hashicorp/terraform-provider-aws (aws)
### [`v5.65.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5650-August-29-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.64.0...v5.65.0)
NOTES:
- provider: Updates to Go 1.23. We do not expect this change to impact most users. For macOS, Go 1.23 requires macOS 11 Big Sur or later; support for previous versions has been discontinued. ([#38999](https://togithub.com/hashicorp/terraform-provider-aws/issues/38999))
FEATURES:
- **New Data Source:** `aws_shield_protection` ([#37524](https://togithub.com/hashicorp/terraform-provider-aws/issues/37524))
- **New Resource:** `aws_glue_catalog_table_optimizer` ([#38052](https://togithub.com/hashicorp/terraform-provider-aws/issues/38052))
ENHANCEMENTS:
- data-source/aws_elb_hosted_zone_id: Add hosted zone ID for `ap-southeast-5` AWS Region ([#39052](https://togithub.com/hashicorp/terraform-provider-aws/issues/39052))
- data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for `ap-southeast-5` AWS Region ([#39052](https://togithub.com/hashicorp/terraform-provider-aws/issues/39052))
- data-source/aws_s3\_bucket: Add hosted zone ID for `ap-southeast-5` AWS Region ([#39052](https://togithub.com/hashicorp/terraform-provider-aws/issues/39052))
- provider: Support `ap-southeast-5` as a valid AWS Region ([#39049](https://togithub.com/hashicorp/terraform-provider-aws/issues/39049))
- resource/aws_cognito_user_pool: Add `password_policy.password_history_size` argument ([#39043](https://togithub.com/hashicorp/terraform-provider-aws/issues/39043))
- resource/aws_elastic_beanstalk_application_version: Add `process` argument ([#25468](https://togithub.com/hashicorp/terraform-provider-aws/issues/25468))
- resource/aws_elasticsearch_domain: Treat `SUCCEEDED_WITH_ISSUES` status as success when upgrading cluster ([#38086](https://togithub.com/hashicorp/terraform-provider-aws/issues/38086))
- resource/aws_emr_cluster: Support `io2` as a valid value for `ebs_config.type` ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740))
- resource/aws_emr_instance_fleet: Support `io2` as a valid value for `instance_type_configs.ebs_config.type` ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740))
- resource/aws_emr_instance_group: Support `io2` as a valid value for `instance_type_configs.ebs_config.type` ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740))
- resource/aws_glue_job: Add `job_run_queuing_enabled` argument ([#39027](https://togithub.com/hashicorp/terraform-provider-aws/issues/39027))
- resource/aws_lambda_event_source_mapping: Add `kms_key_arn` argument ([#39055](https://togithub.com/hashicorp/terraform-provider-aws/issues/39055))
- resource/aws_verifiedaccess_endpoint: Set PolicyEnabled flag to `false` on update if `policy_document` is empty ([#38675](https://togithub.com/hashicorp/terraform-provider-aws/issues/38675))
BUG FIXES:
- resource/aws_amplify_app: Fix crash updating `auto_branch_creation_config` ([#39041](https://togithub.com/hashicorp/terraform-provider-aws/issues/39041))
- resource/aws_elasticsearch_domain_policy: Change `domain_name` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#38086](https://togithub.com/hashicorp/terraform-provider-aws/issues/38086))
- resource/aws_elbv2\_listener: Fix crash when reading forward actions not configured in state ([#39039](https://togithub.com/hashicorp/terraform-provider-aws/issues/39039))
- resource/aws_emr_instance_group: Properly send an `instance_count` value of `0` on create when configured ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740))
- resource/aws_gamelift_game_server_group: Fix crash while reading server group with a nil auto scaling group ARN ([#39022](https://togithub.com/hashicorp/terraform-provider-aws/issues/39022))
- resource/aws_guardduty_invite_accepter: Fix `BadRequestException: The request is rejected because an invalid or out-of-range value is specified as an input parameter` errors on resource Create ([#39084](https://togithub.com/hashicorp/terraform-provider-aws/issues/39084))
- resource/aws_lakeformation_permissions: Fix error when revoking `data_cells_filter` permissions ([#39026](https://togithub.com/hashicorp/terraform-provider-aws/issues/39026))
- resource/aws_neptune_cluster: Mark `neptune_cluster_parameter_group_name` as Computed ([#38980](https://togithub.com/hashicorp/terraform-provider-aws/issues/38980))
- resource/aws_neptune_cluster_instance: Mark `neptune_parameter_group_name` as Computed ([#38980](https://togithub.com/hashicorp/terraform-provider-aws/issues/38980))
- resource/aws_ssm_parameter: Fix `ValidationException: Parameter ARN is not supported for this operation` errors when deleting resources imported by ARN ([#39067](https://togithub.com/hashicorp/terraform-provider-aws/issues/39067))
### [`v5.64.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5640-August-22-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.63.1...v5.64.0)
ENHANCEMENTS:
- data-source/aws_opensearch_domain: Add `dashboard_endpoint_v2`, `domain_endpoint_v2_hosted_zone_id`, and `endpoint_v2` attributes ([#38456](https://togithub.com/hashicorp/terraform-provider-aws/issues/38456))
- resource/aws_appautoscaling_target: Add `suspended_state` configuration block ([#38942](https://togithub.com/hashicorp/terraform-provider-aws/issues/38942))
- resource/aws_dynamodb_table: Add `restore_source_table_arn` attribute ([#38953](https://togithub.com/hashicorp/terraform-provider-aws/issues/38953))
- resource/aws_opensearch_domain: Add `dashboard_endpoint_v2`, `domain_endpoint_v2_hosted_zone_id`, and `endpoint_v2` attributes ([#38456](https://togithub.com/hashicorp/terraform-provider-aws/issues/38456))
BUG FIXES:
- resource/aws_bedrockagent_agent: Fixes consistency issues where only some prompts are overridden ([#38944](https://togithub.com/hashicorp/terraform-provider-aws/issues/38944))
- resource/aws_cloudformation_stack_set_instance: Fix crash during construction of the `id` attribute when `deployment_targets` does not include organizational unit IDs. ([#38969](https://togithub.com/hashicorp/terraform-provider-aws/issues/38969))
- resource/aws_glue_trigger: Fix crash when null `action` is configured ([#38994](https://togithub.com/hashicorp/terraform-provider-aws/issues/38994))
- resource/aws_rds_cluster: Allow Web Service Data API (`enabled_http_endpoint`) to be enabled and disabled for `provisioned` engine mode and serverlessv2 ([#38997](https://togithub.com/hashicorp/terraform-provider-aws/issues/38997))
### [`v5.63.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5631-August-20-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.63.0...v5.63.1)
FEATURES:
- **New Data Source:** `aws_route53_zones` ([#17457](https://togithub.com/hashicorp/terraform-provider-aws/issues/17457))
- **New Data Source:** `aws_ssoadmin_permission_sets` ([#38741](https://togithub.com/hashicorp/terraform-provider-aws/issues/38741))
ENHANCEMENTS:
- data-source/aws_batch_job_queue: Add `job_state_time_limit_action` attribute ([#38784](https://togithub.com/hashicorp/terraform-provider-aws/issues/38784))
- resource/aws_batch_job_definition: Add `ecs_properties` argument ([#37871](https://togithub.com/hashicorp/terraform-provider-aws/issues/37871))
- resource/aws_batch_job_queue: Add `job_state_time_limit_action` argument ([#38784](https://togithub.com/hashicorp/terraform-provider-aws/issues/38784))
BUG FIXES:
- provider: Fix crash when flattening string pointer slices with nil items ([#38886](https://togithub.com/hashicorp/terraform-provider-aws/issues/38886))
- resource/aws_datazone_project: Properly surface import `id` parsing errors ([#38924](https://togithub.com/hashicorp/terraform-provider-aws/issues/38924))
- resource/aws_quicksight_data_set: Fix crash when setting `logical_table_map.data_transforms.project_operation.projected_columns` with null list elements ([#38886](https://togithub.com/hashicorp/terraform-provider-aws/issues/38886))
- resource/aws_ses_configuration_set: Fix crash when `reputation_metrics_enabled` is set to `true` ([#38921](https://togithub.com/hashicorp/terraform-provider-aws/issues/38921))
### [`v5.63.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5630-August-15-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.62.0...v5.63.0)
FEATURES:
- **New Data Source:** `aws_bedrockagent_agent_versions` ([#38792](https://togithub.com/hashicorp/terraform-provider-aws/issues/38792))
- **New Resource:** `aws_bedrock_guardrail` ([#38757](https://togithub.com/hashicorp/terraform-provider-aws/issues/38757))
- **New Resource:** `aws_cloudtrail_organization_delegated_admin_account` ([#38817](https://togithub.com/hashicorp/terraform-provider-aws/issues/38817))
- **New Resource:** `aws_datazone_environment_profile` ([#35603](https://togithub.com/hashicorp/terraform-provider-aws/issues/35603))
- **New Resource:** `aws_datazone_form_type` ([#38746](https://togithub.com/hashicorp/terraform-provider-aws/issues/38746))
- **New Resource:** `aws_datazone_glossary_term` ([#38706](https://togithub.com/hashicorp/terraform-provider-aws/issues/38706))
- **New Resource:** `aws_pinpoint_email_template` ([#33266](https://togithub.com/hashicorp/terraform-provider-aws/issues/33266))
ENHANCEMENTS:
- resource/aws_networkfirewall_logging_configuration: Change `logging_configuration.log_destination_config` `MaxItems` from `2` to `3` ([#38824](https://togithub.com/hashicorp/terraform-provider-aws/issues/38824))
BUG FIXES:
- data-source/aws_acm_certificate: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
- resource/aws_appstream_stack: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
- resource/aws_bedrockagent_agent_knowledge_base_association: Prepare agent when associating a knowledge base so it can be used ([#38799](https://togithub.com/hashicorp/terraform-provider-aws/issues/38799))
- resource/aws_cloudwatch_event_connection: Fix various expander type assertions to prevent crashes ([#38800](https://togithub.com/hashicorp/terraform-provider-aws/issues/38800))
- resource/aws_controltower_landing_zone: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
- resource/aws_db_event_subscription: Fix plan-time validation of `name` and `name_prefix` ([#38194](https://togithub.com/hashicorp/terraform-provider-aws/issues/38194))
- resource/aws_ecs_cluster_capacity_providers: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
- resource/aws_ecs_service: Fix crash from nil `service_registries` item ([#38883](https://togithub.com/hashicorp/terraform-provider-aws/issues/38883))
- resource/aws_ecs_task_definition: Fix perpetual `container_definitions` diffs on `healthCheck`'s default values ([#38872](https://togithub.com/hashicorp/terraform-provider-aws/issues/38872))
- resource/aws_ecs_task_definition: Prevent lowercasing of the first character of JSON keys in `container_definitions.dockerLabels` ([#38804](https://togithub.com/hashicorp/terraform-provider-aws/issues/38804))
- resource/aws_ecs_task_definition: Remove `null`s from `container_definition` array fields ([#38870](https://togithub.com/hashicorp/terraform-provider-aws/issues/38870))
- resource/aws_elasticache_replication_group: Fix crash when setting `replicas_per_node_group` if node groups are empty ([#38797](https://togithub.com/hashicorp/terraform-provider-aws/issues/38797))
- resource/aws_fms_policy: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
- resource/aws_grafana_workspace: Fix crash when empty `network_access_control` block is configured ([#38775](https://togithub.com/hashicorp/terraform-provider-aws/issues/38775))
- resource/aws_grafana_workspace: Fix crash when empty `vpc_configuration` block is configured ([#38775](https://togithub.com/hashicorp/terraform-provider-aws/issues/38775))
- resource/aws_iot_thing_group: Fix crash when empty `attribute_payload` block is configured ([#38776](https://togithub.com/hashicorp/terraform-provider-aws/issues/38776))
- resource/aws_lexv2models_slot_type: Fix slot_type_values to have sample_value attribute ([#38856](https://togithub.com/hashicorp/terraform-provider-aws/issues/38856))
- resource/aws_networkmanager_connect_peer: Set all `configuration.bgp_configurations` on Read ([#38798](https://togithub.com/hashicorp/terraform-provider-aws/issues/38798))
- resource/aws_redshift_cluster: Set `encrypted` on snapshot restore, when enabled ([#38828](https://togithub.com/hashicorp/terraform-provider-aws/issues/38828))
- resource/aws_rolesanywhere_profile: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
- resource/aws_rolesanywhere_trust_anchor: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
- resource/aws_s3\_bucket_lifecycle_configuration: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854))
### [`v5.62.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5620-August-8-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.61.0...v5.62.0)
FEATURES:
- **New Data Source:** `aws_rds_cluster_parameter_group` ([#38416](https://togithub.com/hashicorp/terraform-provider-aws/issues/38416))
- **New Data Source:** `aws_secretsmanager_secret_versions` ([#35411](https://togithub.com/hashicorp/terraform-provider-aws/issues/35411))
- **New Resource:** `aws_ebs_snapshot_block_public_access` ([#38641](https://togithub.com/hashicorp/terraform-provider-aws/issues/38641))
