hashicorp/terraform-provider-aws (aws)
### [`v5.51.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5511-May-24-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.51.0...v5.51.1)
ENHANCEMENTS:
- resource/aws_ecs_service: Add `volume_configuration` argument ([#37019](https://togithub.com/hashicorp/terraform-provider-aws/issues/37019))
- resource/aws_ecs_task_definition: Add `configure_at_launch` parameter in `volume` argument ([#37019](https://togithub.com/hashicorp/terraform-provider-aws/issues/37019))
BUG FIXES:
- data-source/aws_route53\_zone: Fix incorrect `name_servers` values ([#37685](https://togithub.com/hashicorp/terraform-provider-aws/issues/37685))
- data-source/aws_route53\_zone: Permit both `name` and `zone_id` arguments when one is an empty string ([#37686](https://togithub.com/hashicorp/terraform-provider-aws/issues/37686))
- resource/aws_route53\_zone: Fix incorrect `name_servers` values ([#37685](https://togithub.com/hashicorp/terraform-provider-aws/issues/37685))
### [`v5.51.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5510-May-23-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.50.0...v5.51.0)
NOTES:
- data-source/aws_lambda_function: `source_code_hash` attribute has been deprecated in favor of `code_sha256`. Will be removed in a future major version ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669))
- data-source/aws_lambda_layer_version: `source_code_hash` attribute has been deprecated in favor of `code_sha256`. Will be removed in a future major version ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646))
FEATURES:
- **New Data Source:** `aws_chatbot_slack_workspace` ([#37218](https://togithub.com/hashicorp/terraform-provider-aws/issues/37218))
- **New Resource:** `aws_lambda_runtime_management_config` ([#37643](https://togithub.com/hashicorp/terraform-provider-aws/issues/37643))
- **New Resource:** `aws_vpc_endpoint_private_dns` ([#37628](https://togithub.com/hashicorp/terraform-provider-aws/issues/37628))
- **New Resource:** `aws_vpc_endpoint_service_private_dns_verification` ([#37176](https://togithub.com/hashicorp/terraform-provider-aws/issues/37176))
ENHANCEMENTS:
- data-source/aws_lambda_function: Add `code_sha256` attribute ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669))
- data-source/aws_lambda_layer_version: Add `code_sha256` attribute ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646))
- data-source/aws_route53\_traffic_policy_document: Add support for `application-load-balancer`, `elastic-beanstalk` and `network-load-balancer` `endpoint.type` values ([#37618](https://togithub.com/hashicorp/terraform-provider-aws/issues/37618))
- resource/aws_api_gateway_deployment: Add `canary_settings` attribute ([#37573](https://togithub.com/hashicorp/terraform-provider-aws/issues/37573))
- resource/aws_iam_openid_connect_provider: Allow `client_id_list` to be updated in-place ([#37612](https://togithub.com/hashicorp/terraform-provider-aws/issues/37612))
- resource/aws_lambda_function: Add `code_sha256` attribute ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669))
- resource/aws_lambda_function: Remove `replace_security_group_on_destroy` and `replacement_security_group_ids` deprecations, re-implement with alternate workflow ([#37624](https://togithub.com/hashicorp/terraform-provider-aws/issues/37624))
- resource/aws_lambda_layer_version: Add `code_sha256` attribute ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646))
- resource/aws_route53\_health_check: Add plan-time validation of `cloudwatch_alarm_region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510))
- resource/aws_route53\_record: Add plan-time validation of `latency_routing_policy.region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510))
- resource/aws_route53\_vpc_association_authorization: Add plan-time validation of `vpc_region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510))
- resource/aws_route53\_zone_association: Add plan-time validation of `vpc_region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510))
- resource/aws_wafv2\_web_acl: Add `api_gateway`, `app_runner_service`, `cognito_user_pool`, and `verified_access_instance` configuration blocks to `association_config.request_body` ([#37588](https://togithub.com/hashicorp/terraform-provider-aws/issues/37588))
BUG FIXES:
- resource/aws_dynamodb_table_replica: Correctly set `kms_key_arn` on Read ([#37570](https://togithub.com/hashicorp/terraform-provider-aws/issues/37570))
- resource/aws_kms_grant: Change `grant_token` to [`Sensitive`](https://developer.hashicorp.com/terraform/plugin/best-practices/sensitive-state#using-sensitive-flag-functionality) ([#37593](https://togithub.com/hashicorp/terraform-provider-aws/issues/37593))
