#29648](https://togithub.com/hashicorp/terraform-provider-aws/issues/29648)) - data-source/aws_instances: Add `ipv6_addresses` attribute ([#29794](https://togithub.com/hashicorp/terraform-provider-aws/issues/29794)) - resource/aws_acm_certificate: Change `options` to `Computed` ([#29763](https://togithub.com/hashicorp/terraform-provider-aws/issues/29763)) - resource/aws_amplify_domain_association: Add `enable_auto_sub_domain` argument ([#29814](https://togithub.com/hashicorp/terraform-provider-aws/issues/29814)) - resource/aws_cloudhsm_v2\_hsm: Enforce `ExactlyOneOf` for `availability_zone` and `subnet_id` arguments ([#20891](https://togithub.com/hashicorp/terraform-provider-aws/issues/20891)) - resource/aws_db_instance: Add `listener_endpoint` attribute ([#28434](https://togithub.com/hashicorp/terraform-provider-aws/issues/28434)) - resource/aws_db_instance: Add plan time validations for `backup_retention_period`, `monitoring_interval`, and `monitoring_role_arn` ([#28434](https://togithub.com/hashicorp/terraform-provider-aws/issues/28434)) - resource/aws_flow_log: Add `deliver_cross_account_role` argument ([#29254](https://togithub.com/hashicorp/terraform-provider-aws/issues/29254)) - resource/aws_grafana_workspace: Add `network_access_control` argument ([#29793](https://togithub.com/hashicorp/terraform-provider-aws/issues/29793)) - resource/aws_sesv2\_configuration_set: Add `vdm_options` argument ([#28812](https://togithub.com/hashicorp/terraform-provider-aws/issues/28812)) - resource/aws_transfer_server: Add `protocol_details` argument ([#28621](https://togithub.com/hashicorp/terraform-provider-aws/issues/28621)) - resource/aws_transfer_workflow: Add `decrypt_step_details` to the `on_exception_steps` and `steps` configuration blocks ([#29692](https://togithub.com/hashicorp/terraform-provider-aws/issues/29692)) - resource/db_snapshot: Add `shared_accounts` argument ([#28424](https://togithub.com/hashicorp/terraform-provider-aws/issues/28424)) BUG FIXES: - resource/aws_acm_certificate: Update `options.certificate_transparency_logging_preference` in place rather than replacing the resource ([#29763](https://togithub.com/hashicorp/terraform-provider-aws/issues/29763)) - resource/aws_batch_job_definition: Prevents perpetual diff when container properties environment variable has empty value. ([#29820](https://togithub.com/hashicorp/terraform-provider-aws/issues/29820)) - resource/aws_elastic_beanstalk_configuration_template: Map errors like `InvalidParameterValue: No Platform named '...' found.` to `resource.NotFoundError` so `terraform refesh` correctly removes the resource from state ([#29863](https://togithub.com/hashicorp/terraform-provider-aws/issues/29863)) - resource/aws_flow_log: Fix IAM eventual consistency errors on resource Create ([#29254](https://togithub.com/hashicorp/terraform-provider-aws/issues/29254)) - resource/aws_grafana_workspace: Allow removing `vpc_configuration` ([#29793](https://togithub.com/hashicorp/terraform-provider-aws/issues/29793)) - resource/aws_medialive_channel: Fix setting of the `include_fec` attribute in `fec_output_settings` ([#29808](https://togithub.com/hashicorp/terraform-provider-aws/issues/29808)) - resource/aws_medialive_channel: Fix setting of the `video_pid` attribute in `m2ts_settings` ([#29824](https://togithub.com/hashicorp/terraform-provider-aws/issues/29824)) ### [`v4.57.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4571-March-6-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.57.0...v4.57.1) BUG FIXES: - resource/aws_lambda_function: Prevent `Provider produced inconsistent final plan` errors produced by null `skip_destroy` attribute value. NOTE: Because the maintainers have been unable to reproduce the reported problem, the fix is best effort and we ask for community support in verifying the fix. ([#29812](https://togithub.com/hashicorp/terraform-provider-aws/issues/29812)) ### [`v4.57.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4570-March-3-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.56.0...v4.57.0) NOTES: - resource/aws_dms_endpoint: The `s3_settings` argument has been deprecated. All configurations using `aws_dms_endpoint.*.s3_settings` should be updated to use the `aws_dms_s3_endpoint` resource instead ([#29728](https://togithub.com/hashicorp/terraform-provider-aws/issues/29728)) - resource/aws_networkmanager_core_network: The `base_policy_region` argument is being deprecated in favor of the new `base_policy_regions` argument. ([#29623](https://togithub.com/hashicorp/terraform-provider-aws/issues/29623)) FEATURES: - **New Resource:** `aws_lightsail_bucket_resource_access` ([#29460](https://togithub.com/hashicorp/terraform-provider-aws/issues/29460)) ENHANCEMENTS: - data-source/aws_launch_template: Add `instance_requirements.allowed_instance_types` and `instance_requirements.network_bandwidth_gbps` attributes ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140)) - resource/aws_autoscaling_group: Add `auto_rollback` to the `instance_refresh.preferences` configuration block ([#29513](https://togithub.com/hashicorp/terraform-provider-aws/issues/29513)) - resource/aws_autoscaling_group: Add `mixed_instances_policy.launch_template.override.instance_requirements.allowed_instance_types` and `mixed_instances_policy.launch_template.override.instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140)) - resource/aws_autoscaling_policy: Add `metrics` to the `target_tracking_configuration.customized_metric_specification` configuration block in support of [metric math](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-target-tracking-metric-math.html) ([#28560](https://togithub.com/hashicorp/terraform-provider-aws/issues/28560)) - resource/aws_cloudtrail_event_data_store: Add `kms_key_id` argument ([#29224](https://togithub.com/hashicorp/terraform-provider-aws/issues/29224)) - resource/aws_dms_endpoint: Add ability to use AWS Secrets Manager with the `db2` engine ([#29380](https://togithub.com/hashicorp/terraform-provider-aws/issues/29380)) - resource/aws_dms_endpoint: Add support for `azure-sql-managed-instance` `engine_name` value ([#28960](https://togithub.com/hashicorp/terraform-provider-aws/issues/28960)) - resource/aws_dms_s3\_endpoint: Add `detach_target_on_lob_lookup_failure_parquet` argument ([#29772](https://togithub.com/hashicorp/terraform-provider-aws/issues/29772)) - resource/aws_ec2\_fleet: Add `fleet_instance_set`, `fleet_state`, `fulfilled_capacity`, and `fulfilled_on_demand_capacity` attributes ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181)) - resource/aws_ec2\_fleet: Add `launch_template_config.override.instance_requirements.allowed_instance_types` and `launch_template_config.override.instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140)) - resource/aws_ec2\_fleet: Add `on_demand_options.capacity_reservation_options`,`on_demand_options.max_total_price`, `on_demand_options.min_target_capacity`, `on_demand_options.single_availability_zone` and `on_demand_options.single_instance_type` arguments ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181)) - resource/aws_ec2\_fleet: Add `spot_options.maintenance_strategies.capacity_rebalance.termination_delay` argument ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181)) - resource/aws_ec2\_fleet: Add `valid_from` and `valid_until` arguments ([#29181](https://togithub.com/hashicorp/terraform-provider-aws/issues/29181)) - resource/aws_lambda_function: Add `skip_destroy` argument ([#29646](https://togithub.com/hashicorp/terraform-provider-aws/issues/29646)) - resource/aws_lambda_function: Add configurable timeout for Delete ([#29646](https://togithub.com/hashicorp/terraform-provider-aws/issues/29646)) - resource/aws_lambda_function: Add plan time validators for `memory_size`, `role`, and `timeout` ([#29721](https://togithub.com/hashicorp/terraform-provider-aws/issues/29721)) - resource/aws_lambda_function: Retry (up to the configurable timeout) deletion of replicated Lambda@Edge functions ([#29646](https://togithub.com/hashicorp/terraform-provider-aws/issues/29646)) - resource/aws_launch_template: Add `instance_requirements.allowed_instance_types` and `instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140)) - resource/aws_networkmanager_core_network: Add `base_policy_regions` argument ([#29623](https://togithub.com/hashicorp/terraform-provider-aws/issues/29623)) - resource/aws_spot_fleet_request: Add `launch_template_config.overrides.instance_requirements.allowed_instance_types` and `launch_template_config.overrides.instance_requirements.network_bandwidth_gbps` arguments ([#29140](https://togithub.com/hashicorp/terraform-provider-aws/issues/29140)) - resource/aws_transfer_server: Add support for `on_partial_upload` block on the `workflow_details` attribute. ([#27730](https://togithub.com/hashicorp/terraform-provider-aws/issues/27730)) - resource/aws_transfer_user: Add configurable timeout for Delete ([#27563](https://togithub.com/hashicorp/terraform-provider-aws/issues/27563)) BUG FIXES: - resource/aws_dms_endpoint: Trigger updates based on adding new `extra_connection_attributes` ([#29772](https://togithub.com/hashicorp/terraform-provider-aws/issues/29772)) - resource/aws_instance: When encountering `InsufficientInstanceCapacity` errors, do not retry in order to fail faster, as this error is typically not resolvable in the near future ([#21293](https://togithub.com/hashicorp/terraform-provider-aws/issues/21293)) - resource/aws_transfer_server: Allow the removal of `workflow_details` attribute. ([#27730](https://togithub.com/hashicorp/terraform-provider-aws/issues/27730)) - resource/aws_transfer_user: Fix bug preventing removal of all `home_directory_mappings` due to empty list validation error ([#27563](https://togithub.com/hashicorp/terraform-provider-aws/issues/27563)) ### [`v4.56.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4560-February-24-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.55.0...v4.56.0) NOTES: - resource/aws_lambda_function: Updated to AWS SDK V2 ([#29615](https://togithub.com/hashicorp/terraform-provider-aws/issues/29615)) FEATURES: - **New Data Source:** `aws_vpc_security_group_rule` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484)) - **New Data Source:** `aws_vpc_security_group_rules` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484)) - **New Resource:** `aws_networkmanager_connect_peer` ([#29296](https://togithub.com/hashicorp/terraform-provider-aws/issues/29296)) - **New Resource:** `aws_vpc_security_group_egress_rule` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484)) - **New Resource:** `aws_vpc_security_group_ingress_rule` ([#29484](https://togithub.com/hashicorp/terraform-provider-aws/issues/29484)) ENHANCEMENTS: - data-source/aws_ecr_image: Add `most_recent` argument to return the most recently pushed image ([#26857](https://togithub.com/hashicorp/terraform-provider-aws/issues/26857)) - data-source/aws_ecr_repository: Add `most_recent_image_tags` attribute containing the most recently pushed image tag(s) in an ECR repository ([#26857](https://togithub.com/hashicorp/terraform-provider-aws/issues/26857)) - resource/aws_lb_ssl_negotiation_policy: Add `triggers` attribute to force resource updates ([#29482](https://togithub.com/hashicorp/terraform-provider-aws/issues/29482)) - resource/aws_load_balancer_listener_policy: Add `triggers` attribute to force resource updates ([#29482](https://togithub.com/hashicorp/terraform-provider-aws/issues/29482)) - resource/aws_organizations_policy: Add `skip_destroy` attribute ([#29382](https://togithub.com/hashicorp/terraform-provider-aws/issues/29382)) - resource/aws_organizations_policy_attachment: Add `skip_destroy` attribute ([#29382](https://togithub.com/hashicorp/terraform-provider-aws/issues/29382)) - resource/aws_sns_topic: Add `signature_version` and `tracing_config` arguments ([#29462](https://togithub.com/hashicorp/terraform-provider-aws/issues/29462)) BUG FIXES: - resource/aws_acmpca_certificate_authority: `revocation_configuration.crl_configuration.expiration_in_days` is Optional ([#29613](https://togithub.com/hashicorp/terraform-provider-aws/issues/29613)) - resource/aws_default_vpc: Change `enable_network_address_usage_metrics` to Optional+Computed, matching the `aws_vpc` resource ([#29607](https://togithub.com/hashicorp/terraform-provider-aws/issues/29607)) - resource/aws_lambda_function: Fix missing `ValidationException` message body ([#29615](https://togithub.com/hashicorp/terraform-provider-aws/issues/29615)) - resource/aws_medialive_channel: Fix setting of `m2ts_settings` `arib_captions_pid` and `arib_captions_pid_control` attributes ([#29467](https://togithub.com/hashicorp/terraform-provider-aws/issues/29467)) - resource/aws_resourceexplorer2\_view: Fix `Unexpected Planned Resource State on Destroy` errors when using Terraform CLI v1.3 and above ([#29550](https://togithub.com/hashicorp/terraform-provider-aws/issues/29550)) - resource/aws_servicecatalog_provisioned_product: Fix to allow `outputs` to be `Computed` when the resource changes ([#29559](https://togithub.com/hashicorp/terraform-provider-aws/issues/29559)) - resource/aws_sns_topic_subscription: Fix `filter_policy_scope` update from `MessageAttributes` to `MessageBody` with nested objects in `filter_policy` ([#28572](https://togithub.com/hashicorp/terraform-provider-aws/issues/28572)) - resource/aws_wafv2\_web_acl: Prevent erroneous diffs and attempts to remove AWS-added rule when applying to CF distribution using AWS Shield to automatically mitigate DDoS ([#29575](https://togithub.com/hashicorp/terraform-provider-aws/issues/29575)) ### [`v4.55.