- **New Resource:** `aws_rds_integration` ([#35199](https://togithub.com/hashicorp/terraform-provider-aws/issues/35199))
ENHANCEMENTS:
- data-source/aws_s3\_bucket_object: Expand content types that can be read from S3 to include include `application/x-sql` ([#38737](https://togithub.com/hashicorp/terraform-provider-aws/issues/38737))
- data-source/aws_s3\_object: Expand content types that can be read from S3 to include `application/x-sql` ([#38737](https://togithub.com/hashicorp/terraform-provider-aws/issues/38737))
- provider: Allow `default_tags` to be set by environment variables ([#33339](https://togithub.com/hashicorp/terraform-provider-aws/issues/33339))
- provider: Allow `ignore_tags.keys` and `ignore_tags.key_prefixes` to be set by environment variables ([#35264](https://togithub.com/hashicorp/terraform-provider-aws/issues/35264))
- resource/aws_db_option_group: Add `skip_destroy` argument ([#29663](https://togithub.com/hashicorp/terraform-provider-aws/issues/29663))
- resource/aws_db_parameter_group: Add `skip_destroy` argument ([#29663](https://togithub.com/hashicorp/terraform-provider-aws/issues/29663))
- resource/aws_dx_macsec_key_association: Add plan-time validation of `secret_arn` ([#37213](https://togithub.com/hashicorp/terraform-provider-aws/issues/37213))
- resource/aws_ecs_service: Add `force_delete` argument ([#38707](https://togithub.com/hashicorp/terraform-provider-aws/issues/38707))
- resource/aws_grafana_license_association: Add `grafana_token` argument ([#38743](https://togithub.com/hashicorp/terraform-provider-aws/issues/38743))
- resource/aws_lb_target_group: Add `target_health_state.unhealthy_draining_interval` argument ([#38654](https://togithub.com/hashicorp/terraform-provider-aws/issues/38654))
- resource/aws_lexv2models_slot: Add `sub_slot_setting` attribute ([#38698](https://togithub.com/hashicorp/terraform-provider-aws/issues/38698))
BUG FIXES:
- data-source/aws_ecr_repository_creation_template: Support `ROOT` as a valid value for `prefix` ([#38685](https://togithub.com/hashicorp/terraform-provider-aws/issues/38685))
- data-source/aws_msk_broker_nodes: Filter out nodes with no broker info ([#38042](https://togithub.com/hashicorp/terraform-provider-aws/issues/38042))
- resource/aws_appconfig_configuration_profile: Increase `name` max length validation to 128 ([#37539](https://togithub.com/hashicorp/terraform-provider-aws/issues/37539))
- resource/aws_batch_job_definition: Fix panic when checking `eks_properties` for job updates ([#38716](https://togithub.com/hashicorp/terraform-provider-aws/issues/38716))
- resource/aws_batch_job_definition: Fix panic when checking `retry_strategy` for job updates ([#38716](https://togithub.com/hashicorp/terraform-provider-aws/issues/38716))
- resource/aws_batch_job_definition: Fix panic when checking `timeout` for job updates ([#38716](https://togithub.com/hashicorp/terraform-provider-aws/issues/38716))
- resource/aws_ec2\_capacity_block_reservation: Fix error during apply for missing `created_date` attribute ([#38689](https://togithub.com/hashicorp/terraform-provider-aws/issues/38689))
- resource/aws_ecr_repository_creation_template: Support `ROOT` as a valid value for `prefix` ([#38685](https://togithub.com/hashicorp/terraform-provider-aws/issues/38685))
- resource/aws_elbv2\_trust_store_revocation: Fix to properly return errors during resource creation ([#38756](https://togithub.com/hashicorp/terraform-provider-aws/issues/38756))
- resource/aws_emr_cluster: Fix panic when reading an instance fleet with an empty `launch_specifications` argument ([#38773](https://togithub.com/hashicorp/terraform-provider-aws/issues/38773))
- resource/aws_lexv2models_bot: Handle `PreconditionFailedException` on delete for resources deleted out-of-band ([#38661](https://togithub.com/hashicorp/terraform-provider-aws/issues/38661))
- resource/aws_lexv2models_bot_locale: Handle `PreconditionFailedException` on delete for resources deleted out-of-band ([#38661](https://togithub.com/hashicorp/terraform-provider-aws/issues/38661))
- resource/aws_lexv2models_bot_version: Handle `PreconditionFailedException` on delete for resources deleted out-of-band ([#38661](https://togithub.com/hashicorp/terraform-provider-aws/issues/38661))
- resource/aws_networkmanager_core_network: Fix `$.network-function-groups: null found, array expected` errors when creating resource with `create_base_policy` argument ([#38642](https://togithub.com/hashicorp/terraform-provider-aws/issues/38642))
- resource/aws_quicksight_account_subscription: Fix panic when read returns nil account info ([#38752](https://togithub.com/hashicorp/terraform-provider-aws/issues/38752))
- resource/aws_sfn_state_machine: Mark `revision_id` and `state_machine_version_arn` as Computed on update if `publish` is `true` ([#38657](https://togithub.com/hashicorp/terraform-provider-aws/issues/38657))
### [`v5.61.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5610-Unreleased)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.60.0...v5.61.0)
NOTES:
- resource/aws_chatbot_teams_channel_configuration: This resource is provided on a best-effort basis, and we welcome the community's help in testing it. ([#38630](https://togithub.com/hashicorp/terraform-provider-aws/issues/38630))
FEATURES:
- **New Data Source:** `aws_ecr_repository_creation_template` ([#38597](https://togithub.com/hashicorp/terraform-provider-aws/issues/38597))
- **New Resource:** `aws_chatbot_slack_channel_configuration` ([#38124](https://togithub.com/hashicorp/terraform-provider-aws/issues/38124))
- **New Resource:** `aws_chatbot_teams_channel_configuration` ([#38630](https://togithub.com/hashicorp/terraform-provider-aws/issues/38630))
- **New Resource:** `aws_datazone_glossary` ([#38602](https://togithub.com/hashicorp/terraform-provider-aws/issues/38602))
- **New Resource:** `aws_ecr_repository_creation_template` ([#38597](https://togithub.com/hashicorp/terraform-provider-aws/issues/38597))
- **New Resource:** `aws_timestreaminfluxdb_db_instance` ([#37963](https://togithub.com/hashicorp/terraform-provider-aws/issues/37963))
ENHANCEMENTS:
- data-source/aws_eks_cluster: Add `upgrade_policy` attribute ([#38573](https://togithub.com/hashicorp/terraform-provider-aws/issues/38573))
- data-source/aws_sagemaker_prebuilt_ecr_image: Support additional `repository_name` values. See [documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/sagemaker_prebuilt_ecr_image#repository_name) for details ([#38575](https://togithub.com/hashicorp/terraform-provider-aws/issues/38575))
- resource/aws_appsync_graphql_api: Add `enhanced_metrics_config` configuration block ([#38570](https://togithub.com/hashicorp/terraform-provider-aws/issues/38570))
- resource/aws_db_instance: Add `upgrade_storage_config` argument ([#36904](https://togithub.com/hashicorp/terraform-provider-aws/issues/36904))
- resource/aws_default_vpc: Support `ipv6_cidr_block` sizes between `/44` and `/60` in increments of /4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_default_vpc: Support `ipv6_netmask_length` values between `44` and `60` in increments of 4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_eks_cluster: Add `upgrade_policy` configuration block ([#38573](https://togithub.com/hashicorp/terraform-provider-aws/issues/38573))
- resource/aws_elasticache_user_group_association: Add configurable create and delete timeouts ([#38559](https://togithub.com/hashicorp/terraform-provider-aws/issues/38559))
- resource/aws_pipes_pipe: Add `log_configuration.include_execution_data` argument ([#38569](https://togithub.com/hashicorp/terraform-provider-aws/issues/38569))
- resource/aws_rds_cluster: Add `performance_insights_enabled`, `performance_insights_kms_key_id`, and `performance_insights_retention_period` arguments ([#29415](https://togithub.com/hashicorp/terraform-provider-aws/issues/29415))
- resource/aws_rds_cluster: Add `restore_to_point_in_time.source_cluster_resource_id` argument ([#38540](https://togithub.com/hashicorp/terraform-provider-aws/issues/38540))
- resource/aws_rds_cluster: Mark `restore_to_point_in_time.source_cluster_identifier` as Optional ([#38540](https://togithub.com/hashicorp/terraform-provider-aws/issues/38540))
- resource/aws_sfn_activity: Add `encryption_configuration` configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions Activity resources ([#38574](https://togithub.com/hashicorp/terraform-provider-aws/issues/38574))
- resource/aws_sfn_state_machine: Add `encryption_configuration` configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions State Machine resources ([#38574](https://togithub.com/hashicorp/terraform-provider-aws/issues/38574))
- resource/aws_ssm_patch_baseline: Remove empty fields from `json` attribute value ([#35950](https://togithub.com/hashicorp/terraform-provider-aws/issues/35950))
- resource/aws_storagegateway_file_system_association: Add configurable timeouts ([#38554](https://togithub.com/hashicorp/terraform-provider-aws/issues/38554))
- resource/aws_vpc: Support `ipv6_cidr_block` sizes between `/44` and `/60` in increments of /4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_vpc: Support `ipv6_netmask_length` values between `44` and `60` in increments of 4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_vpc_ipv6\_cidr_block_association: Add `assign_generated_ipv6_cidr_block` and `ipv6_pool` arguments ([#27274](https://togithub.com/hashicorp/terraform-provider-aws/issues/27274))
- resource/aws_vpc_ipv6\_cidr_block_association: Support `ipv6_cidr_block` sizes between `/44` and `/60` in increments of /4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_vpc_ipv6\_cidr_block_association: Support `ipv6_netmask_length` values between `44` and `60` in increments of 4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_vpc_security_group_egress_rule: Add `tags` to the `AuthorizeSecurityGroupEgress` EC2 API call instead of making a separate `CreateTags` call ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_vpc_security_group_ingress_rule: Add `tags` to the `AuthorizeSecurityGroupIngress` EC2 API call instead of making a separate `CreateTags` call ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614))
- resource/aws_wafv2\_web_acl: Add `rule_json` attribute to allow raw JSON for rules. ([#38309](https://togithub.com/hashicorp/terraform-provider-aws/issues/38309))
BUG FIXES:
- data-source/aws_appstream_image: Fix issue where the most recent image is not returned ([#38571](https://togithub.com/hashicorp/terraform-provider-aws/issues/38571))
- datasource/aws_networkmanager_core_network_policy_document: Fix `CoreNetworkPolicyException` when putting policy with single wildcard in `when_sent_to` ([#38595](https://togithub.com/hashicorp/terraform-provider-aws/issues/38595))
- resource/aws_cloudsearch_domain: Fix `index_name` character length validation ([#38509](https://togithub.com/hashicorp/terraform-provider-aws/issues/38509))
- resource/aws_ecs_task_definition: Ensure that JSON keys in `container_definitions` start with a lowercase letter ([#38622](https://togithub.com/hashicorp/terraform-provider-aws/issues/38622))
- resource/aws_iot_provisioning_template: Properly send `type` argument on create when configured ([#38640](https://togithub.com/hashicorp/terraform-provider-aws/issues/38640))
- resource/aws_opensearchserverless_security_policy: Normalize `policy` content to prevent persistent differences ([#38604](https://togithub.com/hashicorp/terraform-provider-aws/issues/38604))
- resource/aws_pipes_pipe: Don't reset `target_parameters` if the configured value has not changed ([#38598](https://togithub.com/hashicorp/terraform-provider-aws/issues/38598))
- resource/aws_rds_instance: Allow `domain_dns_ips` to use single DNS server IP ([#36500](https://togithub.com/hashicorp/terraform-provider-aws/issues/36500))
- resource/aws_sagemaker_domain: Properly send `domain_settings.r_studio_server_pro_domain_settings.r_studio_package_manager_url` argument on create ([#38547](https://togithub.com/hashicorp/terraform-provider-aws/issues/38547))
- resource/aws_vpc_ipam_pool_cidr_allocation: Set `description` on Read ([#38618](https://togithub.com/hashicorp/terraform-provider-aws/issues/38618))
- resource/aws_vpc_ipam_pool_cidr_allocation: Set `netmask_length` on Read ([#38618](https://togithub.com/hashicorp/terraform-provider-aws/issues/38618))
### [`v5.60.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5600-July-25-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.59.0...v5.60.0)
NOTES:
- resource/aws_shield_subscription: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#37637](https://togithub.com/hashicorp/terraform-provider-aws/issues/37637))
FEATURES:
- **New Data Source:** `aws_service_principal` ([#38307](https://togithub.com/hashicorp/terraform-provider-aws/issues/38307))
- **New Resource:** `aws_shield_subscription` ([#37637](https://togithub.com/hashicorp/terraform-provider-aws/issues/37637))
ENHANCEMENTS:
- data-source/aws_cloudwatch_event_bus: Add `kms_key_identifier` attribute ([#38492](https://togithub.com/hashicorp/terraform-provider-aws/issues/38492))
- data-source/aws_cur_report_definition: Add `tags` attribute ([#38483](https://togithub.com/hashicorp/terraform-provider-aws/issues/38483))