- resource/aws_lambda_function: Fix issue when `source_code_hash` causes drift even if source code has not changed ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669))
- resource/aws_lambda_layer_version: Fix issue when `source_code_hash` forces a replacement even if source code has not changed ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646))
- resource/aws_m2\_deployment: Fix `state` error on `deployment_id` during start/stop update ([#37581](https://togithub.com/hashicorp/terraform-provider-aws/issues/37581))
- resource/aws_storagegateway_smb_file_share: Fix crash when `cache_attributes` is removed on update ([#37611](https://togithub.com/hashicorp/terraform-provider-aws/issues/37611))
### [`v5.50.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5500-May-17-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.49.0...v5.50.0)
ENHANCEMENTS:
- data-source/aws_budgets_budget: Add `tags` attribute ([#37361](https://togithub.com/hashicorp/terraform-provider-aws/issues/37361))
- data-source/aws_instance: Add `launch_time` attribute ([#37002](https://togithub.com/hashicorp/terraform-provider-aws/issues/37002))
- resource/aws_budgets_budget: Add `tags` argument ([#37361](https://togithub.com/hashicorp/terraform-provider-aws/issues/37361))
- resource/aws_budgets_budget_action: Add `tags` argument ([#37361](https://togithub.com/hashicorp/terraform-provider-aws/issues/37361))
- resource/aws_ecs_account_setting_default: Add support for `fargateTaskRetirementWaitPeriod` value in `Name` argument ([#37018](https://togithub.com/hashicorp/terraform-provider-aws/issues/37018))
- resource/aws_ssm_resource_data_sync: Add plan-time validation of `s3_destination.kms_key_arn`, `s3_destination.region` and `s3_destination.sync_format` ([#37481](https://togithub.com/hashicorp/terraform-provider-aws/issues/37481))
BUG FIXES:
- data-source/aws_bedrock_foundation_models: Fix validation regex for the `by_provider` argument ([#37306](https://togithub.com/hashicorp/terraform-provider-aws/issues/37306))
- resource/aws_dynamodb_table: Fix `UnknownOperationException: Tagging is not currently supported in DynamoDB Local` errors on resource Read ([#37472](https://togithub.com/hashicorp/terraform-provider-aws/issues/37472))
- resource/aws_glue_job: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `notify_delay_after` is empty (`null`) ([#37347](https://togithub.com/hashicorp/terraform-provider-aws/issues/37347))
- resource/aws_iam_server_certificate: Now correctly reads tags after update and on read. ([#37483](https://togithub.com/hashicorp/terraform-provider-aws/issues/37483))
- resource/aws_lakeformation_data_cells_filter: Fix inconsistent `state` error when using `row_filter.all_rows_wildcard` ([#37433](https://togithub.com/hashicorp/terraform-provider-aws/issues/37433))
- resource/aws_organizations_account: Allow import of accounts with IAM access to the AWS Billing and Cost Management console ([#35662](https://togithub.com/hashicorp/terraform-provider-aws/issues/35662))
- resource/aws_ram_principal_association: Correct plan-time validation of `principal` to fix `panic: unexpected format for ID parts ([...]), the following id parts indexes are blank ([1])` ([#37450](https://togithub.com/hashicorp/terraform-provider-aws/issues/37450))
- resource/aws_route53\_record: Change region default to us-east-1 ([#37565](https://togithub.com/hashicorp/terraform-provider-aws/issues/37565))
- resource/aws_vpc_endpoint_service: Fix destroy error when endpoint service is deleted out-of-band ([#37534](https://togithub.com/hashicorp/terraform-provider-aws/issues/37534))
### [`v5.49.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5490-May-10-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.48.0...v5.49.0)
FEATURES:
- **New Data Source:** `aws_datazone_environment_blueprint` ([#36600](https://togithub.com/hashicorp/terraform-provider-aws/issues/36600))
- **New Resource:** `aws_bedrockagent_data_source` ([#37158](https://togithub.com/hashicorp/terraform-provider-aws/issues/37158))
- **New Resource:** `aws_datazone_domain` ([#36600](https://togithub.com/hashicorp/terraform-provider-aws/issues/36600))
- **New Resource:** `aws_datazone_environment_blueprint_configuration` ([#36600](https://togithub.com/hashicorp/terraform-provider-aws/issues/36600))
ENHANCEMENTS:
- data-source/aws_iam_policy_document: Add `minified_json` attribute ([#35677](https://togithub.com/hashicorp/terraform-provider-aws/issues/35677))
- resource/aws_dynamodb_table_export: Add plan-time validation of `table_arn` ([#37288](https://togithub.com/hashicorp/terraform-provider-aws/issues/37288))