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4550-February-16-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.54.0...v4.55.0) FEATURES: - **New Data Source:** `aws_organizations_organizational_unit_child_accounts` ([#24350](https://togithub.com/hashicorp/terraform-provider-aws/issues/24350)) - **New Data Source:** `aws_organizations_organizational_unit_descendant_accounts` ([#24350](https://togithub.com/hashicorp/terraform-provider-aws/issues/24350)) - **New Resource:** `aws_route53_cidr_collection` ([#29407](https://togithub.com/hashicorp/terraform-provider-aws/issues/29407)) - **New Resource:** `aws_route53_cidr_location` ([#29407](https://togithub.com/hashicorp/terraform-provider-aws/issues/29407)) - **New Resource:** `aws_vpc_ipam_resource_discovery` ([#29216](https://togithub.com/hashicorp/terraform-provider-aws/issues/29216)) - **New Resource:** `aws_vpc_ipam_resource_discovery_association` ([#29216](https://togithub.com/hashicorp/terraform-provider-aws/issues/29216)) ENHANCEMENTS: - data-source/aws_s3\_bucket_object: Expand content types that can be read from S3 to include some human-readable application types (e.g., `application/xml`, `application/atom+xml`) ([#27704](https://togithub.com/hashicorp/terraform-provider-aws/issues/27704)) - data-source/aws_s3\_object: Expand content types that can be read from S3 to include some human-readable application types (e.g., `application/xml`, `application/atom+xml`) ([#27704](https://togithub.com/hashicorp/terraform-provider-aws/issues/27704)) - resource/aws_autoscaling_policy: Make `resource_label` optional in `predefined_load_metric_specification`, `predefined_metric_pair_specification`, and `predefined_scaling_metric_specification` ([#29277](https://togithub.com/hashicorp/terraform-provider-aws/issues/29277)) - resource/aws_cloudwatch_log_group: Allow `retention_in_days` attribute to accept a three year retention period (1096 days) ([#29426](https://togithub.com/hashicorp/terraform-provider-aws/issues/29426)) - resource/aws_db_proxy: Add `auth.client_password_auth_type` attribute ([#28432](https://togithub.com/hashicorp/terraform-provider-aws/issues/28432)) - resource/aws_firehose_delivery_stream: Add `ForceNew` to `dynamic_partitioning_configuration` attribute ([#29093](https://togithub.com/hashicorp/terraform-provider-aws/issues/29093)) - resource/aws_firehose_delivery_stream: Add configurable timeouts for create, update, and delete ([#28469](https://togithub.com/hashicorp/terraform-provider-aws/issues/28469)) - resource/aws_neptune_cluster: Add `neptune_instance_parameter_group_name` argument, used only when upgrading major version ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051)) - resource/aws_neptune_global_cluster: Increase Update timeout to 120 minutes (per global cluster member) ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051)) - resource/aws_route53\_cidr_location: Add `cidr_routing_policy` argument ([#29407](https://togithub.com/hashicorp/terraform-provider-aws/issues/29407)) - resource/aws_s3\_bucket: Accept 'NoSuchTagSetError' responses from S3-compatible services ([#28530](https://togithub.com/hashicorp/terraform-provider-aws/issues/28530)) - resource/aws_s3\_bucket: Add error handling for `NotImplemented` errors when reading `lifecycle_rule` or `replication_configuration` into terraform state. ([#28790](https://togithub.com/hashicorp/terraform-provider-aws/issues/28790)) - resource/aws_s3\_object: Accept 'NoSuchTagSetError' responses from S3-compatible services ([#28530](https://togithub.com/hashicorp/terraform-provider-aws/issues/28530)) BUG FIXES: - data-source/aws_elb: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202)) - resource/aws_appflow_connector_profile: Fix bug in connector_profile_config.0.connector_profile_properties.0.sapo_data.0.logon_language validation regex ([#28550](https://togithub.com/hashicorp/terraform-provider-aws/issues/28550)) - resource/aws_appflow_flow: Fix misspelled `source_connector_properties.0.sapo_data.0.object`, which never worked, to be `object_path` ([#28600](https://togithub.com/hashicorp/terraform-provider-aws/issues/28600)) - resource/aws_appmesh_route: Fix RequiredWith setting for `spec.0.grpc_route.0.match.0.method_name` attribute ([#29217](https://togithub.com/hashicorp/terraform-provider-aws/issues/29217)) - resource/aws_autoscaling_policy: Fix type of target_value for predictive scaling ([#28444](https://togithub.com/hashicorp/terraform-provider-aws/issues/28444)) - resource/aws_cloudfront_response_headers_policy: Allow `server_timing_headers_config.0.sampling_rate` to be `0` ([#27778](https://togithub.com/hashicorp/terraform-provider-aws/issues/27778)) - resource/aws_codebuild_project: Fix err check on delete ([#29042](https://togithub.com/hashicorp/terraform-provider-aws/issues/29042)) - resource/aws_ecs_service: Allow multiple `service` blocks within `service_connect_configuration` ([#28813](https://togithub.com/hashicorp/terraform-provider-aws/issues/28813)) - resource/aws_ecs_service: Mark `service_connect_configuration.service.client_alias` as optional and ensure that only 1 such block can be provided ([#28813](https://togithub.com/hashicorp/terraform-provider-aws/issues/28813)) - resource/aws_ecs_service: Require `service_connect_configuration.log_configuration.log_driver` to be provided ([#28813](https://togithub.com/hashicorp/terraform-provider-aws/issues/28813)) - resource/aws_elb: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202)) - resource/aws_emr_cluster: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202)) - resource/aws_globalaccelerator_endpoint_group: Fix errors caused by multiple security groups with the same name but different owners ([#29202](https://togithub.com/hashicorp/terraform-provider-aws/issues/29202)) - resource/aws_kms_key: Increase `policy propagation` eventual consistency timeouts from 5 minutes to 10 minutes ([#28636](https://togithub.com/hashicorp/terraform-provider-aws/issues/28636)) - resource/aws_medialive_channel: Fix issue causing `dbv_sub_pids` attribute to be configured incorrectly in `m2ts_settings` ([#29371](https://togithub.com/hashicorp/terraform-provider-aws/issues/29371)) - resource/aws_medialive_channel: Fix issue preventing `audio_pids` attribute from being configured in `m2ts_settings` ([#29371](https://togithub.com/hashicorp/terraform-provider-aws/issues/29371)) - resource/aws_neptune_cluster: Fix [restore-from-snapshot functionality](https://docs.aws.amazon.com/neptune/latest/userguide/backup-restore-restore-snapshot.html) using the `snapshot_identifier` argument on resource Create ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051)) - resource/aws_neptune_cluster: Fix major version upgrade ([#28051](https://togithub.com/hashicorp/terraform-provider-aws/issues/28051)) - resource/aws_sagemaker_user_profile: Change `user_settings.0.jupyter_server_app_settings.0.default_resource_spec` to be optional ([#28581](https://togithub.com/hashicorp/terraform-provider-aws/issues/28581)) ### [`v4.54.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4540-February-9-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.53.0...v4.54.0) NOTES: - provider: Resolves provider crashes reporting `Error: Plugin did not respond` and `fatal error: concurrent map writes` with updated upstream package (`terraform-plugin-log`) ([#29269](https://togithub.com/hashicorp/terraform-provider-aws/issues/29269)) - resource/aws_networkmanager_core_network: The `policy_document` attribute is being deprecated in favor of the new `aws_networkmanager_core_network_policy_attachment` resource. ([#29097](https://togithub.com/hashicorp/terraform-provider-aws/issues/29097)) FEATURES: - **New Resource:** `aws_evidently_launch` ([#28752](https://togithub.com/hashicorp/terraform-provider-aws/issues/28752)) - **New Resource:** `aws_lightsail_bucket_access_key` ([#28699](https://togithub.com/hashicorp/terraform-provider-aws/issues/28699)) - **New Resource:** `aws_networkmanager_core_network_policy_attachment` ([#29097](https://togithub.com/hashicorp/terraform-provider-aws/issues/29097)) ENHANCEMENTS: - data-source/aws_cloudtrail_service_account: Add service account ID for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103)) - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103)) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103)) - data-source/aws_s3\_bucket: Add hosted zone ID for `ap-south-2` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103)) - data-source/aws_s3\_bucket: Add hosted zone ID for `ap-southeast-4` AWS Region ([#29103](https://togithub.com/hashicorp/terraform-provider-aws/issues/29103)) - provider: Support `ap-southeast-4` as a valid AWS region ([#29329](https://togithub.com/hashicorp/terraform-provider-aws/issues/29329)) - resource/aws_dynamodb_table: Add `arn`, `stream_arn`, and `stream_label` attributes to `replica` to obtain this information for replicas ([#29269](https://togithub.com/hashicorp/terraform-provider-aws/issues/29269)) - resource/aws_efs_mount_target: Add configurable timeouts for Create and Delete ([#27991](https://togithub.com/hashicorp/terraform-provider-aws/issues/27991)) - resource/aws_lambda_function: Add `replace_security_groups_on_destroy` and `replacement_security_group_ids` attributes ([#29289](https://togithub.com/hashicorp/terraform-provider-aws/issues/29289)) - resource/aws_networkfirewall_firewall: Add `ip_address_type` attribute to the `subnet_mapping` configuration block ([#29010](https://togithub.com/hashicorp/terraform-provider-aws/issues/29010)) - resource/aws_networkmanager_core_network: Add `base_policy_region` and `create_base_policy` arguments ([#29097](https://togithub.com/hashicorp/terraform-provider-aws/issues/29097)) BUG FIXES: - data-source/aws_kms_key: Reinstate support for KMS multi-Region key ID or ARN values for the `key_id` argument ([#29266](https://togithub.com/hashicorp/terraform-provider-aws/issues/29266)) - resource/aws_cloudwatch_log_group: Fix IAM eventual consistency error when setting a retention policy ([#29325](https://togithub.com/hashicorp/terraform-provider-aws/issues/29325)) - resource/aws_dynamodb_table: Avoid recreating table replicas when enabling PITR on them ([#29269](https://togithub.com/hashicorp/terraform-provider-aws/issues/29269)) - resource/aws_ec2\_client_vpn_endpoint: Change `authentication_options` from `TypeList` to `TypeSet` as order is not significant ([#29294](https://togithub.com/hashicorp/terraform-provider-aws/issues/29294)) - resource/aws_kms_grant: Retries until valid principal ARNs are returned instead of not updating state ([#29245](https://togithub.com/hashicorp/terraform-provider-aws/issues/29245)) - resource/aws_opsworks_permission: `stack_id` and `user_arn` are both Required and ForceNew ([#27991](https://togithub.com/hashicorp/terraform-provider-aws/issues/27991)) - resource/aws_prometheus_workspace: Create a logging configuration on resource update if none existed previously ([#27472](https://togithub.com/hashicorp/terraform-provider-aws/issues/27472)) - resource/aws_s3\_bucket: Fix crash when `logging` is empty ([#29243](https://togithub.com/hashicorp/terraform-provider-aws/issues/29243)) - resource/aws_sns_topic: Fixes potential race condition when reading policy document. ([#29226](https://togithub.com/hashicorp/terraform-provider-aws/issues/29226)) - resource/aws_sns_topic_policy: Fixes potential race condition when reading policy document. ([#29226](https://togithub.com/hashicorp/terraform-provider-aws/issues/29226)) ### [`v4.53.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4530-February-3-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.52.0...v4.53.0) ENHANCEMENTS: - provider: Adds structured fields in logging ([#29223](https://togithub.com/hashicorp/terraform-provider-aws/issues/29223)) - provider: Masks authentication fields in HTTP header logging ([#29223](https://togithub.com/hashicorp/terraform-provider-aws/issues/29223)) ### [`v4.52.