- resource/aws_appflow_flow: Add `metadata_catalog_config` attribute ([#37566](https://togithub.com/hashicorp/terraform-provider-aws/issues/37566))
- resource/aws_appflow_flow: Add `prefix_hierarchy` attribute to `destination_flow_config.s3.s3_output_format_config` ([#37566](https://togithub.com/hashicorp/terraform-provider-aws/issues/37566))
- resource/aws_batch_job_definition: Add `eks_properties.*.pod_properties.*.image_pull_secret` argument ([#38517](https://togithub.com/hashicorp/terraform-provider-aws/issues/38517))
- resource/aws_cloudformation_stack_set_instance: Add `operation_preferences.concurrency_mode` argument ([#38498](https://togithub.com/hashicorp/terraform-provider-aws/issues/38498))
- resource/aws_cloudwatch_event_bus: Add `kms_key_identifier` argument ([#38492](https://togithub.com/hashicorp/terraform-provider-aws/issues/38492))
- resource/aws_cur_report_definition: Add `tags` argument and `tags_all` attribute ([#38483](https://togithub.com/hashicorp/terraform-provider-aws/issues/38483))
- resource/aws_db_cluster_snapshot: Add `shared_accounts` argument ([#34885](https://togithub.com/hashicorp/terraform-provider-aws/issues/34885))
- resource/aws_db_snapshot_copy: Add `shared_accounts` argument ([#34843](https://togithub.com/hashicorp/terraform-provider-aws/issues/34843))
- resource/aws_glue_connection: Add `AZURECOSMOS`, `AZURESQL`, `BIGQUERY`, `OPENSEARCH`, and `SNOWFLAKE` as valid values for the `connection_type` argument and `SparkProperties` as a valid value for the `connection_properties` argument ([#37731](https://togithub.com/hashicorp/terraform-provider-aws/issues/37731))
- resource/aws_iam_role: Change from partial resource creation to resource creation failed if an `inline_policy` fails to create ([#38477](https://togithub.com/hashicorp/terraform-provider-aws/issues/38477))
- resource/aws_rds_cluster: Add `scaling_configuration.seconds_before_timeout` argument ([#38451](https://togithub.com/hashicorp/terraform-provider-aws/issues/38451))
- resource/aws_sesv2\_configuration_set_event_destination: Add `event_destination.event_bridge_destination` configuration block ([#38458](https://togithub.com/hashicorp/terraform-provider-aws/issues/38458))
- resource/aws_timestreamwrite_table: Fix `runtime error: invalid memory address or nil pointer dereference` panic when reading a non-existent table ([#38512](https://togithub.com/hashicorp/terraform-provider-aws/issues/38512))
BUG FIXES:
- data-source/aws_fsx_ontap_storage_virtual_machine: Correctly set `tags` on Read ([#38343](https://togithub.com/hashicorp/terraform-provider-aws/issues/38343))
- data-source/aws_fsx_openzfs_snapshot: Correctly set `tags` on Read ([#38343](https://togithub.com/hashicorp/terraform-provider-aws/issues/38343))
- resource/aws_ce_cost_category: Fix perpetual diff with the `rule` argument on update ([#38449](https://togithub.com/hashicorp/terraform-provider-aws/issues/38449))
- resource/aws_codebuild_webhook: Remove errant validation on `scope_configuration.domain` argument ([#38513](https://togithub.com/hashicorp/terraform-provider-aws/issues/38513))
- resource/aws_ecs_service: Fix `error marshaling prior state: a number is required` when upgrading from v5.58.0 to v5.59.0 ([#38490](https://togithub.com/hashicorp/terraform-provider-aws/issues/38490))
- resource/aws_ecs_task_definition: Fix `Provider produced inconsistent final plan` errors when `container_definitions` is [unknown](https://developer.hashicorp.com/terraform/language/expressions/references#values-not-yet-known) ([#38471](https://togithub.com/hashicorp/terraform-provider-aws/issues/38471))
- resource/aws_elasticache_replication_group: Fix `error marshaling prior state` when upgrading from v4.67.0 to v5.59.0 ([#38476](https://togithub.com/hashicorp/terraform-provider-aws/issues/38476))
- resource/aws_fsx_openzfs_volume: Correctly set `tags` on Read ([#38343](https://togithub.com/hashicorp/terraform-provider-aws/issues/38343))
- resource/aws_rds_cluster: Mark `ca_certificate_identifier` as Computed ([#38437](https://togithub.com/hashicorp/terraform-provider-aws/issues/38437))
- resource/aws_rds_cluster: Use the configured `copy_tags_to_snapshot` value when `restore_to_point_in_time` is set ([#34044](https://togithub.com/hashicorp/terraform-provider-aws/issues/34044))
- resource/aws_rds_cluster: Wait for no pending modified values on Update if `apply_immediately` is `true`. This fixes `InvalidParameterCombination` errors when updating `engine_version` ([#38437](https://togithub.com/hashicorp/terraform-provider-aws/issues/38437))
### [`v5.59.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5590-July-19-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.58.0...v5.59.0)
FEATURES:
- resource/aws_kinesis_firehose_delivery_stream: Add `secrets_manager_configuration` to `redshift_configuration`, `snowflake_configuration`, and `splunk_configuration` ([#38151](https://togithub.com/hashicorp/terraform-provider-aws/issues/38151))
- **New Data Source:** `aws_cloudfront_origin_access_control` ([#36301](https://togithub.com/hashicorp/terraform-provider-aws/issues/36301))
- **New Data Source:** `aws_timestreamwrite_database` ([#36368](https://togithub.com/hashicorp/terraform-provider-aws/issues/36368))
- **New Data Source:** `aws_timestreamwrite_table` ([#36599](https://togithub.com/hashicorp/terraform-provider-aws/issues/36599))
- **New Resource:** `aws_datazone_project` ([#38345](https://togithub.com/hashicorp/terraform-provider-aws/issues/38345))
- **New Resource:** `aws_grafana_workspace_service_account` ([#38101](https://togithub.com/hashicorp/terraform-provider-aws/issues/38101))
- **New Resource:** `aws_grafana_workspace_service_account_token` ([#38101](https://togithub.com/hashicorp/terraform-provider-aws/issues/38101))
- **New Resource:** `aws_rds_certificate` ([#35003](https://togithub.com/hashicorp/terraform-provider-aws/issues/35003))
- **New Resource:** `aws_rekognition_stream_processor` ([#37536](https://togithub.com/hashicorp/terraform-provider-aws/issues/37536))
ENHANCEMENTS:
- data-source/aws_elasticache_replication_group: Add `cluster_mode` attribute ([#38002](https://togithub.com/hashicorp/terraform-provider-aws/issues/38002))
- data-source/aws_lakeformation_data_lake_settings: Add `allow_full_table_external_data_access` attribute ([#34474](https://togithub.com/hashicorp/terraform-provider-aws/issues/34474))
- data-source/aws_msk_cluster: Add `broker_node_group_info` attribute ([#37705](https://togithub.com/hashicorp/terraform-provider-aws/issues/37705))
- resource/aws_bedrockagent_agent : Add `skip_resource_in_use_check` argument ([#37586](https://togithub.com/hashicorp/terraform-provider-aws/issues/37586))
- resource/aws_bedrockagent_agent_action_group: Add `action_group_executor.custom_control` argument ([#37484](https://togithub.com/hashicorp/terraform-provider-aws/issues/37484))
- resource/aws_bedrockagent_agent_action_group: Add `function_schema` configuration block ([#37484](https://togithub.com/hashicorp/terraform-provider-aws/issues/37484))
- resource/aws_bedrockagent_agent_alias : Add `routing_configuration.provisioned_throughput` argument ([#37520](https://togithub.com/hashicorp/terraform-provider-aws/issues/37520))
- resource/aws_codebuild_webhook: Add `scope_configuration` argument ([#38199](https://togithub.com/hashicorp/terraform-provider-aws/issues/38199))
- resource/aws_codepipeline: Add `timeout_in_minutes` argument to the `action` configuration block ([#36316](https://togithub.com/hashicorp/terraform-provider-aws/issues/36316))
- resource/aws_db_instance: Add `engine_lifecycle_support` argument ([#37708](https://togithub.com/hashicorp/terraform-provider-aws/issues/37708))
- resource/aws_ecs_cluster: Add `configuration.managed_storage_configuration` argument ([#37932](https://togithub.com/hashicorp/terraform-provider-aws/issues/37932))
- resource/aws_elasticache_replication_group: Add `cluster_mode` argument ([#38002](https://togithub.com/hashicorp/terraform-provider-aws/issues/38002))
- resource/aws_emrserverless_application: Add `interactive_configuration` argument ([#37889](https://togithub.com/hashicorp/terraform-provider-aws/issues/37889))
- resource/aws_fis_experiment_template: Add `experiment_options` configuration block ([#36900](https://togithub.com/hashicorp/terraform-provider-aws/issues/36900))
- resource/aws_fsx_lustre_file_system: Add `final_backup_tags` and `skip_final_backup` arguments ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717))
- resource/aws_fsx_ontap_volume: Add `final_backup_tags` argument ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717))
- resource/aws_fsx_openzfs_file_system: Add `delete_options` and `final_backup_tags` arguments ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717))
- resource/aws_fsx_windows_file_system: Add `final_backup_tags` argument ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717))
- resource/aws_imagebuilder_image_pipeline: Add `execution_role` and `workflow` arguments ([#37317](https://togithub.com/hashicorp/terraform-provider-aws/issues/37317))
- resource/aws_kinesis_firehose_delivery_stream: Add `secrets_manager_configuration` to `http_endpoint_configuration` ([#38245](https://togithub.com/hashicorp/terraform-provider-aws/issues/38245))
- resource/aws_kinesisanalyticsv2\_application: Support `FLINK-1_19` as a valid value for `runtime_environment` ([#38350](https://togithub.com/hashicorp/terraform-provider-aws/issues/38350))
- resource/aws_lakeformation_data_lake_settings: Add `allow_full_table_external_data_access` attribute ([#34474](https://togithub.com/hashicorp/terraform-provider-aws/issues/34474))
- resource/aws_lb_target_group: Add `target_group_health` configuration block ([#37082](https://togithub.com/hashicorp/terraform-provider-aws/issues/37082))
- resource/aws_msk_replicator: Add `starting_position` argument ([#36968](https://togithub.com/hashicorp/terraform-provider-aws/issues/36968))
- resource/aws_rds_cluster: Add `engine_lifecycle_support` argument ([#37708](https://togithub.com/hashicorp/terraform-provider-aws/issues/37708))
- resource/aws_rds_global_cluster: Add `engine_lifecycle_support` argument ([#37708](https://togithub.com/hashicorp/terraform-provider-aws/issues/37708))
- resource/aws_redshift_cluster_snapshot: Set `arn` from `DescribeClusterSnapshots` API response ([#37996](https://togithub.com/hashicorp/terraform-provider-aws/issues/37996))
- resource/aws_vpclattice_listener: Support `TLS_PASSTHROUGH` as a valid value for `protocol` ([#37964](https://togithub.com/hashicorp/terraform-provider-aws/issues/37964))
- resource/aws_wafv2\_web_acl: Add `enable_machine_learning` to `aws_managed_rules_bot_control_rule_set` configuration block ([#37006](https://togithub.com/hashicorp/terraform-provider-aws/issues/37006))
BUG FIXES:
- data-source/aws_efs_access_point: Set `id` the the access point ID, not the file system ID. This fixes a regression introduced in [v5.58.0](https://togithub.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md#5580-july-11-2024) ([#38372](https://togithub.com/hashicorp/terraform-provider-aws/issues/38372))
- data-source/aws_lb_listener: Correctly set `default_action.target_group_arn` ([#37348](https://togithub.com/hashicorp/terraform-provider-aws/issues/37348))
- resource/aws_chime_voice_connector_group: Properly handle voice connector groups deleted out of band ([#36774](https://togithub.com/hashicorp/terraform-provider-aws/issues/36774))
- resource/aws_codebuild_project: Fix unsetting `concurrent_build_limit` ([#37748](https://togithub.com/hashicorp/terraform-provider-aws/issues/37748))
- resource/aws_codepipeline: Mark `trigger` as Computed ([#36316](https://togithub.com/hashicorp/terraform-provider-aws/issues/36316))
- resource/aws_ecs_service: Change `volume_configuration.managed_ebs_volume.throughput` from `TypeString` to `TypeInt` ([#38109](https://togithub.com/hashicorp/terraform-provider-aws/issues/38109))
- resource/aws_elasticache_replication_group: Allows setting `replicas_per_node_group` to `0` and sets the maximum to `5`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396))
- resource/aws_elasticache_replication_group: Requires `description`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396))
- resource/aws_elasticache_replication_group: When `num_cache_clusters` is set, prevents setting `replicas_per_node_group`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396))
- resource/aws_elasticache_replication_group: `num_cache_clusters` must be at least 2 when `automatic_failover_enabled` is `true`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396))
- resource/aws_elastictranscoder_pipeline: Properly handle NotFound exceptions during deletion ([#38018](https://togithub.com/hashicorp/terraform-provider-aws/issues/38018))
- resource/aws_elastictranscoder_preset: Properly handle NotFound exceptions during deletion ([#38018](https://togithub.com/hashicorp/terraform-provider-aws/issues/38018))
- resource/aws_lb_target_group: Use the configured `ip_address_type` value when `target_type` is `instance` ([#36423](https://togithub.com/hashicorp/terraform-provider-aws/issues/36423))