- resource/aws_kms_key: Add `rotation_period_in_days` argument ([#37140](https://togithub.com/hashicorp/terraform-provider-aws/issues/37140))
- resource/aws_securitylake_subscriber_notification: Better handles importing resource ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332))
- resource/aws_securitylake_subscriber_notification: Deprecates `endpoint_id` in favor of `subscriber_endpoint` ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332))
- resource/aws_securitylake_subscriber_notification: Handles `configuration.https_notification_configuration.authorization_api_key_value` as sensitive value ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332))
BUG FIXES:
- data-source/aws_fsx_ontap_storage_virtual_machine: Correctly set `tags` on Read ([#37353](https://togithub.com/hashicorp/terraform-provider-aws/issues/37353))
- data-source/aws_rds_orderable_db_instance: Fix `InvalidParameterValue: Invalid value 3412 for MaxRecords. Must be between 20 and 1000` errors ([#37251](https://togithub.com/hashicorp/terraform-provider-aws/issues/37251))
- data-source/aws_resourceexplorer2\_search: Fix 401 unauthorized error due to missing `view_arn` in the AWS API request ([#36778](https://togithub.com/hashicorp/terraform-provider-aws/issues/36778))
- data-source/aws_resourceexplorer2\_search: Fix panic caused by bad mappping between Terraform and AWS schemas ([#36778](https://togithub.com/hashicorp/terraform-provider-aws/issues/36778))
- data-source/aws_resourceexplorer2\_search: Fix state persistence and data types ([#36778](https://togithub.com/hashicorp/terraform-provider-aws/issues/36778))
- resource/aws_bedrockagent_agent: Fix to use the configured `prepare_agent` value (or default value of `true` when omitted) for all create and update operations ([#37405](https://togithub.com/hashicorp/terraform-provider-aws/issues/37405))
- resource/aws_elasticsearch_domain: Fix handling of unset `auto_tune_options.rollback_on_disable` argument ([#37394](https://togithub.com/hashicorp/terraform-provider-aws/issues/37394))
- resource/aws_fsx_ontap_storage_virtual_machine: Correctly set `tags` and `tags_all` on resource Read ([#37353](https://togithub.com/hashicorp/terraform-provider-aws/issues/37353))
- resource/aws_fsx_openzfs_file_system: Correctly set `tags` and `tags_all` on resource Read ([#37353](https://togithub.com/hashicorp/terraform-provider-aws/issues/37353))
- resource/aws_kms_custom_key_store: Change `trust_anchor_certificate` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#37092](https://togithub.com/hashicorp/terraform-provider-aws/issues/37092))
- resource/aws_opensearch_domain: Fix handling of unset `auto_tune_options.rollback_on_disable` argument ([#37394](https://togithub.com/hashicorp/terraform-provider-aws/issues/37394))
- resource/aws_opensearch_domain: Wait for `auto_tune_options` to be applied during creation ([#37394](https://togithub.com/hashicorp/terraform-provider-aws/issues/37394))
- resource/aws_securitylake_aws_log_source: Correctly handles unspecified `source_version` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_aws_log_source: Prevents errors when creating multiple log sources concurrently ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_custom_log_source: Prevents errors when creating multiple log sources concurrently ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_custom_log_source: Validates length of `source_name` parameter ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_subscriber: Allow more than one log source ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_subscriber: Correctly handles unspecified `access_type` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_subscriber: Correctly handles unspecified `source_version` parameter for `aws_log_source_resource` and `custom_log_source_resource` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_subscriber: Correctly requires `source_name` parameter for `aws_log_source_resource` and `custom_log_source_resource` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268))
- resource/aws_securitylake_subscriber_notification: No longer recreates resource when not needed ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332))
- resource/aws_securitylake_subscriber_notification: Requires value for `configuration.https_notification_configuration.endpoint` ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332))
- resource/provider: Change the AWS SDK for Go v2 API client [`BackoffDelayer`](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2@v1.26.1/aws/retry#BackoffDelayer) to maintain behavioral compatibility with AWS SDK for Go v1 ([#37404](https://togithub.com/hashicorp/terraform-provider-aws/issues/37404))