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4520-January-27-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.51.0...v4.52.0) NOTES: - resource/aws_dynamodb_table: In the past, in certain situations, `kms_key_arn` could be populated with the default DynamoDB key `alias/aws/dynamodb`. This was an error because it would then be sent back to AWS and should not be. ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_dynamodb_table: In the past, in certain situations, `server_side_encryption.0.kms_key_arn` or `replica.*.kms_key_arn` could be populated with the default DynamoDB key `alias/aws/dynamodb`. This was an error because it would then be sent back to AWS and should not be. ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_dynamodb_table: Updating `replica.*.kms_key_arn` or `replica.*.point_in_time_recovery`, when the `replica`'s `kms_key_arn` is set, requires recreating the replica. ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_dynamodb_table_replica: Updating `kms_key_arn` forces replacement of the replica now as required to re-encrypt the replica ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) FEATURES: - **New Data Source:** `aws_auditmanager_framework` ([#28989](https://togithub.com/hashicorp/terraform-provider-aws/issues/28989)) - **New Resource:** `aws_auditmanager_assessment_delegation` ([#29099](https://togithub.com/hashicorp/terraform-provider-aws/issues/29099)) - **New Resource:** `aws_auditmanager_framework_share` ([#29049](https://togithub.com/hashicorp/terraform-provider-aws/issues/29049)) - **New Resource:** `aws_auditmanager_organization_admin_account_registration` ([#29018](https://togithub.com/hashicorp/terraform-provider-aws/issues/29018)) ENHANCEMENTS: - resource/aws_wafv2\_rule_group: Add `oversize_handling` argument to `body` block of the `field_to_match` block ([#29082](https://togithub.com/hashicorp/terraform-provider-aws/issues/29082)) BUG FIXES: - resource/aws_api_gateway_integration: Prevent drift of `connection_type` attribute when `aws_api_gateway_deployment` `triggers` are used ([#29016](https://togithub.com/hashicorp/terraform-provider-aws/issues/29016)) - resource/aws_dynamodb_table: Fix perpetual diffs when using default AWS-managed keys ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_dynamodb_table: Fix to allow updating of `replica.*.kms_key_arn` ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_dynamodb_table: Fix to allow updating of `replica.*.point_in_time_recovery` when a `replica` has `kms_key_arn` set ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_dynamodb_table: Fix unexpected state 'DISABLED' error when waiting for PITR to update ([#29086](https://togithub.com/hashicorp/terraform-provider-aws/issues/29086)) - resource/aws_dynamodb_table_replica: Fix to allow creation of the replica without errors when `kms_key_arn` is set ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_dynamodb_table_replica: Fix to allow updating of `kms_key_arn` ([#29102](https://togithub.com/hashicorp/terraform-provider-aws/issues/29102)) - resource/aws_medialive_channel: Add missing `rate_control_mode` in `acc_settings` for `audio_descriptions` ([#29051](https://togithub.com/hashicorp/terraform-provider-aws/issues/29051)) - resource/aws_medialive_input: Fix eventual consistency error when updating ([#29051](https://togithub.com/hashicorp/terraform-provider-aws/issues/29051)) - resource/aws_vpc_ipam_pool_cidr_allocation: Added support for eventual consistency on read operations after create. ([#29022](https://togithub.com/hashicorp/terraform-provider-aws/issues/29022)) - resource/aws_wafv2\_web_acl: Fix error when setting `aws_managed_rules_bot_control_rule_set` in `manage_rule_group_config` ([#28810](https://togithub.com/hashicorp/terraform-provider-aws/issues/28810)) ### [`v4.51.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4510-January-19-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.50.0...v4.51.0) NOTES: - resource/aws_ce_anomaly_subscription: Deprecate `threshold` argument in favour of `threshold_expression` ([#28573](https://togithub.com/hashicorp/terraform-provider-aws/issues/28573)) FEATURES: - **New Data Source:** `aws_auditmanager_control` ([#28967](https://togithub.com/hashicorp/terraform-provider-aws/issues/28967)) - **New Resource:** `aws_datasync_location_object_storage` ([#23154](https://togithub.com/hashicorp/terraform-provider-aws/issues/23154)) - **New Resource:** `aws_rds_export_task` ([#28831](https://togithub.com/hashicorp/terraform-provider-aws/issues/28831)) - **New Resource:** `aws_resourceexplorer2_view` ([#28841](https://togithub.com/hashicorp/terraform-provider-aws/issues/28841)) ENHANCEMENTS: - resource/aws_appmesh_gateway_route: Add `port` on the `match` attribute for routes ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799)) - resource/aws_appmesh_route: Add `port` on the `weighted_target` attribute ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799)) - resource/aws_appmesh_virtual_gateway: Add the functionality to be able specify multi listeners ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799)) - resource/aws_appmesh_virtual_node: Add the functionality to be able specify multi listeners ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799)) - resource/aws_appmesh_virtual_router: Add the functionality to be able specify multi listeners ([#27799](https://togithub.com/hashicorp/terraform-provider-aws/issues/27799)) - resource/aws_apprunner_service: Add `source_configuration.code_repository.code_configuration.runtime_environment_secrets` and `source_configuration.image_repository.image_configuration.runtime_environment_secrets` argument ([#28871](https://togithub.com/hashicorp/terraform-provider-aws/issues/28871)) - resource/aws_ce_anomaly_subscription: Add `threshold_expression` argument ([#28573](https://togithub.com/hashicorp/terraform-provider-aws/issues/28573)) - resource/aws_grafana_workspace: Add `configuration` argument ([#28569](https://togithub.com/hashicorp/terraform-provider-aws/issues/28569)) - resource/aws_imagbuilder_component: Add `skip_destroy` argument ([#28905](https://togithub.com/hashicorp/terraform-provider-aws/issues/28905)) - resource/aws_lambda_event_source_mapping: Add `scaling_config` argument ([#28876](https://togithub.com/hashicorp/terraform-provider-aws/issues/28876)) - resource/aws_lambda_function: Add configurable timeout