- resource/aws_lb_trust_store: Wait until trust store is `ACTIVE` on resource Create ([#38332](https://togithub.com/hashicorp/terraform-provider-aws/issues/38332))
- resource/aws_pinpoint_app: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `campaign_hook` is empty (`{}`) ([#38323](https://togithub.com/hashicorp/terraform-provider-aws/issues/38323))
- resource/aws_transfer_server: Add supported values `TransferSecurityPolicy-FIPS-2024-05`, `TransferSecurityPolicy-Restricted-2018-11`, and `TransferSecurityPolicy-Restricted-2020-06` for the `security_policy_name` argument ([#38425](https://togithub.com/hashicorp/terraform-provider-aws/issues/38425))
### [`v5.58.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5580-July-11-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.57.0...v5.58.0)
FEATURES:
- **New Resource:** `aws_cloudwatch_log_account_policy` ([#38328](https://togithub.com/hashicorp/terraform-provider-aws/issues/38328))
- **New Resource:** `aws_verifiedpermissions_identity_source` ([#38181](https://togithub.com/hashicorp/terraform-provider-aws/issues/38181))
ENHANCEMENTS:
- data-source/aws_launch_template: Add `network_interfaces.primary_ipv6` attribute ([#37142](https://togithub.com/hashicorp/terraform-provider-aws/issues/37142))
- data-source/aws_mskconnect_connector: Add `tags` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
- data-source/aws_mskconnect_custom_plugin: Add `tags` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
- data-source/aws_mskconnect_worker_configuration: Add `tags` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
- data-source/aws_oam_link: Add `link_configuration` attribute ([#38277](https://togithub.com/hashicorp/terraform-provider-aws/issues/38277))
- resource/aws_cloudformation_stack_set_instance: Extend `deployment_targets` argument. ([#37898](https://togithub.com/hashicorp/terraform-provider-aws/issues/37898))
- resource/aws_cloudtrail_event_data_store: Add `billing_mode` argument ([#38273](https://togithub.com/hashicorp/terraform-provider-aws/issues/38273))
- resource/aws_db_instance: Fix `InvalidParameterCombination: A parameter group can't be specified during Read Replica creation for the following DB engine: postgres` errors ([#38227](https://togithub.com/hashicorp/terraform-provider-aws/issues/38227))
- resource/aws_ec2\_capacity_reservation: Add configurable timeouts ([#36754](https://togithub.com/hashicorp/terraform-provider-aws/issues/36754))
- resource/aws_ec2\_capacity_reservation: Retry `InsufficientInstanceCapacity` errors ([#36754](https://togithub.com/hashicorp/terraform-provider-aws/issues/36754))
- resource/aws_eks_cluster: Add `bootstrap_self_managed_addons` argument ([#38162](https://togithub.com/hashicorp/terraform-provider-aws/issues/38162))
- resource/aws_fms_policy: Add `resource_set_ids` attribute ([#38161](https://togithub.com/hashicorp/terraform-provider-aws/issues/38161))
- resource/aws_fsx_ontap_file_system: Add `384`, `768`, `1536`, `3072`, and `6144` as valid values for `throughput_capacity` ([#38308](https://togithub.com/hashicorp/terraform-provider-aws/issues/38308))
- resource/aws_fsx_ontap_file_system: Add `384`, `768`, and `1536` as valid values for `throughput_capacity_per_ha_pair` ([#38308](https://togithub.com/hashicorp/terraform-provider-aws/issues/38308))
- resource/aws_fsx_ontap_file_system: Add `MULTI_AZ_2` as a valid value for `deployment_type` ([#38308](https://togithub.com/hashicorp/terraform-provider-aws/issues/38308))
- resource/aws_globalaccelerator_cross_account_attachment: Add `cidr_block` argument to `resource` configuration block ([#38196](https://togithub.com/hashicorp/terraform-provider-aws/issues/38196))
- resource/aws_iam_server_certificate: Add configurable `delete` timeout ([#38212](https://togithub.com/hashicorp/terraform-provider-aws/issues/38212))
- resource/aws_launch_template: Add `network_interfaces.primary_ipv6` argument ([#37142](https://togithub.com/hashicorp/terraform-provider-aws/issues/37142))
- resource/aws_mskconnect_connector: Add `tags` argument and `tags_all` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
- resource/aws_mskconnect_custom_plugin: Add `tags` argument and `tags_all` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
- resource/aws_mskconnect_worker_configuration: Add `tags` argument and `tags_all` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
- resource/aws_mskconnect_worker_configuration: Add resource deletion logic ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
- resource/aws_oam_link: Add `link_configuration` argument ([#38277](https://togithub.com/hashicorp/terraform-provider-aws/issues/38277))
- resource/aws_rds_cluster: Add `ca_certificate_identifier` argument and `ca_certificate_valid_till` attribute ([#37108](https://togithub.com/hashicorp/terraform-provider-aws/issues/37108))
- resource/aws_ssm_association: Add `tags` argument and `tags_all` attribute ([#38271](https://togithub.com/hashicorp/terraform-provider-aws/issues/38271))
BUG FIXES:
- aws_dx_lag: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_dynamodb_kinesis_streaming_destination: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_ec2\_capacity_block_reservation: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_opensearchserverless_access_policy: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_opensearchserverless_collection: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_opensearchserverless_security_config: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_opensearchserverless_security_policy: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_opensearchserverless_vpc_endpoint: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_ram_principal_association: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- aws_route_table: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292))
- data-source/aws_ecr_repository: Fix issue where the `tags` attribute is not set ([#38272](https://togithub.com/hashicorp/terraform-provider-aws/issues/38272))
- data-source/aws_eks_cluster: Add `access_config.bootstrap_cluster_creator_admin_permissions` attribute ([#38295](https://togithub.com/hashicorp/terraform-provider-aws/issues/38295))
- resource/aws_appstream_fleet: Support `0` as a valid value for `idle_disconnect_timeout_in_seconds` ([#38274](https://togithub.com/hashicorp/terraform-provider-aws/issues/38274))
- resource/aws_cloudformation_stack_set_instance: Add `ForceNew` to deployment_targets attributes to ensure a new resource is recreated when the deployment_targets argument is changed, which was not the case previously. ([#37898](https://togithub.com/hashicorp/terraform-provider-aws/issues/37898))
- resource/aws_db_instance: Correctly mark incomplete instances as [tainted](https://developer.hashicorp.com/terraform/cli/state/taint#the-tainted-status) during creation ([#38252](https://togithub.com/hashicorp/terraform-provider-aws/issues/38252))
- resource/aws_eks_cluster: Set `access_config.bootstrap_cluster_creator_admin_permissions` to `true` on Read for clusters with no `access_config` configured. This allows in-place updates of existing clusters when `access_config` is configured ([#38295](https://togithub.com/hashicorp/terraform-provider-aws/issues/38295))
- resource/aws_elasticache_serverless_cache: Allow `cache_usage_limits.data_storage.maximum`, `cache_usage_limits.data_storage.minimum`, `cache_usage_limits.ecpu_per_second.maximum` and `cache_usage_limits.ecpu_per_second.minimum` to be updated in-place ([#38269](https://togithub.com/hashicorp/terraform-provider-aws/issues/38269))
- resource/aws_mskconnect_connector: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `log_delivery.worker_log_delivery` is empty (`{}`) ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270))
### [`v5.57.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5570-July-4-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.56.1...v5.57.0)
FEATURES:
- **New Data Source:** `aws_appstream_image` ([#38225](https://togithub.com/hashicorp/terraform-provider-aws/issues/38225))
- **New Data Source:** `aws_cognito_user_pool` ([#37399](https://togithub.com/hashicorp/terraform-provider-aws/issues/37399))
- **New Data Source:** `aws_ec2_transit_gateway_peering_attachments` ([#25743](https://togithub.com/hashicorp/terraform-provider-aws/issues/25743))
- **New Data Source:** `aws_transfer_connector` ([#38213](https://togithub.com/hashicorp/terraform-provider-aws/issues/38213))
ENHANCEMENTS:
- data-source/aws_backup_plan: Add `rule` attribute ([#37890](https://togithub.com/hashicorp/terraform-provider-aws/issues/37890))
- resource/aws_amplify_domain_association: Add `certificate_settings` argument ([#37105](https://togithub.com/hashicorp/terraform-provider-aws/issues/37105))
- resource/aws_ec2\_transit_gateway_peering_attachment: Add `options` argument ([#36902](https://togithub.com/hashicorp/terraform-provider-aws/issues/36902))
- resource/aws_iot_authorizer: Add `tags` argument ([#37152](https://togithub.com/hashicorp/terraform-provider-aws/issues/37152))
- resource/aws_iot_topic_rule: Add `cloudwatch_logs.batch_mode` and `error_action.cloudwatch_logs.batch_mode` arguments ([#36772](https://togithub.com/hashicorp/terraform-provider-aws/issues/36772))
- resource/aws_sagemaker_endpoint_configuration: Add support for `InputAndOutput` in `capture_mode` ([#37726](https://togithub.com/hashicorp/terraform-provider-aws/issues/37726))
BUG FIXES:
- resource/aws_iot_provisioning_template: Fix `pre_provisioning_hook` update operation ([#37152](https://togithub.com/hashicorp/terraform-provider-aws/issues/37152))
- resource/aws_iot_topic_rule: Retry IAM eventual consistency errors on Update ([#36286](https://togithub.com/hashicorp/terraform-provider-aws/issues/36286))
### [`v5.56.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5561-June-28-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.56.0...v5.56.1)
BUG FIXES:
- data-source/aws_cognito_user_pool_client: Fix `InvalidParameterException: 2 validation errors detected` errors on Read ([#38168](https://togithub.com/hashicorp/terraform-provider-aws/issues/38168))
- resource/aws_cognito_user: Fix a bug that caused resource recreation for resources imported with certain [import ID](https://developer.hashicorp.com/terraform/language/import#import-id) formats ([#38182](https://togithub.com/hashicorp/terraform-provider-aws/issues/38182))
- resource/aws_cognito_user_pool: Fix `runtime error: index out of range [0] with length 0` panic when adding `lambda_config` ([#38184](https://togithub.com/hashicorp/terraform-provider-aws/issues/38184))
### [`v5.56.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5560-June-27-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.55.0...v5.56.0)
FEATURES:
- **New Resource:** `aws_appfabric_app_authorization_connection` ([#38084](https://togithub.com/hashicorp/terraform-provider-aws/issues/38084))
- **New Resource:** `aws_appfabric_ingestion` ([#37291](https://togithub.com/hashicorp/terraform-provider-aws/issues/37291))
- **New Resource:** `aws_appfabric_ingestion_destination` ([#37627](https://togithub.com/hashicorp/terraform-provider-aws/issues/37627))
- **New Resource:** `aws_networkfirewall_tls_inspection_configuration` ([#35168](https://togithub.com/hashicorp/terraform-provider-aws/issues/35168))
- **New Resource:** `aws_networkmonitor_monitor` ([#35722](https://togithub.com/hashicorp/terraform-provider-aws/issues/35722))
- **New Resource:** `aws_networkmonitor_probe` ([#35722](https://togithub.com/hashicorp/terraform-provider-aws/issues/35722))
ENHANCEMENTS:
- resource/aws_controltower_control: Add `parameters` argument and `arn` attribute ([#38071](https://togithub.com/hashicorp/terraform-provider-aws/issues/38071))
- resource/aws_networkfirewall_logging_configuration: Add plan-time validation of `firewall_arn` ([#35168](https://togithub.com/hashicorp/terraform-provider-aws/issues/35168))
- resource/aws_quicksight_account_subscription: Add `iam_identity_center_instance_arn` attribute ([#36830](https://togithub.com/hashicorp/terraform-provider-aws/issues/36830))
- resource/aws_route53\_resolver_firewall_rule: Add `firewall_domain_redirection_action` argument ([#37242](https://togithub.com/hashicorp/terraform-provider-aws/issues/37242))
- resource/aws_route53\_resolver_firewall_rule: Add `q_type` argument ([#38074](https://togithub.com/hashicorp/terraform-provider-aws/issues/38074))
- resource/aws_sagemaker_domain: Add `default_user_settings.canvas_app_settings.generative_ai_settings` configuration block ([#37139](https://togithub.com/hashicorp/terraform-provider-aws/issues/37139))
- resource/aws_sagemaker_domain: Add `default_user_settings.code_editor_app_settings.custom_image` configuration block ([#37153](https://togithub.com/hashicorp/terraform-provider-aws/issues/37153))
- resource/aws_sagemaker_endpoint_configuration: Add `production_variants.inference_ami_version` and `shadow_production_variants.inference_ami_version` arguments ([#38085](https://togit
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
I will not assume that this "just works". We've had to do tricky things in this module to work around provider authentication needs for optional DNS provider support.