### [`v5.48.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5480-May-2-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.47.0...v5.48.0)
FEATURES:
- **New Resource:** `aws_bedrockagent_agent_knowledge_base_association` ([#37185](https://togithub.com/hashicorp/terraform-provider-aws/issues/37185))
ENHANCEMENTS:
- resource/aws_cloudwatch_event_target: Add `force_destroy` argument ([#37130](https://togithub.com/hashicorp/terraform-provider-aws/issues/37130))
- resource/aws_elasticache_replication_group: Increase default Delete timeout to 45 minutes ([#37182](https://togithub.com/hashicorp/terraform-provider-aws/issues/37182))
- resource/aws_elasticache_replication_group: Use the configured Delete timeout when detaching from any global replication group ([#37182](https://togithub.com/hashicorp/terraform-provider-aws/issues/37182))
- resource/aws_fsx_ontap_file_system: Add support for specifying 1 ha_pair with `SINGLE_AZ_1` and `MULTI_AZ_1` deployment types ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511))
- resource/aws_fsx_ontap_file_system: Increase `storage_capacity` maximum to 1PiB ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511))
- resource/aws_fsx_ontap_file_system: Support up to 12 `ha_pairs` ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511))
- resource/aws_fsx_ontap_file_system: Update `throughput_capacity_per_ha_pair` to support all values from `throughput_capacity` ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511))
- resource/aws_fsx_ontap_volume: Add `aggregate_configuration` configuration block ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511))
- resource/aws_fsx_ontap_volume: Add `size_in_bytes` and `volume_style` arguments ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511))
BUG FIXES:
- resource/aws_bcmdataexports_export: Fix `table_configurations` expand/flatten ([#37205](https://togithub.com/hashicorp/terraform-provider-aws/issues/37205))
- resource/aws_cloudwatch_event_connection: Add plan-time validation preventing empty `auth_parameters.oauth.oauth_http_parameters` or `auth_parameters.invocation_http_parameters`
`body`, `header` and `query_string` configuration blocks ([#26755](https://togithub.com/hashicorp/terraform-provider-aws/issues/26755))
- resource/aws_elasticache_replication_group: Decrease replica count after other updates ([#34819](https://togithub.com/hashicorp/terraform-provider-aws/issues/34819))
- resource/aws_elasticache_replication_group: Fix `unexpected state 'snapshotting'` errors when increasing or decreasing replica count ([#30493](https://togithub.com/hashicorp/terraform-provider-aws/issues/30493))
### [`v5.47.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5470-April-26-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.46.0...v5.47.0)
NOTES:
- provider: Updates to Go 1.22. This is the last Go release that will run on macOS 10.15 Catalina ([#36996](https://togithub.com/hashicorp/terraform-provider-aws/issues/36996))
- resource/aws_bedrockagent_knowledge_base: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#36783](https://togithub.com/hashicorp/terraform-provider-aws/issues/36783))
FEATURES:
- **New Data Source:** `aws_identitystore_groups` ([#36993](https://togithub.com/hashicorp/terraform-provider-aws/issues/36993))
- **New Resource:** `aws_bcmdataexports_export` ([#36847](https://togithub.com/hashicorp/terraform-provider-aws/issues/36847))
- **New Resource:** `aws_bedrockagent_agent` ([#36851](https://togithub.com/hashicorp/terraform-provider-aws/issues/36851))
- **New Resource:** `aws_bedrockagent_agent_action_group` ([#36935](https://togithub.com/hashicorp/terraform-provider-aws/issues/36935))
- **New Resource:** `aws_bedrockagent_agent_alias` ([#36905](https://togithub.com/hashicorp/terraform-provider-aws/issues/36905))
- **New Resource:** `aws_bedrockagent_knowledge_base` ([#36783](https://togithub.com/hashicorp/terraform-provider-aws/issues/36783))
- **New Resource:** `aws_globalaccelerator_cross_account_attachment` ([#35991](https://togithub.com/hashicorp/terraform-provider-aws/issues/35991))
- **New Resource:** `aws_verifiedpermissions_policy` ([#35413](https://togithub.com/hashicorp/terraform-provider-aws/issues/35413))
ENHANCEMENTS:
- data-source/aws_eip: Add `arn` attribute ([#35991](https://togithub.com/hashicorp/terraform-provider-aws/issues/35991))
- resource/aws_api_gateway_rest_api: Correctly set `root_resource_id` on resource Read ([#37040](https://togithub.com/hashicorp/terraform-provider-aws/issues/37040))
- resource/aws_appmesh_mesh: Add `spec.service_discovery` argument ([#37042](https://togithub.com/hashicorp/terraform-provider-aws/issues/37042))