for Update ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963)) - resource/aws_rum_app_monitor: Add `custom_events` argument ([#28431](https://togithub.com/hashicorp/terraform-provider-aws/issues/28431)) - resource/aws_servicecatalog_portfolio_share: Add `share_principals` argument ([#28619](https://togithub.com/hashicorp/terraform-provider-aws/issues/28619)) BUG FIXES: - data-source/aws_eks_cluster: Add `outpost_config.control_plane_placement` attribute ([#28924](https://togithub.com/hashicorp/terraform-provider-aws/issues/28924)) - data-source/aws_identitystore_group: Restore use of `ListGroups` API when `filter` is specified ([#28937](https://togithub.com/hashicorp/terraform-provider-aws/issues/28937)) - data-source/aws_identitystore_user: Restore use of `ListUsers` API when `filter` is specified ([#28937](https://togithub.com/hashicorp/terraform-provider-aws/issues/28937)) - data-source/aws_lambda_function: Fix `AccessDeniedException` errors in [AWS Regions where AWS Signer is not supported](https://docs.aws.amazon.com/general/latest/gr/signer.html#signer_lambda_region) ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963)) - data-source/aws_lambda_function: Remove any qualifier from `invoke_arn` ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963)) - resource/aws_appstream_image_builder: Fix IAM eventual consistency error for optional role ([#26677](https://togithub.com/hashicorp/terraform-provider-aws/issues/26677)) - resource/aws_appstream_image_builder: Fix refresh error when `domain_join_info` and `vpc_config` are not empty ([#26677](https://togithub.com/hashicorp/terraform-provider-aws/issues/26677)) - resource/aws_elasticsearch_domain: Prevent persistent `iops` diff ([#28901](https://togithub.com/hashicorp/terraform-provider-aws/issues/28901)) - resource/aws_grafana_workspace: Fix updating `vpc_configuration` ([#28569](https://togithub.com/hashicorp/terraform-provider-aws/issues/28569)) - resource/aws_iam_server_certificate: Avoid errors on delete when no error occurred ([#28968](https://togithub.com/hashicorp/terraform-provider-aws/issues/28968)) - resource/aws_lambda_function: Don't persist invalid `filename`, `s3_bucket`, `s3_key` or `s3_object_version` values on resource Update ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963)) - resource/aws_lambda_function: Retry `ResourceNotFoundException` errors on resource Create ([#28963](https://togithub.com/hashicorp/terraform-provider-aws/issues/28963)) - resource/aws_lb_listener_certificate: Show errors in certain cases where they were previously only logged and resource was removed from state ([#28968](https://togithub.com/hashicorp/terraform-provider-aws/issues/28968)) - resource/aws_opensearch_domain: Omit `throughput` and `iops` for unsupported volume types ([#28862](https://togithub.com/hashicorp/terraform-provider-aws/issues/28862)) - resource/aws_sagemaker_app: Correctly list all apps so as not to lose track in an environment where there are many apps ([#28561](https://togithub.com/hashicorp/terraform-provider-aws/issues/28561)) ### [`v4.50.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4500-January-13-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.49.0...v4.50.0) FEATURES: - **New Data Source:** `aws_lbs` ([#27161](https://togithub.com/hashicorp/terraform-provider-aws/issues/27161)) - **New Resource:** `aws_sesv2_configuration_set_event_destination` ([#27565](https://togithub.com/hashicorp/terraform-provider-aws/issues/27565)) ENHANCEMENTS: - data-source/aws_lb_target_group: Support querying by `tags` ([#27261](https://togithub.com/hashicorp/terraform-provider-aws/issues/27261)) - resource/aws_redshiftdata_statement: Add `workgroup_name` argument ([#28751](https://togithub.com/hashicorp/terraform-provider-aws/issues/28751)) - resource/aws_service_discovery_service: Add `type` argument ([#28778](https://togithub.com/hashicorp/terraform-provider-aws/issues/28778)) BUG FIXES: - resource/aws_acmpca_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28788](https://togithub.com/hashicorp/terraform-provider-aws/issues/28788)) - resource/aws_api_gateway_rest_api: Improve refresh to avoid unnecessary diffs in `policy` ([#28789](https://togithub.com/hashicorp/terraform-provider-aws/issues/28789)) - resource/aws_api_gateway_rest_api_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28789](https://togithub.com/hashicorp/terraform-provider-aws/issues/28789)) - resource/aws_apprunner_service: `observability_configuration_arn` is optional ([#28620](https://togithub.com/hashicorp/terraform-provider-aws/issues/28620)) - resource/aws_apprunner_vpc_connector: Fix `default_tags` not handled correctly ([#28736](https://togithub.com/hashicorp/terraform-provider-aws/issues/28736)) - resource/aws_appstream_stack: Fix panic on user_settings update ([#28766](https://togithub.com/hashicorp/terraform-provider-aws/issues/28766)) - resource/aws_appstream_stack: Prevent unnecessary replacements on update ([#28766](https://togithub.com/hashicorp/terraform-provider-aws/issues/28766)) - resource/aws_backup_vault_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28791](https://togithub.com/hashicorp/terraform-provider-aws/issues/28791)) - resource/aws_cloudsearch_domain_service_access_policy: Improve refresh to avoid unnecessary diffs in `access_policy` ([#28792](https://togithub.com/hashicorp/terraform-provider-aws/issues/28792)) - resource/aws_cloudwatch_event_bus_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28802](https://togithub.com/hashicorp/terraform-provider-aws/issues/28802)) - resource/aws_codeartifact_domain_permissions_policy: Improve refresh to avoid unnecessary diffs in `policy_document` ([#28794](https://togithub.com/hashicorp/terraform-provider-aws/issues/28794)) - resource/aws_codeartifact_repository_permissions_policy: Improve refresh to avoid unnecessary diffs in `policy_document` ([#28794](https://togithub.com/hashicorp/terraform-provider-aws/issues/28794)) - resource/aws_codebuild_resource_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28796](https://togithub.com/hashicorp/terraform-provider-aws/issues/28796)) - resource/aws_dms_replication_subnet_group: Fix error ("Provider produced inconsistent result") when an error is encountered during creation ([#28748](https://togithub.com/hashicorp/terraform-provider-aws/issues/28748)) - resource/aws_dms_replication_task: Allow updates to `aws_dms_replication_task` even when `migration_type` and `table_mappings` have not changed ([#28047](https://togithub.com/hashicorp/terraform-provider-aws/issues/28047)) - resource/aws_dms_replication_task: Fix error with `cdc_path` when used with `aws_dms_s3_endpoint` ([#28704](https://togithub.com/hashicorp/terraform-provider-aws/issues/28704)) - resource/aws_dms_s3\_endpoint: Fix error with `cdc_path` when used with `aws_dms_replication_task` ([#28704](https://togithub.com/hashicorp/terraform-provider-aws/issues/28704)) - resource/aws_ecr_registry_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28799](https://togithub.com/hashicorp/terraform-provider-aws/issues/28799)) - resource/aws_ecr_repository_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28799](https://togithub.com/hashicorp/terraform-provider-aws/issues/28799)) - resource/aws_ecrpublic_repository_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28799](https://togithub.com/hashicorp/terraform-provider-aws/issues/28799)) - resource/aws_efs_file_system_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28800](https://togithub.com/hashicorp/terraform-provider-aws/issues/28800)) - resource/aws_elasticsearch_domain: Improve refresh to avoid unnecessary diffs in `access_policies` ([#28801](https://togithub.com/hashicorp/terraform-provider-aws/issues/28801)) - resource/aws_elasticsearch_domain_policy: Improve refresh to avoid unnecessary diffs in `access_policies` ([#28801](https://togithub.com/hashicorp/terraform-provider-aws/issues/28801)) - resource/aws_glacier_vault: Improve refresh to avoid unnecessary diffs in `access_policy` ([#28804](https://togithub.com/hashicorp/terraform-provider-aws/issues/28804)) - resource/aws_glacier_vault_lock: Improve refresh to avoid unnecessary diffs in `policy` ([#28804](https://togithub.com/hashicorp/terraform-provider-aws/issues/28804)) - resource/aws_glue_resource_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28807](https://togithub.com/hashicorp/terraform-provider-aws/issues/28807)) - resource/aws_iam_group_policy: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868)) - resource/aws_iam_group_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777)) - resource/aws_iam_group_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836)) - resource/aws_iam_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777)) - resource/aws_iam_policy: Improve refresh to avoid unnecessary diffs in `policy`, `tags` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836)) - resource/aws_iam_role: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868)) - resource/aws_iam_role: Improve refresh to avoid unnecessary diffs in `assume_role_policy` and `inline_policy` `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777)) - resource/aws_iam_role: Improve refresh to avoid unnecessary diffs in `inline_policy.*.policy`, `tags` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836)) - resource/aws_iam_role_policy: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868)) - resource/aws_iam_role_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777)) - resource/aws_iam_role_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836)) - resource/aws_iam_user_policy: Fixed issue that could result in "inconsistent final plan" errors ([#28868](https://togithub.com/hashicorp/terraform-provider-aws/issues/28868)) - resource/aws_iam_user_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28777](https://togithub.com/hashicorp/terraform-provider-aws/issues/28777)) - resource/aws_iam_user_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28836](https://togithub.com/hashicorp/terraform-provider-aws/issues/28836)) - resource/aws_iot_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28838](https://togithub.com/hashicorp/terraform-provider-aws/issues/28838)) - resource/aws_kms_external_key: Improve refresh to avoid unnecessary diffs in `policy` ([#28853](https://togithub.com/hashicorp/terraform-provider-aws/issues/28853)) - resource/aws_kms_key: Improve refresh to avoid unnecessary diffs in `policy` ([#28853](https://togithub.com/hashicorp/terraform-provider-aws/issues/28853)) - resource/aws_lb_target_group: Change `protocol_version` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#17845](https://togithub.com/hashicorp/terraform-provider-aws/issues/17845)) - resource/aws_lb_target_group: When creating a new target group, return an error if there is an existing target group with the same name. Use [`terraform import`](https://developer.hashicorp.com/terraform/cli/commands/import) for existing target groups ([#26977](https://togithub.com/hashicorp/terraform-provider-aws/issues/26977)) - resource/aws_mq_configuration: Improve refresh to avoid unnecessary diffs in `data` ([#28837](https://togithub.com/hashicorp/terraform-provider-aws/issues/28837)) - resource/aws_s3\_access_point: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866)) - resource/aws_s3\_bucket: Improve refresh to avoid unnecessary diffs in `policy` ([#28855](https://togithub.com/hashicorp/terraform-provider-aws/issues/28855)) - resource/aws_s3\_bucket_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28855](https://togithub.com/hashicorp/terraform-provider-aws/issues/28855)) - resource/aws_s3control_access_point_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866)) - resource/aws_s3control_bucket_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866)) - resource/aws_s3control_multi_region_access_point_policy: Improve refresh to avoid unnecessary diffs in `details` `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866)) - resource/aws_s3control_object_lambda_access_point_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28866](https://togithub.com/hashicorp/terraform-provider-aws/issues/28866)) - resource/aws_sagemaker_model_package_group_policy: Improve refresh to avoid unnecessary diffs in `resource_policy` ([#28865](https://togithub.com/hashicorp/terraform-provider-aws/issues/28865)) - resource/aws_schemas_registry_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28864](https://togithub.com/hashicorp/terraform-provider-aws/issues/28864)) - resource/aws_secretsmanager_secret: Improve refresh to avoid unnecessary diffs in `policy` ([#28863](https://togithub.com/hashicorp/terraform-provider-aws/issues/28863)) - resource/aws_secretsmanager_secret_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28863](https://togithub.com/hashicorp/terraform-provider-aws/issues/28863)) - resource/aws_ses_identity_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28861](https://togithub.com/hashicorp/terraform-provider-aws/issues/28861)) - resource/aws_sns_topic: Improve refresh to avoid unnecessary diffs in `policy` ([#28860](https://togithub.com/hashicorp/terraform-provider-aws/issues/28860)) - resource/aws_sns_topic_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28860](https://togithub.com/hashicorp/terraform-provider-aws/issues/28860)) - resource/aws_sqs_queue: Improve refresh to avoid unnecessary diffs in `policy` ([#28840](https://togithub.com/hashicorp/terraform-provider-aws/issues/28840)) - resource/aws_sqs_queue_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28840](https://togithub.com/hashicorp/terraform-provider-aws/issues/28840)) - resource/aws_transfer_access: Improve refresh to avoid unnecessary diffs in `policy` ([#28859](https://togithub.com/hashicorp/terraform-provider-aws/issues/28859)) - resource/aws_transfer_user: Improve refresh to avoid unnecessary diffs in `policy` ([#28859](https://togithub.com/hashicorp/terraform-provider-aws/issues/28859)) - resource/aws_vpc_endpoint: Improve refresh to avoid unnecessary diffs in `policy` ([#28798](https://togithub.com/hashicorp/terraform-provider-aws/issues/28798)) - resource/aws_vpc_endpoint_policy: Improve refresh to avoid unnecessary diffs in `policy` ([#28798](https://togithub.com/hashicorp/terraform-provider-aws/issues/28798)) ### [`v4.49.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#4490-January-5-2023) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v4.48.0...v4.49.0) NOTES: - resource/aws_dms_endpoint: For `s3_settings` `cdc_min_file_size`, AWS changed the multiplier to kilobytes instead of megabytes. In other words, prior to the change, a value of `32` represented 32 MiB. After the change, a value of `32` represents 32 KB. Change your configuration accordingly. ([#28578](https://togithub.com/hashicorp/terraform-provider-aws/issues/28578)) - resource/aws_fsx_ontap_storage_virtual_machine: The `subtype` attribute is no longer deprecated ([#28567](https://togithub.com/hashicorp/terraform-provider-aws/issues/28567)) FEATURES: - **New Data Source:** `aws_s3control_multi_region_access_point` ([#28373](https://togithub.com/hashicorp/terraform-provider-aws/issues/28373)) - **New Resource:** `aws_appsync_type` ([#28437](https://togithub.com/hashicorp/terraform-provider-aws/issues/28437)) - **New Resource:** `aws_auditmanager_assessment` ([#28643](https://togithub.com/hashicorp/terraform-provider-aws/issues/28643)) - **New Resource:** `aws_auditmanager_assessment_report` ([#28663](https://togithub.com/hashicorp/terraform-provider-aws/issues/28663)) - **New Resource:** `aws_ec2_instance_state` ([#28639](https://togithub.com/hashicorp/terraform-provider-aws/issues/28639)) - **New Resource:** `aws_lightsail_bucket` ([#28585](https://togithub.com/hashicorp/terraform-provider-aws/issues/28585)) - **New Resource:** `aws_ssoadmin_instance_access_control_attributes` ([#23317](https://togithub.com/hashicorp/terraform-provider-aws/issues/23317)) ENHANCEMENTS: - data-source/aws_autoscaling_group: Add `desired_capacity_type` attribute ([#28658](https://togithub.com/hashicorp/terraform-provider-aws/issues/28658)) - data-source/aws_kms_secrets: Add `encryption_algorithm` and `key_id` arguments in support of [asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) ([#21054](https://togithub.com/hashicorp/terraform-provider-aws/issues/21054)) - resource/aws_appflow_connector_profile: Add support for `connector_type` CustomConnector. Add `cluster_identifier`, `database_name`, and `data_api_role_arn` attributes for `redshift` `connection_profile_properties` ([#26766](https://togithub.com/hashicorp/terraform-provider-aws/issues/26766)) - resource/aws_appsync_resolver: Add `runtime` and `code` arguments ([#28436](https://togithub.com/hashicorp/terraform-provider-aws/issues/28436)) - resource/aws_appsync_resolver: Add plan time validation for `caching_config.ttl` ([#28436](https://togithub.com/hashicorp/terraform-provider-aws/issues/28436)) - resource/aws_athena_workgroup: Add `configuration.execution_role` argument ([#28420](https://togithub.com/hashicorp/terraform-provider-aws/issues/28420)) - resource/aws_autoscaling_group: Add `desired_capacity_type` argument ([#28658](https://togithub.com/hashicorp/terraform-provider-aws/issues/28658)) - resource/aws_dms_endpoint: Change `s3_settings` `cdc_min_file_size` default to 32000 in order to align with AWS's change from megabytes to kilobytes for this setting ([#28578](https://togithub.com/hashicorp/terraform-provider-aws/issues/28578)) - resource/aws_ecs_service: Add `alarms` argument ([#28521](https://togithub.com/hashicorp/terraform-provider-aws/issues/28521)) - resource/aws_lightsail_instance: Add `add_on` configuration block. ([#28602](https://togithub.com/hashicorp/terraform-provider-aws/issues/28602)) - resource/aws_lightsail_instance_public_ports: Add `cidr_list_aliases` argument ([#28376](https://togithub.com/hashicorp/terraform-provider-aws/issues/28376)) - resource/aws_s3\_access_point: Add `bucket_account_id` argument ([#28564](https://togithub.com/hashicorp/terraform-provider-aws/issues/28564)) - resource/aws_s3control_storage_lens_configuration: Add `advanced_cost_optimization_metrics`, `advanced_data_protection_metrics`, and `detailed_status_code_metrics` arguments to the `storage_lens_configuration.account_level` and `storage_lens_configuration.account_level.bucket_level` configuration blocks ([#28564](https://togithub.com/hashicorp/terraform-provider-aws/issues/28564)) - resource/aws_wafv2\_rule_group: Add `rule.action.captcha` argument ([#28435](https://togithub.com/hashicorp/terraform-provider-aws/issues/28435)) - resource/aws_wafv2\_web_acl: Add `rule.action.challenge` argument ([#28305](https://togithub.com/hashicorp/terraform-provider-aws/issues/28305)) - resource/aws_wafv2\_web_acl: Add support for ManagedRuleGroupConfig ([#28594](https://togithub.com/hashicorp/terraform-provider-aws/issues/28594)) BUG FIXES: - data-source/aws_cloudwatch_log_group: Restore use of `ListTagsLogGroup` API ([#28492](https://togithub.com/hashicorp/terraform-provider-aws/issues/28492)) - resource/aws_cloudwatch_log_group: Restore use ofConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.