This PR contains the following updates:
~> 3.0
->~> 5.0
Release Notes
hashicorp/terraform-provider-aws (aws)
### [`v5.65.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5650-August-29-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.64.0...v5.65.0) NOTES: - provider: Updates to Go 1.23. We do not expect this change to impact most users. For macOS, Go 1.23 requires macOS 11 Big Sur or later; support for previous versions has been discontinued. ([#38999](https://togithub.com/hashicorp/terraform-provider-aws/issues/38999)) FEATURES: - **New Data Source:** `aws_shield_protection` ([#37524](https://togithub.com/hashicorp/terraform-provider-aws/issues/37524)) - **New Resource:** `aws_glue_catalog_table_optimizer` ([#38052](https://togithub.com/hashicorp/terraform-provider-aws/issues/38052)) ENHANCEMENTS: - data-source/aws_elb_hosted_zone_id: Add hosted zone ID for `ap-southeast-5` AWS Region ([#39052](https://togithub.com/hashicorp/terraform-provider-aws/issues/39052)) - data-source/aws_lb_hosted_zone_id: Add hosted zone IDs for `ap-southeast-5` AWS Region ([#39052](https://togithub.com/hashicorp/terraform-provider-aws/issues/39052)) - data-source/aws_s3\_bucket: Add hosted zone ID for `ap-southeast-5` AWS Region ([#39052](https://togithub.com/hashicorp/terraform-provider-aws/issues/39052)) - provider: Support `ap-southeast-5` as a valid AWS Region ([#39049](https://togithub.com/hashicorp/terraform-provider-aws/issues/39049)) - resource/aws_cognito_user_pool: Add `password_policy.password_history_size` argument ([#39043](https://togithub.com/hashicorp/terraform-provider-aws/issues/39043)) - resource/aws_elastic_beanstalk_application_version: Add `process` argument ([#25468](https://togithub.com/hashicorp/terraform-provider-aws/issues/25468)) - resource/aws_elasticsearch_domain: Treat `SUCCEEDED_WITH_ISSUES` status as success when upgrading cluster ([#38086](https://togithub.com/hashicorp/terraform-provider-aws/issues/38086)) - resource/aws_emr_cluster: Support `io2` as a valid value for `ebs_config.type` ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740)) - resource/aws_emr_instance_fleet: Support `io2` as a valid value for `instance_type_configs.ebs_config.type` ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740)) - resource/aws_emr_instance_group: Support `io2` as a valid value for `instance_type_configs.ebs_config.type` ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740)) - resource/aws_glue_job: Add `job_run_queuing_enabled` argument ([#39027](https://togithub.com/hashicorp/terraform-provider-aws/issues/39027)) - resource/aws_lambda_event_source_mapping: Add `kms_key_arn` argument ([#39055](https://togithub.com/hashicorp/terraform-provider-aws/issues/39055)) - resource/aws_verifiedaccess_endpoint: Set PolicyEnabled flag to `false` on update if `policy_document` is empty ([#38675](https://togithub.com/hashicorp/terraform-provider-aws/issues/38675)) BUG FIXES: - resource/aws_amplify_app: Fix crash updating `auto_branch_creation_config` ([#39041](https://togithub.com/hashicorp/terraform-provider-aws/issues/39041)) - resource/aws_elasticsearch_domain_policy: Change `domain_name` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#38086](https://togithub.com/hashicorp/terraform-provider-aws/issues/38086)) - resource/aws_elbv2\_listener: Fix crash when reading forward actions not configured in state ([#39039](https://togithub.com/hashicorp/terraform-provider-aws/issues/39039)) - resource/aws_emr_instance_group: Properly send an `instance_count` value of `0` on create when configured ([#37740](https://togithub.com/hashicorp/terraform-provider-aws/issues/37740)) - resource/aws_gamelift_game_server_group: Fix crash while reading server group with a nil auto scaling group ARN ([#39022](https://togithub.com/hashicorp/terraform-provider-aws/issues/39022)) - resource/aws_guardduty_invite_accepter: Fix `BadRequestException: The request is rejected because an invalid or out-of-range value is specified as an input parameter` errors on resource Create ([#39084](https://togithub.com/hashicorp/terraform-provider-aws/issues/39084)) - resource/aws_lakeformation_permissions: Fix error when revoking `data_cells_filter` permissions ([#39026](https://togithub.com/hashicorp/terraform-provider-aws/issues/39026)) - resource/aws_neptune_cluster: Mark `neptune_cluster_parameter_group_name` as Computed ([#38980](https://togithub.com/hashicorp/terraform-provider-aws/issues/38980)) - resource/aws_neptune_cluster_instance: Mark `neptune_parameter_group_name` as Computed ([#38980](https://togithub.com/hashicorp/terraform-provider-aws/issues/38980)) - resource/aws_ssm_parameter: Fix `ValidationException: Parameter ARN is not supported for this operation` errors when deleting resources imported by ARN ([#39067](https://togithub.com/hashicorp/terraform-provider-aws/issues/39067)) ### [`v5.64.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5640-August-22-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.63.1...v5.64.0) ENHANCEMENTS: - data-source/aws_opensearch_domain: Add `dashboard_endpoint_v2`, `domain_endpoint_v2_hosted_zone_id`, and `endpoint_v2` attributes ([#38456](https://togithub.com/hashicorp/terraform-provider-aws/issues/38456)) - resource/aws_appautoscaling_target: Add `suspended_state` configuration block ([#38942](https://togithub.com/hashicorp/terraform-provider-aws/issues/38942)) - resource/aws_dynamodb_table: Add `restore_source_table_arn` attribute ([#38953](https://togithub.com/hashicorp/terraform-provider-aws/issues/38953)) - resource/aws_opensearch_domain: Add `dashboard_endpoint_v2`, `domain_endpoint_v2_hosted_zone_id`, and `endpoint_v2` attributes ([#38456](https://togithub.com/hashicorp/terraform-provider-aws/issues/38456)) BUG FIXES: - resource/aws_bedrockagent_agent: Fixes consistency issues where only some prompts are overridden ([#38944](https://togithub.com/hashicorp/terraform-provider-aws/issues/38944)) - resource/aws_cloudformation_stack_set_instance: Fix crash during construction of the `id` attribute when `deployment_targets` does not include organizational unit IDs. ([#38969](https://togithub.com/hashicorp/terraform-provider-aws/issues/38969)) - resource/aws_glue_trigger: Fix crash when null `action` is configured ([#38994](https://togithub.com/hashicorp/terraform-provider-aws/issues/38994)) - resource/aws_rds_cluster: Allow Web Service Data API (`enabled_http_endpoint`) to be enabled and disabled for `provisioned` engine mode and serverlessv2 ([#38997](https://togithub.com/hashicorp/terraform-provider-aws/issues/38997)) ### [`v5.63.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5631-August-20-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.63.0...v5.63.1) FEATURES: - **New Data Source:** `aws_route53_zones` ([#17457](https://togithub.com/hashicorp/terraform-provider-aws/issues/17457)) - **New Data Source:** `aws_ssoadmin_permission_sets` ([#38741](https://togithub.com/hashicorp/terraform-provider-aws/issues/38741)) ENHANCEMENTS: - data-source/aws_batch_job_queue: Add `job_state_time_limit_action` attribute ([#38784](https://togithub.com/hashicorp/terraform-provider-aws/issues/38784)) - resource/aws_batch_job_definition: Add `ecs_properties` argument ([#37871](https://togithub.com/hashicorp/terraform-provider-aws/issues/37871)) - resource/aws_batch_job_queue: Add `job_state_time_limit_action` argument ([#38784](https://togithub.com/hashicorp/terraform-provider-aws/issues/38784)) BUG FIXES: - provider: Fix crash when flattening string pointer slices with nil items ([#38886](https://togithub.com/hashicorp/terraform-provider-aws/issues/38886)) - resource/aws_datazone_project: Properly surface import `id` parsing errors ([#38924](https://togithub.com/hashicorp/terraform-provider-aws/issues/38924)) - resource/aws_quicksight_data_set: Fix crash when setting `logical_table_map.data_transforms.project_operation.projected_columns` with null list elements ([#38886](https://togithub.com/hashicorp/terraform-provider-aws/issues/38886)) - resource/aws_ses_configuration_set: Fix crash when `reputation_metrics_enabled` is set to `true` ([#38921](https://togithub.com/hashicorp/terraform-provider-aws/issues/38921)) ### [`v5.63.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5630-August-15-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.62.0...v5.63.0) FEATURES: - **New Data Source:** `aws_bedrockagent_agent_versions` ([#38792](https://togithub.com/hashicorp/terraform-provider-aws/issues/38792)) - **New Resource:** `aws_bedrock_guardrail` ([#38757](https://togithub.com/hashicorp/terraform-provider-aws/issues/38757)) - **New Resource:** `aws_cloudtrail_organization_delegated_admin_account` ([#38817](https://togithub.com/hashicorp/terraform-provider-aws/issues/38817)) - **New Resource:** `aws_datazone_environment_profile` ([#35603](https://togithub.com/hashicorp/terraform-provider-aws/issues/35603)) - **New Resource:** `aws_datazone_form_type` ([#38746](https://togithub.com/hashicorp/terraform-provider-aws/issues/38746)) - **New Resource:** `aws_datazone_glossary_term` ([#38706](https://togithub.com/hashicorp/terraform-provider-aws/issues/38706)) - **New Resource:** `aws_pinpoint_email_template` ([#33266](https://togithub.com/hashicorp/terraform-provider-aws/issues/33266)) ENHANCEMENTS: - resource/aws_networkfirewall_logging_configuration: Change `logging_configuration.log_destination_config` `MaxItems` from `2` to `3` ([#38824](https://togithub.com/hashicorp/terraform-provider-aws/issues/38824)) BUG FIXES: - data-source/aws_acm_certificate: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) - resource/aws_appstream_stack: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) - resource/aws_bedrockagent_agent_knowledge_base_association: Prepare agent when associating a knowledge base so it can be used ([#38799](https://togithub.com/hashicorp/terraform-provider-aws/issues/38799)) - resource/aws_cloudwatch_event_connection: Fix various expander type assertions to prevent crashes ([#38800](https://togithub.com/hashicorp/terraform-provider-aws/issues/38800)) - resource/aws_controltower_landing_zone: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) - resource/aws_db_event_subscription: Fix plan-time validation of `name` and `name_prefix` ([#38194](https://togithub.com/hashicorp/terraform-provider-aws/issues/38194)) - resource/aws_ecs_cluster_capacity_providers: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) - resource/aws_ecs_service: Fix crash from nil `service_registries` item ([#38883](https://togithub.com/hashicorp/terraform-provider-aws/issues/38883)) - resource/aws_ecs_task_definition: Fix perpetual `container_definitions` diffs on `healthCheck`'s default values ([#38872](https://togithub.com/hashicorp/terraform-provider-aws/issues/38872)) - resource/aws_ecs_task_definition: Prevent lowercasing of the first character of JSON keys in `container_definitions.dockerLabels` ([#38804](https://togithub.com/hashicorp/terraform-provider-aws/issues/38804)) - resource/aws_ecs_task_definition: Remove `null`s from `container_definition` array fields ([#38870](https://togithub.com/hashicorp/terraform-provider-aws/issues/38870)) - resource/aws_elasticache_replication_group: Fix crash when setting `replicas_per_node_group` if node groups are empty ([#38797](https://togithub.com/hashicorp/terraform-provider-aws/issues/38797)) - resource/aws_fms_policy: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) - resource/aws_grafana_workspace: Fix crash when empty `network_access_control` block is configured ([#38775](https://togithub.com/hashicorp/terraform-provider-aws/issues/38775)) - resource/aws_grafana_workspace: Fix crash when empty `vpc_configuration` block is configured ([#38775](https://togithub.com/hashicorp/terraform-provider-aws/issues/38775)) - resource/aws_iot_thing_group: Fix crash when empty `attribute_payload` block is configured ([#38776](https://togithub.com/hashicorp/terraform-provider-aws/issues/38776)) - resource/aws_lexv2models_slot_type: Fix slot_type_values to have sample_value attribute ([#38856](https://togithub.com/hashicorp/terraform-provider-aws/issues/38856)) - resource/aws_networkmanager_connect_peer: Set all `configuration.bgp_configurations` on Read ([#38798](https://togithub.com/hashicorp/terraform-provider-aws/issues/38798)) - resource/aws_redshift_cluster: Set `encrypted` on snapshot restore, when enabled ([#38828](https://togithub.com/hashicorp/terraform-provider-aws/issues/38828)) - resource/aws_rolesanywhere_profile: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) - resource/aws_rolesanywhere_trust_anchor: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) - resource/aws_s3\_bucket_lifecycle_configuration: Fix unreturned `sdkdiags.AppendErrorf` function calls ([#38854](https://togithub.com/hashicorp/terraform-provider-aws/issues/38854)) ### [`v5.62.