- resource/aws_cloudformation_stack_set: Adds guidance on permissions when using delegated administrator account ([#37069](https://togithub.com/hashicorp/terraform-provider-aws/issues/37069))
- resource/aws_db_instance: Add `dedicated_log_volume` argument ([#36503](https://togithub.com/hashicorp/terraform-provider-aws/issues/36503))
- resource/aws_eip: Add `arn` attribute ([#35991](https://togithub.com/hashicorp/terraform-provider-aws/issues/35991))
- resource/aws_elasticache_replication_group: Add `transit_encryption_mode` argument ([#30403](https://togithub.com/hashicorp/terraform-provider-aws/issues/30403))
- resource/aws_elasticache_replication_group: Changes to the `transit_encryption_enabled` argument can now be done in-place for engine versions > `7.0.5` ([#30403](https://togithub.com/hashicorp/terraform-provider-aws/issues/30403))
- resource/aws_kinesis_firehose_delivery_stream: Add `snowflake_configuration` argument ([#36646](https://togithub.com/hashicorp/terraform-provider-aws/issues/36646))
- resource/aws_memorydb_user: Support IAM authentication mode ([#32027](https://togithub.com/hashicorp/terraform-provider-aws/issues/32027))
- resource/aws_sagemaker_app_image_config: Add `code_editor_app_image_config` and `jupyter_lab_image_config.jupyter_lab_image_config` arguments ([#37059](https://togithub.com/hashicorp/terraform-provider-aws/issues/37059))
- resource/aws_sagemaker_app_image_config: Change `kernel_gateway_image_config.kernel_spec` MaxItems to 5 ([#37059](https://togithub.com/hashicorp/terraform-provider-aws/issues/37059))
- resource/aws_transfer_server: Add `sftp_authentication_methods` argument ([#37015](https://togithub.com/hashicorp/terraform-provider-aws/issues/37015))
BUG FIXES:
- resource/aws_batch_job_definition: Fix issues where changes causing a new `revision` do not trigger changes in dependent resources and/or cause an error, "Provider produced inconsistent final plan" ([#37111](https://togithub.com/hashicorp/terraform-provider-aws/issues/37111))
- resource/aws_ce_cost_category: Allow up to 3 levels of `and`, `not` and `or` operand nesting for the `rule` argument ([#30862](https://togithub.com/hashicorp/terraform-provider-aws/issues/30862))
- resource/aws_elasticache_replication_group: Fix excessive delay on read ([#30403](https://togithub.com/hashicorp/terraform-provider-aws/issues/30403))
- resource/aws_servicecatalog_portfolio: Fixes error where deletion fails if resource was deleted out of band. ([#37066](https://togithub.com/hashicorp/terraform-provider-aws/issues/37066))
- resource/aws_servicecatalog_provisioned_product: Fixes error where tag values are not applied to products when tag values don't change. ([#37066](https://togithub.com/hashicorp/terraform-provider-aws/issues/37066))
### [`v5.46.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5460-April-18-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.45.0...v5.46.0)
NOTES:
- provider: When using YAML or JSON documents, such as in `template_body` of `aws_cloudformation_stack`, CRLF was previously treated as different from LF but these are now treated as equivalent in many situations ([#14270](https://togithub.com/hashicorp/terraform-provider-aws/issues/14270))
FEATURES:
- **New Resource:** `aws_eip_domain_name` ([#36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963))
ENHANCEMENTS:
- data-source/aws_alb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969))
- data-source/aws_eip: Add `ptr_record` attribute ([#36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963))
- data-source/aws_iam_policy: Add `attachment_count` attribute ([#36759](https://togithub.com/hashicorp/terraform-provider-aws/issues/36759))
- data-source/aws_lb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969))
- data-source/aws_organizations_organization: Add `master_account_name` attribute ([#36797](https://togithub.com/hashicorp/terraform-provider-aws/issues/36797))
- data-source/aws_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` attribute ([#36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934))
- resource/aws_alb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969))
- resource/aws_autoscaling_group: Add `alarm_specification` to the `instance_refresh.preferences` configuration block ([#36954](https://togithub.com/hashicorp/terraform-provider-aws/issues/36954))
- resource/aws_cloudformation_stack_set: Add retry when creating to potentially help with eventual consistency problems ([#36982](https://togithub.com/hashicorp/terraform-provider-aws/issues/36982))
- resource/aws_cloudfront_origin_access_control: Add `lambda` and `mediapackagev2` as valid values for `origin_access_control_origin_type` ([#34362](https://togithub.com/hashicorp/terraform-provider-aws/issues/34362))