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5620-August-8-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.61.0...v5.62.0) FEATURES: - **New Data Source:** `aws_rds_cluster_parameter_group` ([#38416](https://togithub.com/hashicorp/terraform-provider-aws/issues/38416)) - **New Data Source:** `aws_secretsmanager_secret_versions` ([#35411](https://togithub.com/hashicorp/terraform-provider-aws/issues/35411)) - **New Resource:** `aws_ebs_snapshot_block_public_access` ([#38641](https://togithub.com/hashicorp/terraform-provider-aws/issues/38641)) - **New Resource:** `aws_rds_integration` ([#35199](https://togithub.com/hashicorp/terraform-provider-aws/issues/35199)) ENHANCEMENTS: - data-source/aws_s3\_bucket_object: Expand content types that can be read from S3 to include include `application/x-sql` ([#38737](https://togithub.com/hashicorp/terraform-provider-aws/issues/38737)) - data-source/aws_s3\_object: Expand content types that can be read from S3 to include `application/x-sql` ([#38737](https://togithub.com/hashicorp/terraform-provider-aws/issues/38737)) - provider: Allow `default_tags` to be set by environment variables ([#33339](https://togithub.com/hashicorp/terraform-provider-aws/issues/33339)) - provider: Allow `ignore_tags.keys` and `ignore_tags.key_prefixes` to be set by environment variables ([#35264](https://togithub.com/hashicorp/terraform-provider-aws/issues/35264)) - resource/aws_db_option_group: Add `skip_destroy` argument ([#29663](https://togithub.com/hashicorp/terraform-provider-aws/issues/29663)) - resource/aws_db_parameter_group: Add `skip_destroy` argument ([#29663](https://togithub.com/hashicorp/terraform-provider-aws/issues/29663)) - resource/aws_dx_macsec_key_association: Add plan-time validation of `secret_arn` ([#37213](https://togithub.com/hashicorp/terraform-provider-aws/issues/37213)) - resource/aws_ecs_service: Add `force_delete` argument ([#38707](https://togithub.com/hashicorp/terraform-provider-aws/issues/38707)) - resource/aws_grafana_license_association: Add `grafana_token` argument ([#38743](https://togithub.com/hashicorp/terraform-provider-aws/issues/38743)) - resource/aws_lb_target_group: Add `target_health_state.unhealthy_draining_interval` argument ([#38654](https://togithub.com/hashicorp/terraform-provider-aws/issues/38654)) - resource/aws_lexv2models_slot: Add `sub_slot_setting` attribute ([#38698](https://togithub.com/hashicorp/terraform-provider-aws/issues/38698)) BUG FIXES: - data-source/aws_ecr_repository_creation_template: Support `ROOT` as a valid value for `prefix` ([#38685](https://togithub.com/hashicorp/terraform-provider-aws/issues/38685)) - data-source/aws_msk_broker_nodes: Filter out nodes with no broker info ([#38042](https://togithub.com/hashicorp/terraform-provider-aws/issues/38042)) - resource/aws_appconfig_configuration_profile: Increase `name` max length validation to 128 ([#37539](https://togithub.com/hashicorp/terraform-provider-aws/issues/37539)) - resource/aws_batch_job_definition: Fix panic when checking `eks_properties` for job updates ([#38716](https://togithub.com/hashicorp/terraform-provider-aws/issues/38716)) - resource/aws_batch_job_definition: Fix panic when checking `retry_strategy` for job updates ([#38716](https://togithub.com/hashicorp/terraform-provider-aws/issues/38716)) - resource/aws_batch_job_definition: Fix panic when checking `timeout` for job updates ([#38716](https://togithub.com/hashicorp/terraform-provider-aws/issues/38716)) - resource/aws_ec2\_capacity_block_reservation: Fix error during apply for missing `created_date` attribute ([#38689](https://togithub.com/hashicorp/terraform-provider-aws/issues/38689)) - resource/aws_ecr_repository_creation_template: Support `ROOT` as a valid value for `prefix` ([#38685](https://togithub.com/hashicorp/terraform-provider-aws/issues/38685)) - resource/aws_elbv2\_trust_store_revocation: Fix to properly return errors during resource creation ([#38756](https://togithub.com/hashicorp/terraform-provider-aws/issues/38756)) - resource/aws_emr_cluster: Fix panic when reading an instance fleet with an empty `launch_specifications` argument ([#38773](https://togithub.com/hashicorp/terraform-provider-aws/issues/38773)) - resource/aws_lexv2models_bot: Handle `PreconditionFailedException` on delete for resources deleted out-of-band ([#38661](https://togithub.com/hashicorp/terraform-provider-aws/issues/38661)) - resource/aws_lexv2models_bot_locale: Handle `PreconditionFailedException` on delete for resources deleted out-of-band ([#38661](https://togithub.com/hashicorp/terraform-provider-aws/issues/38661)) - resource/aws_lexv2models_bot_version: Handle `PreconditionFailedException` on delete for resources deleted out-of-band ([#38661](https://togithub.com/hashicorp/terraform-provider-aws/issues/38661)) - resource/aws_networkmanager_core_network: Fix `$.network-function-groups: null found, array expected` errors when creating resource with `create_base_policy` argument ([#38642](https://togithub.com/hashicorp/terraform-provider-aws/issues/38642)) - resource/aws_quicksight_account_subscription: Fix panic when read returns nil account info ([#38752](https://togithub.com/hashicorp/terraform-provider-aws/issues/38752)) - resource/aws_sfn_state_machine: Mark `revision_id` and `state_machine_version_arn` as Computed on update if `publish` is `true` ([#38657](https://togithub.com/hashicorp/terraform-provider-aws/issues/38657)) ### [`v5.61.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5610-Unreleased) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.60.0...v5.61.0) NOTES: - resource/aws_chatbot_teams_channel_configuration: This resource is provided on a best-effort basis, and we welcome the community's help in testing it. ([#38630](https://togithub.com/hashicorp/terraform-provider-aws/issues/38630)) FEATURES: - **New Data Source:** `aws_ecr_repository_creation_template` ([#38597](https://togithub.com/hashicorp/terraform-provider-aws/issues/38597)) - **New Resource:** `aws_chatbot_slack_channel_configuration` ([#38124](https://togithub.com/hashicorp/terraform-provider-aws/issues/38124)) - **New Resource:** `aws_chatbot_teams_channel_configuration` ([#38630](https://togithub.com/hashicorp/terraform-provider-aws/issues/38630)) - **New Resource:** `aws_datazone_glossary` ([#38602](https://togithub.com/hashicorp/terraform-provider-aws/issues/38602)) - **New Resource:** `aws_ecr_repository_creation_template` ([#38597](https://togithub.com/hashicorp/terraform-provider-aws/issues/38597)) - **New Resource:** `aws_timestreaminfluxdb_db_instance` ([#37963](https://togithub.com/hashicorp/terraform-provider-aws/issues/37963)) ENHANCEMENTS: - data-source/aws_eks_cluster: Add `upgrade_policy` attribute ([#38573](https://togithub.com/hashicorp/terraform-provider-aws/issues/38573)) - data-source/aws_sagemaker_prebuilt_ecr_image: Support additional `repository_name` values. See [documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/sagemaker_prebuilt_ecr_image#repository_name) for details ([#38575](https://togithub.com/hashicorp/terraform-provider-aws/issues/38575)) - resource/aws_appsync_graphql_api: Add `enhanced_metrics_config` configuration block ([#38570](https://togithub.com/hashicorp/terraform-provider-aws/issues/38570)) - resource/aws_db_instance: Add `upgrade_storage_config` argument ([#36904](https://togithub.com/hashicorp/terraform-provider-aws/issues/36904)) - resource/aws_default_vpc: Support `ipv6_cidr_block` sizes between `/44` and `/60` in increments of /4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_default_vpc: Support `ipv6_netmask_length` values between `44` and `60` in increments of 4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_eks_cluster: Add `upgrade_policy` configuration block ([#38573](https://togithub.com/hashicorp/terraform-provider-aws/issues/38573)) - resource/aws_elasticache_user_group_association: Add configurable create and delete timeouts ([#38559](https://togithub.com/hashicorp/terraform-provider-aws/issues/38559)) - resource/aws_pipes_pipe: Add `log_configuration.include_execution_data` argument ([#38569](https://togithub.com/hashicorp/terraform-provider-aws/issues/38569)) - resource/aws_rds_cluster: Add `performance_insights_enabled`, `performance_insights_kms_key_id`, and `performance_insights_retention_period` arguments ([#29415](https://togithub.com/hashicorp/terraform-provider-aws/issues/29415)) - resource/aws_rds_cluster: Add `restore_to_point_in_time.source_cluster_resource_id` argument ([#38540](https://togithub.com/hashicorp/terraform-provider-aws/issues/38540)) - resource/aws_rds_cluster: Mark `restore_to_point_in_time.source_cluster_identifier` as Optional ([#38540](https://togithub.com/hashicorp/terraform-provider-aws/issues/38540)) - resource/aws_sfn_activity: Add `encryption_configuration` configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions Activity resources ([#38574](https://togithub.com/hashicorp/terraform-provider-aws/issues/38574)) - resource/aws_sfn_state_machine: Add `encryption_configuration` configuration block to support the use of Customer Managed Keys with AWS KMS to encrypt Step Functions State Machine resources ([#38574](https://togithub.com/hashicorp/terraform-provider-aws/issues/38574)) - resource/aws_ssm_patch_baseline: Remove empty fields from `json` attribute value ([#35950](https://togithub.com/hashicorp/terraform-provider-aws/issues/35950)) - resource/aws_storagegateway_file_system_association: Add configurable timeouts ([#38554](https://togithub.com/hashicorp/terraform-provider-aws/issues/38554)) - resource/aws_vpc: Support `ipv6_cidr_block` sizes between `/44` and `/60` in increments of /4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_vpc: Support `ipv6_netmask_length` values between `44` and `60` in increments of 4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_vpc_ipv6\_cidr_block_association: Add `assign_generated_ipv6_cidr_block` and `ipv6_pool` arguments ([#27274](https://togithub.com/hashicorp/terraform-provider-aws/issues/27274)) - resource/aws_vpc_ipv6\_cidr_block_association: Support `ipv6_cidr_block` sizes between `/44` and `/60` in increments of /4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_vpc_ipv6\_cidr_block_association: Support `ipv6_netmask_length` values between `44` and `60` in increments of 4 ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_vpc_security_group_egress_rule: Add `tags` to the `AuthorizeSecurityGroupEgress` EC2 API call instead of making a separate `CreateTags` call ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_vpc_security_group_ingress_rule: Add `tags` to the `AuthorizeSecurityGroupIngress` EC2 API call instead of making a separate `CreateTags` call ([#35614](https://togithub.com/hashicorp/terraform-provider-aws/issues/35614)) - resource/aws_wafv2\_web_acl: Add `rule_json` attribute to allow raw JSON for rules. ([#38309](https://togithub.com/hashicorp/terraform-provider-aws/issues/38309)) BUG FIXES: - data-source/aws_appstream_image: Fix issue where the most recent image is not returned ([#38571](https://togithub.com/hashicorp/terraform-provider-aws/issues/38571)) - datasource/aws_networkmanager_core_network_policy_document: Fix `CoreNetworkPolicyException` when putting policy with single wildcard in `when_sent_to` ([#38595](https://togithub.com/hashicorp/terraform-provider-aws/issues/38595)) - resource/aws_cloudsearch_domain: Fix `index_name` character length validation ([#38509](https://togithub.com/hashicorp/terraform-provider-aws/issues/38509)) - resource/aws_ecs_task_definition: Ensure that JSON keys in `container_definitions` start with a lowercase letter ([#38622](https://togithub.com/hashicorp/terraform-provider-aws/issues/38622)) - resource/aws_iot_provisioning_template: Properly send `type` argument on create when configured ([#38640](https://togithub.com/hashicorp/terraform-provider-aws/issues/38640)) - resource/aws_opensearchserverless_security_policy: Normalize `policy` content to prevent persistent differences ([#38604](https://togithub.com/hashicorp/terraform-provider-aws/issues/38604)) - resource/aws_pipes_pipe: Don't reset `target_parameters` if the configured value has not changed ([#38598](https://togithub.com/hashicorp/terraform-provider-aws/issues/38598)) - resource/aws_rds_instance: Allow `domain_dns_ips` to use single DNS server IP ([#36500](https://togithub.com/hashicorp/terraform-provider-aws/issues/36500)) - resource/aws_sagemaker_domain: Properly send `domain_settings.r_studio_server_pro_domain_settings.r_studio_package_manager_url` argument on create ([#38547](https://togithub.com/hashicorp/terraform-provider-aws/issues/38547)) - resource/aws_vpc_ipam_pool_cidr_allocation: Set `description` on Read ([#38618](https://togithub.com/hashicorp/terraform-provider-aws/issues/38618)) - resource/aws_vpc_ipam_pool_cidr_allocation: Set `netmask_length` on Read ([#38618](https://togithub.com/hashicorp/terraform-provider-aws/issues/38618)) ### [`v5.60.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5600-July-25-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.59.0...v5.60.0) NOTES: - resource/aws_shield_subscription: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#37637](https://togithub.com/hashicorp/terraform-provider-aws/issues/37637)) FEATURES: - **New Data Source:** `aws_service_principal` ([#38307](https://togithub.com/hashicorp/terraform-provider-aws/issues/38307)) - **New Resource:** `aws_shield_subscription` ([#37637](https://togithub.com/hashicorp/terraform-provider-aws/issues/37637)) ENHANCEMENTS: - data-source/aws_cloudwatch_event_bus: Add `kms_key_identifier` attribute ([#38492](https://togithub.com/hashicorp/terraform-provider-aws/issues/38492)) - data-source/aws_cur_report_definition: Add `tags` attribute ([#38483](https://togithub.com/hashicorp/terraform-provider-aws/issues/38483)) - resource/aws_appflow_flow: Add `metadata_catalog_config` attribute ([#37566](https://togithub.com/hashicorp/terraform-provider-aws/issues/37566)) - resource/aws_appflow_flow: Add `prefix_hierarchy` attribute to `destination_flow_config.s3.s3_output_format_config` ([#37566](https://togithub.com/hashicorp/terraform-provider-aws/issues/37566)) - resource/aws_batch_job_definition: Add `eks_properties.*.pod_properties.*.image_pull_secret` argument ([#38517](https://togithub.com/hashicorp/terraform-provider-aws/issues/38517)) - resource/aws_cloudformation_stack_set_instance: Add `operation_preferences.concurrency_mode` argument ([#38498](https://togithub.com/hashicorp/terraform-provider-aws/issues/38498)) - resource/aws_cloudwatch_event_bus: Add `kms_key_identifier` argument ([#38492](https://togithub.com/hashicorp/terraform-provider-aws/issues/38492)) - resource/aws_cur_report_definition: Add `tags` argument and `tags_all` attribute ([#38483](https://togithub.com/hashicorp/terraform-provider-aws/issues/38483)) - resource/aws_db_cluster_snapshot: Add `shared_accounts` argument ([#34885](https://togithub.com/hashicorp/terraform-provider-aws/issues/34885)) - resource/aws_db_snapshot_copy: Add `shared_accounts` argument ([#34843](https://togithub.com/hashicorp/terraform-provider-aws/issues/34843)) - resource/aws_glue_connection: Add `AZURECOSMOS`, `AZURESQL`, `BIGQUERY`, `OPENSEARCH`, and `SNOWFLAKE` as valid values for the `connection_type` argument and `SparkProperties` as a valid value for the `connection_properties` argument ([#37731](https://togithub.com/hashicorp/terraform-provider-aws/issues/37731)) - resource/aws_iam_role: Change from partial resource creation to resource creation failed if an `inline_policy` fails to create ([#38477](https://togithub.com/hashicorp/terraform-provider-aws/issues/38477)) - resource/aws_rds_cluster: Add `scaling_configuration.seconds_before_timeout` argument ([#38451](https://togithub.com/hashicorp/terraform-provider-aws/issues/38451)) - resource/aws_sesv2\_configuration_set_event_destination: Add `event_destination.event_bridge_destination` configuration block ([#38458](https://togithub.com/hashicorp/terraform-provider-aws/issues/38458)) - resource/aws_timestreamwrite_table: Fix `runtime error: invalid memory address or nil pointer dereference` panic when reading a non-existent table ([#38512](https://togithub.com/hashicorp/terraform-provider-aws/issues/38512)) BUG FIXES: - data-source/aws_fsx_ontap_storage_virtual_machine: Correctly set `tags` on Read ([#38343](https://togithub.com/hashicorp/terraform-provider-aws/issues/38343)) - data-source/aws_fsx_openzfs_snapshot: Correctly set `tags` on Read ([#38343](https://togithub.com/hashicorp/terraform-provider-aws/issues/38343)) - resource/aws_ce_cost_category: Fix perpetual diff with the `rule` argument on update ([#38449](https://togithub.com/hashicorp/terraform-provider-aws/issues/38449)) - resource/aws_codebuild_webhook: Remove errant validation on `scope_configuration.domain` argument ([#38513](https://togithub.com/hashicorp/terraform-provider-aws/issues/38513)) - resource/aws_ecs_service: Fix `error marshaling prior state: a number is required` when upgrading from v5.58.0 to v5.59.0 ([#38490](https://togithub.com/hashicorp/terraform-provider-aws/issues/38490)) - resource/aws_ecs_task_definition: Fix `Provider produced inconsistent final plan` errors when `container_definitions` is [unknown](https://developer.hashicorp.com/terraform/language/expressions/references#values-not-yet-known) ([#38471](https://togithub.com/hashicorp/terraform-provider-aws/issues/38471)) - resource/aws_elasticache_replication_group: Fix `error marshaling prior state` when upgrading from v4.67.0 to v5.59.0 ([#38476](https://togithub.com/hashicorp/terraform-provider-aws/issues/38476)) - resource/aws_fsx_openzfs_volume: Correctly set `tags` on Read ([#38343](https://togithub.com/hashicorp/terraform-provider-aws/issues/38343)) - resource/aws_rds_cluster: Mark `ca_certificate_identifier` as Computed ([#38437](https://togithub.com/hashicorp/terraform-provider-aws/issues/38437)) - resource/aws_rds_cluster: Use the configured `copy_tags_to_snapshot` value when `restore_to_point_in_time` is set ([#34044](https://togithub.com/hashicorp/terraform-provider-aws/issues/34044)) - resource/aws_rds_cluster: Wait for no pending modified values on Update if `apply_immediately` is `true`. This fixes `InvalidParameterCombination` errors when updating `engine_version` ([#38437](https://togithub.com/hashicorp/terraform-provider-aws/issues/38437)) ### [`v5.59.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5590-July-19-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.58.0...v5.59.0) FEATURES: - resource/aws_kinesis_firehose_delivery_stream: Add `secrets_manager_configuration` to `redshift_configuration`, `snowflake_configuration`, and `splunk_configuration` ([#38151](https://togithub.com/hashicorp/terraform-provider-aws/issues/38151)) - **New Data Source:** `aws_cloudfront_origin_access_control` ([#36301](https://togithub.com/hashicorp/terraform-provider-aws/issues/36301)) - **New Data Source:** `aws_timestreamwrite_database` ([#36368](https://togithub.com/hashicorp/terraform-provider-aws/issues/36368)) - **New Data Source:** `aws_timestreamwrite_table` ([#36599](https://togithub.com/hashicorp/terraform-provider-aws/issues/36599)) - **New Resource:** `aws_datazone_project` ([#38345](https://togithub.com/hashicorp/terraform-provider-aws/issues/38345)) - **New Resource:** `aws_grafana_workspace_service_account` ([#38101](https://togithub.com/hashicorp/terraform-provider-aws/issues/38101)) - **New Resource:** `aws_grafana_workspace_service_account_token` ([#38101](https://togithub.com/hashicorp/terraform-provider-aws/issues/38101)) - **New Resource:** `aws_rds_certificate` ([#35003](https://togithub.com/hashicorp/terraform-provider-aws/issues/35003)) - **New Resource:** `aws_rekognition_stream_processor` ([#37536](https://togithub.com/hashicorp/terraform-provider-aws/issues/37536)) ENHANCEMENTS: - data-source/aws_elasticache_replication_group: Add `cluster_mode` attribute ([#38002](https://togithub.com/hashicorp/terraform-provider-aws/issues/38002)) - data-source/aws_lakeformation_data_lake_settings: Add `allow_full_table_external_data_access` attribute ([#34474](https://togithub.com/hashicorp/terraform-provider-aws/issues/34474)) - data-source/aws_msk_cluster: Add `broker_node_group_info` attribute ([#37705](https://togithub.com/hashicorp/terraform-provider-aws/issues/37705)) - resource/aws_bedrockagent_agent : Add `skip_resource_in_use_check` argument ([#37586](https://togithub.com/hashicorp/terraform-provider-aws/issues/37586)) - resource/aws_bedrockagent_agent_action_group: Add `action_group_executor.custom_control` argument ([#37484](https://togithub.com/hashicorp/terraform-provider-aws/issues/37484)) - resource/aws_bedrockagent_agent_action_group: Add `function_schema` configuration block ([#37484](https://togithub.com/hashicorp/terraform-provider-aws/issues/37484)) - resource/aws_bedrockagent_agent_alias : Add `routing_configuration.provisioned_throughput` argument ([#37520](https://togithub.com/hashicorp/terraform-provider-aws/issues/37520)) - resource/aws_codebuild_webhook: Add `scope_configuration` argument ([#38199](https://togithub.com/hashicorp/terraform-provider-aws/issues/38199)) - resource/aws_codepipeline: Add `timeout_in_minutes` argument to the `action` configuration block ([#36316](https://togithub.com/hashicorp/terraform-provider-aws/issues/36316)) - resource/aws_db_instance: Add `engine_lifecycle_support` argument ([#37708](https://togithub.com/hashicorp/terraform-provider-aws/issues/37708)) - resource/aws_ecs_cluster: Add `configuration.managed_storage_configuration` argument ([#37932](https://togithub.com/hashicorp/terraform-provider-aws/issues/37932)) - resource/aws_elasticache_replication_group: Add `cluster_mode` argument ([#38002](https://togithub.com/hashicorp/terraform-provider-aws/issues/38002)) - resource/aws_emrserverless_application: Add `interactive_configuration` argument ([#37889](https://togithub.com/hashicorp/terraform-provider-aws/issues/37889)) - resource/aws_fis_experiment_template: Add `experiment_options` configuration block ([#36900](https://togithub.com/hashicorp/terraform-provider-aws/issues/36900)) - resource/aws_fsx_lustre_file_system: Add `final_backup_tags` and `skip_final_backup` arguments ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717)) - resource/aws_fsx_ontap_volume: Add `final_backup_tags` argument ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717)) - resource/aws_fsx_openzfs_file_system: Add `delete_options` and `final_backup_tags` arguments ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717)) - resource/aws_fsx_windows_file_system: Add `final_backup_tags` argument ([#37717](https://togithub.com/hashicorp/terraform-provider-aws/issues/37717)) - resource/aws_imagebuilder_image_pipeline: Add `execution_role` and `workflow` arguments ([#37317](https://togithub.com/hashicorp/terraform-provider-aws/issues/37317)) - resource/aws_kinesis_firehose_delivery_stream: Add `secrets_manager_configuration` to `http_endpoint_configuration` ([#38245](https://togithub.com/hashicorp/terraform-provider-aws/issues/38245)) - resource/aws_kinesisanalyticsv2\_application: Support `FLINK-1_19` as a valid value for `runtime_environment` ([#38350](https://togithub.com/hashicorp/terraform-provider-aws/issues/38350)) - resource/aws_lakeformation_data_lake_settings: Add `allow_full_table_external_data_access` attribute ([#34474](https://togithub.com/hashicorp/terraform-provider-aws/issues/34474)) - resource/aws_lb_target_group: Add `target_group_health` configuration block ([#37082](https://togithub.com/hashicorp/terraform-provider-aws/issues/37082)) - resource/aws_msk_replicator: Add `starting_position` argument ([#36968](https://togithub.com/hashicorp/terraform-provider-aws/issues/36968)) - resource/aws_rds_cluster: Add `engine_lifecycle_support` argument ([#37708](https://togithub.com/hashicorp/terraform-provider-aws/issues/37708)) - resource/aws_rds_global_cluster: Add `engine_lifecycle_support` argument ([#37708](https://togithub.com/hashicorp/terraform-provider-aws/issues/37708)) - resource/aws_redshift_cluster_snapshot: Set `arn` from `DescribeClusterSnapshots` API response ([#37996](https://togithub.com/hashicorp/terraform-provider-aws/issues/37996)) - resource/aws_vpclattice_listener: Support `TLS_PASSTHROUGH` as a valid value for `protocol` ([#37964](https://togithub.com/hashicorp/terraform-provider-aws/issues/37964)) - resource/aws_wafv2\_web_acl: Add `enable_machine_learning` to `aws_managed_rules_bot_control_rule_set` configuration block ([#37006](https://togithub.com/hashicorp/terraform-provider-aws/issues/37006)) BUG FIXES: - data-source/aws_efs_access_point: Set `id` the the access point ID, not the file system ID. This fixes a regression introduced in [v5.58.0](https://togithub.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md#5580-july-11-2024) ([#38372](https://togithub.com/hashicorp/terraform-provider-aws/issues/38372)) - data-source/aws_lb_listener: Correctly set `default_action.target_group_arn` ([#37348](https://togithub.com/hashicorp/terraform-provider-aws/issues/37348)) - resource/aws_chime_voice_connector_group: Properly handle voice connector groups deleted out of band ([#36774](https://togithub.com/hashicorp/terraform-provider-aws/issues/36774)) - resource/aws_codebuild_project: Fix unsetting `concurrent_build_limit` ([#37748](https://togithub.com/hashicorp/terraform-provider-aws/issues/37748)) - resource/aws_codepipeline: Mark `trigger` as Computed ([#36316](https://togithub.com/hashicorp/terraform-provider-aws/issues/36316)) - resource/aws_ecs_service: Change `volume_configuration.managed_ebs_volume.throughput` from `TypeString` to `TypeInt` ([#38109](https://togithub.com/hashicorp/terraform-provider-aws/issues/38109)) - resource/aws_elasticache_replication_group: Allows setting `replicas_per_node_group` to `0` and sets the maximum to `5`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396)) - resource/aws_elasticache_replication_group: Requires `description`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396)) - resource/aws_elasticache_replication_group: When `num_cache_clusters` is set, prevents setting `replicas_per_node_group`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396)) - resource/aws_elasticache_replication_group: `num_cache_clusters` must be at least 2 when `automatic_failover_enabled` is `true`. ([#38396](https://togithub.com/hashicorp/terraform-provider-aws/issues/38396)) - resource/aws_elastictranscoder_pipeline: Properly handle NotFound exceptions during deletion ([#38018](https://togithub.com/hashicorp/terraform-provider-aws/issues/38018)) - resource/aws_elastictranscoder_preset: Properly handle NotFound exceptions during deletion ([#38018](https://togithub.com/hashicorp/terraform-provider-aws/issues/38018)) - resource/aws_lb_target_group: Use the configured `ip_address_type` value when `target_type` is `instance` ([#36423](https://togithub.com/hashicorp/terraform-provider-aws/issues/36423)) - resource/aws_lb_trust_store: Wait until trust store is `ACTIVE` on resource Create ([#38332](https://togithub.com/hashicorp/terraform-provider-aws/issues/38332)) - resource/aws_pinpoint_app: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `campaign_hook` is empty (`{}`) ([#38323](https://togithub.com/hashicorp/terraform-provider-aws/issues/38323)) - resource/aws_transfer_server: Add supported values `TransferSecurityPolicy-FIPS-2024-05`, `TransferSecurityPolicy-Restricted-2018-11`, and `TransferSecurityPolicy-Restricted-2020-06` for the `security_policy_name` argument ([#38425](https://togithub.com/hashicorp/terraform-provider-aws/issues/38425)) ### [`v5.58.