- resource/aws_cloudwatch_event_rule: Add `force_destroy` attribute ([#34905](https://togithub.com/hashicorp/terraform-provider-aws/issues/34905))
- resource/aws_codebuild_project: Add GitLab and GitLab Self Managed support to the `report_build_status` and `build_status_config` arguments ([#36942](https://togithub.com/hashicorp/terraform-provider-aws/issues/36942))
- resource/aws_default_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` as Computed attribute ([#36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934))
- resource/aws_dms_replication_task: Add `resource_identifier` argument ([#36901](https://togithub.com/hashicorp/terraform-provider-aws/issues/36901))
- resource/aws_eip: Add `ptr_record` attribute ([#36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963))
- resource/aws_elasticache_serverless_cache: Add `minimum` attribute in `cache_usage_limits.data_storage` and `cache_usage_limits.ecpu_per_second` ([#36766](https://togithub.com/hashicorp/terraform-provider-aws/issues/36766))
- resource/aws_fsx_openzfs_file_system: Add `endpoint_ip_address` attribute ([#36767](https://togithub.com/hashicorp/terraform-provider-aws/issues/36767))
- resource/aws_iam_policy: Add `attachment_count` attribute ([#36759](https://togithub.com/hashicorp/terraform-provider-aws/issues/36759))
- resource/aws_imagebuilder_image: Add `execution_role` and `workflow` arguments ([#36953](https://togithub.com/hashicorp/terraform-provider-aws/issues/36953))
- resource/aws_lb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969))
- resource/aws_mwaa_environment: Add `database_vpc_endpoint_service` and `webserver_vpc_endpoint_service` attributes ([#36903](https://togithub.com/hashicorp/terraform-provider-aws/issues/36903))
- resource/aws_organizations_organization: Add `master_account_name` attribute ([#36797](https://togithub.com/hashicorp/terraform-provider-aws/issues/36797))
- resource/aws_transfer_connector: Add `security_policy_name` argument ([#36893](https://togithub.com/hashicorp/terraform-provider-aws/issues/36893))
- resource/aws_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` attribute ([#36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934))
- resource/aws_vpc_ipam_pool: Add `cascade` argument ([#36898](https://togithub.com/hashicorp/terraform-provider-aws/issues/36898))
BUG FIXES:
- data-source/aws_iam_policy_document: When using multiple principals, sort them to avoid differences based only on order ([#25967](https://togithub.com/hashicorp/terraform-provider-aws/issues/25967))
- resource/aws_appconfig_deployment: Fix `ConflictException` errors on resource Create ([#36980](https://togithub.com/hashicorp/terraform-provider-aws/issues/36980))
- resource/aws_ce_anomaly_monitor: Change `monitor_dimension` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#36773](https://togithub.com/hashicorp/terraform-provider-aws/issues/36773))
- resource/aws_ce_anomaly_subscription: Change `account_id` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#36773](https://togithub.com/hashicorp/terraform-provider-aws/issues/36773))
- resource/aws_cloudformation_stack: CRLF line endings in `template_body` no longer cause erroneous diffs ([#14270](https://togithub.com/hashicorp/terraform-provider-aws/issues/14270))
- resource/aws_db_proxy: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `auth` is empty (`{}`) ([#36967](https://togithub.com/hashicorp/terraform-provider-aws/issues/36967))
- resource/aws_dms_replication_config: Adds validation to `replication_settings` to disallow `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream`. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936))
- resource/aws_dms_replication_config: Suppresses differences in partial `replication_settings` JSON documents. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936))
- resource/aws_dms_replication_task: Adds validation to `replication_task_settings` to disallow `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream`. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936))
- resource/aws_dms_replication_task: Allows leaving `replication_task_settings` unset to use default settings. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936))
- resource/aws_dms_replication_task: Suppresses differences in partial `replication_task_settings` JSON documents. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936))
- resource/aws_fsx_windows_file_system: Fix error `BadRequest: AuditLogDestination must not be provided when auditing is disabled` when updating `audit_log_configuration.0.file_access_audit_log_level` and `audit_log_configuration.0.file_share_access_audit_log_level` to `"DISABLED"` ([#36928](https://togithub.com/hashicorp/terraform-provider-aws/issues/36928))