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5580-July-11-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.57.0...v5.58.0) FEATURES: - **New Resource:** `aws_cloudwatch_log_account_policy` ([#38328](https://togithub.com/hashicorp/terraform-provider-aws/issues/38328)) - **New Resource:** `aws_verifiedpermissions_identity_source` ([#38181](https://togithub.com/hashicorp/terraform-provider-aws/issues/38181)) ENHANCEMENTS: - data-source/aws_launch_template: Add `network_interfaces.primary_ipv6` attribute ([#37142](https://togithub.com/hashicorp/terraform-provider-aws/issues/37142)) - data-source/aws_mskconnect_connector: Add `tags` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) - data-source/aws_mskconnect_custom_plugin: Add `tags` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) - data-source/aws_mskconnect_worker_configuration: Add `tags` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) - data-source/aws_oam_link: Add `link_configuration` attribute ([#38277](https://togithub.com/hashicorp/terraform-provider-aws/issues/38277)) - resource/aws_cloudformation_stack_set_instance: Extend `deployment_targets` argument. ([#37898](https://togithub.com/hashicorp/terraform-provider-aws/issues/37898)) - resource/aws_cloudtrail_event_data_store: Add `billing_mode` argument ([#38273](https://togithub.com/hashicorp/terraform-provider-aws/issues/38273)) - resource/aws_db_instance: Fix `InvalidParameterCombination: A parameter group can't be specified during Read Replica creation for the following DB engine: postgres` errors ([#38227](https://togithub.com/hashicorp/terraform-provider-aws/issues/38227)) - resource/aws_ec2\_capacity_reservation: Add configurable timeouts ([#36754](https://togithub.com/hashicorp/terraform-provider-aws/issues/36754)) - resource/aws_ec2\_capacity_reservation: Retry `InsufficientInstanceCapacity` errors ([#36754](https://togithub.com/hashicorp/terraform-provider-aws/issues/36754)) - resource/aws_eks_cluster: Add `bootstrap_self_managed_addons` argument ([#38162](https://togithub.com/hashicorp/terraform-provider-aws/issues/38162)) - resource/aws_fms_policy: Add `resource_set_ids` attribute ([#38161](https://togithub.com/hashicorp/terraform-provider-aws/issues/38161)) - resource/aws_fsx_ontap_file_system: Add `384`, `768`, `1536`, `3072`, and `6144` as valid values for `throughput_capacity` ([#38308](https://togithub.com/hashicorp/terraform-provider-aws/issues/38308)) - resource/aws_fsx_ontap_file_system: Add `384`, `768`, and `1536` as valid values for `throughput_capacity_per_ha_pair` ([#38308](https://togithub.com/hashicorp/terraform-provider-aws/issues/38308)) - resource/aws_fsx_ontap_file_system: Add `MULTI_AZ_2` as a valid value for `deployment_type` ([#38308](https://togithub.com/hashicorp/terraform-provider-aws/issues/38308)) - resource/aws_globalaccelerator_cross_account_attachment: Add `cidr_block` argument to `resource` configuration block ([#38196](https://togithub.com/hashicorp/terraform-provider-aws/issues/38196)) - resource/aws_iam_server_certificate: Add configurable `delete` timeout ([#38212](https://togithub.com/hashicorp/terraform-provider-aws/issues/38212)) - resource/aws_launch_template: Add `network_interfaces.primary_ipv6` argument ([#37142](https://togithub.com/hashicorp/terraform-provider-aws/issues/37142)) - resource/aws_mskconnect_connector: Add `tags` argument and `tags_all` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) - resource/aws_mskconnect_custom_plugin: Add `tags` argument and `tags_all` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) - resource/aws_mskconnect_worker_configuration: Add `tags` argument and `tags_all` attribute ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) - resource/aws_mskconnect_worker_configuration: Add resource deletion logic ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) - resource/aws_oam_link: Add `link_configuration` argument ([#38277](https://togithub.com/hashicorp/terraform-provider-aws/issues/38277)) - resource/aws_rds_cluster: Add `ca_certificate_identifier` argument and `ca_certificate_valid_till` attribute ([#37108](https://togithub.com/hashicorp/terraform-provider-aws/issues/37108)) - resource/aws_ssm_association: Add `tags` argument and `tags_all` attribute ([#38271](https://togithub.com/hashicorp/terraform-provider-aws/issues/38271)) BUG FIXES: - aws_dx_lag: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_dynamodb_kinesis_streaming_destination: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_ec2\_capacity_block_reservation: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_opensearchserverless_access_policy: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_opensearchserverless_collection: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_opensearchserverless_security_config: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_opensearchserverless_security_policy: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_opensearchserverless_vpc_endpoint: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_ram_principal_association: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - aws_route_table: Checks for errors other than NotFound when reading. ([#38292](https://togithub.com/hashicorp/terraform-provider-aws/issues/38292)) - data-source/aws_ecr_repository: Fix issue where the `tags` attribute is not set ([#38272](https://togithub.com/hashicorp/terraform-provider-aws/issues/38272)) - data-source/aws_eks_cluster: Add `access_config.bootstrap_cluster_creator_admin_permissions` attribute ([#38295](https://togithub.com/hashicorp/terraform-provider-aws/issues/38295)) - resource/aws_appstream_fleet: Support `0` as a valid value for `idle_disconnect_timeout_in_seconds` ([#38274](https://togithub.com/hashicorp/terraform-provider-aws/issues/38274)) - resource/aws_cloudformation_stack_set_instance: Add `ForceNew` to deployment_targets attributes to ensure a new resource is recreated when the deployment_targets argument is changed, which was not the case previously. ([#37898](https://togithub.com/hashicorp/terraform-provider-aws/issues/37898)) - resource/aws_db_instance: Correctly mark incomplete instances as [tainted](https://developer.hashicorp.com/terraform/cli/state/taint#the-tainted-status) during creation ([#38252](https://togithub.com/hashicorp/terraform-provider-aws/issues/38252)) - resource/aws_eks_cluster: Set `access_config.bootstrap_cluster_creator_admin_permissions` to `true` on Read for clusters with no `access_config` configured. This allows in-place updates of existing clusters when `access_config` is configured ([#38295](https://togithub.com/hashicorp/terraform-provider-aws/issues/38295)) - resource/aws_elasticache_serverless_cache: Allow `cache_usage_limits.data_storage.maximum`, `cache_usage_limits.data_storage.minimum`, `cache_usage_limits.ecpu_per_second.maximum` and `cache_usage_limits.ecpu_per_second.minimum` to be updated in-place ([#38269](https://togithub.com/hashicorp/terraform-provider-aws/issues/38269)) - resource/aws_mskconnect_connector: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `log_delivery.worker_log_delivery` is empty (`{}`) ([#38270](https://togithub.com/hashicorp/terraform-provider-aws/issues/38270)) ### [`v5.57.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5570-July-4-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.56.1...v5.57.0) FEATURES: - **New Data Source:** `aws_appstream_image` ([#38225](https://togithub.com/hashicorp/terraform-provider-aws/issues/38225)) - **New Data Source:** `aws_cognito_user_pool` ([#37399](https://togithub.com/hashicorp/terraform-provider-aws/issues/37399)) - **New Data Source:** `aws_ec2_transit_gateway_peering_attachments` ([#25743](https://togithub.com/hashicorp/terraform-provider-aws/issues/25743)) - **New Data Source:** `aws_transfer_connector` ([#38213](https://togithub.com/hashicorp/terraform-provider-aws/issues/38213)) ENHANCEMENTS: - data-source/aws_backup_plan: Add `rule` attribute ([#37890](https://togithub.com/hashicorp/terraform-provider-aws/issues/37890)) - resource/aws_amplify_domain_association: Add `certificate_settings` argument ([#37105](https://togithub.com/hashicorp/terraform-provider-aws/issues/37105)) - resource/aws_ec2\_transit_gateway_peering_attachment: Add `options` argument ([#36902](https://togithub.com/hashicorp/terraform-provider-aws/issues/36902)) - resource/aws_iot_authorizer: Add `tags` argument ([#37152](https://togithub.com/hashicorp/terraform-provider-aws/issues/37152)) - resource/aws_iot_topic_rule: Add `cloudwatch_logs.batch_mode` and `error_action.cloudwatch_logs.batch_mode` arguments ([#36772](https://togithub.com/hashicorp/terraform-provider-aws/issues/36772)) - resource/aws_sagemaker_endpoint_configuration: Add support for `InputAndOutput` in `capture_mode` ([#37726](https://togithub.com/hashicorp/terraform-provider-aws/issues/37726)) BUG FIXES: - resource/aws_iot_provisioning_template: Fix `pre_provisioning_hook` update operation ([#37152](https://togithub.com/hashicorp/terraform-provider-aws/issues/37152)) - resource/aws_iot_topic_rule: Retry IAM eventual consistency errors on Update ([#36286](https://togithub.com/hashicorp/terraform-provider-aws/issues/36286)) ### [`v5.56.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5561-June-28-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.56.0...v5.56.1) BUG FIXES: - data-source/aws_cognito_user_pool_client: Fix `InvalidParameterException: 2 validation errors detected` errors on Read ([#38168](https://togithub.com/hashicorp/terraform-provider-aws/issues/38168)) - resource/aws_cognito_user: Fix a bug that caused resource recreation for resources imported with certain [import ID](https://developer.hashicorp.com/terraform/language/import#import-id) formats ([#38182](https://togithub.com/hashicorp/terraform-provider-aws/issues/38182)) - resource/aws_cognito_user_pool: Fix `runtime error: index out of range [0] with length 0` panic when adding `lambda_config` ([#38184](https://togithub.com/hashicorp/terraform-provider-aws/issues/38184)) ### [`v5.56.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5560-June-27-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.55.0...v5.56.0) FEATURES: - **New Resource:** `aws_appfabric_app_authorization_connection` ([#38084](https://togithub.com/hashicorp/terraform-provider-aws/issues/38084)) - **New Resource:** `aws_appfabric_ingestion` ([#37291](https://togithub.com/hashicorp/terraform-provider-aws/issues/37291)) - **New Resource:** `aws_appfabric_ingestion_destination` ([#37627](https://togithub.com/hashicorp/terraform-provider-aws/issues/37627)) - **New Resource:** `aws_networkfirewall_tls_inspection_configuration` ([#35168](https://togithub.com/hashicorp/terraform-provider-aws/issues/35168)) - **New Resource:** `aws_networkmonitor_monitor` ([#35722](https://togithub.com/hashicorp/terraform-provider-aws/issues/35722)) - **New Resource:** `aws_networkmonitor_probe` ([#35722](https://togithub.com/hashicorp/terraform-provider-aws/issues/35722)) ENHANCEMENTS: - resource/aws_controltower_control: Add `parameters` argument and `arn` attribute ([#38071](https://togithub.com/hashicorp/terraform-provider-aws/issues/38071)) - resource/aws_networkfirewall_logging_configuration: Add plan-time validation of `firewall_arn` ([#35168](https://togithub.com/hashicorp/terraform-provider-aws/issues/35168)) - resource/aws_quicksight_account_subscription: Add `iam_identity_center_instance_arn` attribute ([#36830](https://togithub.com/hashicorp/terraform-provider-aws/issues/36830)) - resource/aws_route53\_resolver_firewall_rule: Add `firewall_domain_redirection_action` argument ([#37242](https://togithub.com/hashicorp/terraform-provider-aws/issues/37242)) - resource/aws_route53\_resolver_firewall_rule: Add `q_type` argument ([#38074](https://togithub.com/hashicorp/terraform-provider-aws/issues/38074)) - resource/aws_sagemaker_domain: Add `default_user_settings.canvas_app_settings.generative_ai_settings` configuration block ([#37139](https://togithub.com/hashicorp/terraform-provider-aws/issues/37139)) - resource/aws_sagemaker_domain: Add `default_user_settings.code_editor_app_settings.custom_image` configuration block ([#37153](https://togithub.com/hashicorp/terraform-provider-aws/issues/37153)) - resource/aws_sagemaker_endpoint_configuration: Add `production_variants.inference_ami_version` and `shadow_production_variants.inference_ami_version` arguments ([#38085](https://togitConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.