- resource/aws_glue_job: Mark `number_of_workers` and `worker_type` as optional/computed, preventing persistent differences when `max_capacity` is set. ([#36770](https://togithub.com/hashicorp/terraform-provider-aws/issues/36770))
- resource/aws_iam_user_login_profile: Fix forced re-creation when `password_reset_required` is `true` and initial password reset is completed ([#36926](https://togithub.com/hashicorp/terraform-provider-aws/issues/36926))
- resource/aws_lightsail_distribution: Fix to properly set `certificate_name` on create and update ([#36888](https://togithub.com/hashicorp/terraform-provider-aws/issues/36888))
- resource/aws_vpc_dhcp_options: Fix `NotFound` error handling on delete ([#36933](https://togithub.com/hashicorp/terraform-provider-aws/issues/36933))
### [`v5.45.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5450-April-11-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.44.0...v5.45.0)
NOTES:
- resource/aws_redshift_cluster: The `logging` argument is now deprecated. Use the `aws_redshift_logging` resource instead. ([#36862](https://togithub.com/hashicorp/terraform-provider-aws/issues/36862))
- resource/aws_redshift_cluster: The `snapshot_copy` argument is now deprecated. Use the `aws_redshift_snapshot_copy` resource instead. ([#36810](https://togithub.com/hashicorp/terraform-provider-aws/issues/36810))
FEATURES:
- **New Resource:** `aws_redshift_logging` ([#36862](https://togithub.com/hashicorp/terraform-provider-aws/issues/36862))
- **New Resource:** `aws_redshift_snapshot_copy` ([#36810](https://togithub.com/hashicorp/terraform-provider-aws/issues/36810))
ENHANCEMENTS:
- data-source/aws_sagemaker_prebuilt_ecr_image: Add `registry_id` for `af-south-1` AWS Region ([#36803](https://togithub.com/hashicorp/terraform-provider-aws/issues/36803))
- resource/aws_api_gateway_documentation_part: Add `documentation_part_id` attribute ([#36445](https://togithub.com/hashicorp/terraform-provider-aws/issues/36445))
- resource/aws_wafregional_web_acl_association: Add configurable timeouts ([#36445](https://togithub.com/hashicorp/terraform-provider-aws/issues/36445))
- resource/aws_wafregional_web_acl_association: Add plan-time validation of `resource_arn` ([#36445](https://togithub.com/hashicorp/terraform-provider-aws/issues/36445))
BUG FIXES:
- provider: Change the default AWS SDK for Go v2 API client [`MaxBackoff`](https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/retries-timeouts/#limiting-the-max-back-off-delay) value to 300 seconds so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 ([#36855](https://togithub.com/hashicorp/terraform-provider-aws/issues/36855))
- resource/aws_datasync_location_object_storage: Allow update to `agent_arns` ([#36819](https://togithub.com/hashicorp/terraform-provider-aws/issues/36819))
- resource/aws_devopsguru_notification_channel: Fix persistent diff when `filters.message_types` or `filters.severities` contains multiple elements ([#36804](https://togithub.com/hashicorp/terraform-provider-aws/issues/36804))
- resource/aws_securityhub_configuration_policy: Mark `configuration_policy.enabled_standard_arns` as Optional, fixing `InvalidInputException: Invalid semantics: Enabled standards and security control configurations must be configured when Security Hub is enabled` errors ([#36740](https://togithub.com/hashicorp/terraform-provider-aws/issues/36740))
### [`v5.44.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5440-April-4-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.43.0...v5.44.0)
FEATURES:
- **New Data Source:** `aws_devopsguru_notification_channel` ([#36656](https://togithub.com/hashicorp/terraform-provider-aws/issues/36656))
- **New Data Source:** `aws_devopsguru_resource_collection` ([#36657](https://togithub.com/hashicorp/terraform-provider-aws/issues/36657))
- **New Data Source:** `aws_ecr_lifecycle_policy_document` ([#6133](https://togithub.com/hashicorp/terraform-provider-aws/issues/6133))
- **New Function:** `trim_iam_role_path` ([#36723](https://togithub.com/hashicorp/terraform-provider-aws/issues/36723))
- **New Resource:** `aws_devopsguru_service_integration` ([#36694](https://togithub.com/hashicorp/terraform-provider-aws/issues/36694))
ENHANCEMENTS:
- data-source/aws_servicecatalogappregistry_application: Add `application_tag` attribute ([#36647](https://togithub.com/hashicorp/terraform-provider-aws/issues/36647))
- data/aws_glue_data_catalog_encryption_settings: Add `data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role` attribute ([#35978](https://togithub.com/hashicorp/terraform-provider-aws/issues/35978))
- resource/aws_appstream_fleet: Add `desired_sessions` argument to the `compute_capacity` block. ([#34266](https://togithub.com/hashicorp/terraform-provider-aws/issues/34266))
- resource/aws_appstream_fleet: Add `max_sessions_per_instance` argument. ([#34266](https://togithub.com/hashicorp/terraform-provider-aws/issues/34266))
- resource/aws_batch_job_definition: Add update functions instead of ForceNew. Add `deregister_on_new_revision` to allow keeping prior versions ACTIVE when a new revision is published. ([#35149](https://togithub.com/hashicorp/terraform-provider-aws/issues/35149))
- resource/aws_db_instance: Adds warning when setting `character_set_name` when `replicate_source_db`, `restore_to_point_in_time`, or `snapshot_identifier` is set ([#36518](https://togithub.com/hashicorp/terraform-provider-aws/issues/36518))
- resource/aws_emr_cluster: Add `unhealthy_node_replacement` argument ([#36523](https://togithub.com/hashicorp/terraform-provider-aws/issues/36523))
- resource/aws_glue_data_catalog_encryption_settings: Add `data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role` argument ([#35978](https://togithub.com/hashicorp/terraform-provider-aws/issues/35978))
- resource/aws_lambda_function: Add support for `ruby3.3` `runtime` value ([#36751](https://togithub.com/hashicorp/terraform-provider-aws/issues/36751))
- resource/aws_lambda_layer_version: Add support for `ruby3.3` `compatible_runtimes` value ([#36751](https://togithub.com/hashicorp/terraform-provider-aws/issues/36751))
- resource/aws_servicecatalogappregistry_application: Add `application_tag` attribute ([#36647](https://togithub.com/hashicorp/terraform-provider-aws/issues/36647))
- resource/aws_transfer_server: Add `s3_storage_options` configuration block ([#36664](https://togithub.com/hashicorp/terraform-provider-aws/issues/36664))
- resource/aws_wafv2\_web_acl: Add `address_fields` and `phone_number_fields` to `statement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_acfp_rule_set.request_inspection` ([#36685](https://togithub.com/hashicorp/terraform-provider-aws/issues/36685))
BUG FIXES:
- provider: Correctly handles user agents passed using `TF_APPEND_USER_AGENT` which contain `/`, `(`, `)`, or space. ([#36738](https://togithub.com/hashicorp/terraform-provider-aws/issues/36738))
- resource/aws_batch_scheduling_policy: Fixes error where tags could not be updated ([#36517](https://togithub.com/hashicorp/terraform-provider-aws/issues/36517))
- resource/aws_cloudfront_key_value_store: Serialize CloudFront KeyValueStore access ([#36734](https://togithub.com/hashicorp/terraform-provider-aws/issues/36734))
- resource/aws_cloudfrontkeyvaluestore_key: Serialize CloudFront KeyValueStore access ([#36734](https://togithub.com/hashicorp/terraform-provider-aws/issues/36734))
- resource/aws_cognito_user_pool: Correct plan-time validation of `email_verification_message`, `email_verification_subject`, `admin_create_user_config.invite_message_template.email_message`, `admin_create_user_config.invite_message_template.email_subject`, `admin_create_user_config.invite_message_template.sms_message`, `sms_authentication_message`, `sms_verification_message`, `verification_message_template.email_message`, `verification_message_template.email_message_by_link`, `verification_message_template.email_subject`, `verification_message_template.email_subject_by_link`, and `verification_message_template.sms_message` to count UTF-8 characters properly ([#36661](https://togithub.com/hashicorp/terraform-provider-aws/issues/36661))
- resource/aws_ecr_lifecycle_policy: Add missing `tagPatternList` change detection in policy JSON ([#35231](https://togithub.com/hashicorp/terraform-provider-aws/issues/35231))
- resource/aws_ecs_service: Correctly set `alarms.rollback` on resource Create and Update ([#36691](https://togithub.com/hashicorp/terraform-provider-aws/issues/36691))
- resource/aws_iam_user: When `force_destroy` is used and there are inline or attached policies, allow resource to be destroyed ([#36640](https://togithub.com/hashicorp/terraform-provider-aws/issues/36640))
- resource/aws_imagebuilder_distribution_configuration: Fix validation regex for `ami_distribution_configuration.name` ([#36659](https://togithub.com/hashicorp/terraform-provider-aws/issues/36659))
- resource/aws_redshift_cluster: Fix error preventing modification of a configured `snapshot_copy` block ([#36655](https://togithub.com/hashicorp/terraform-provider-aws/issues/36655))
- resource/aws_route53\_record: Fix to correctly interpret alias names with wildcards ([#36699](https://togithub.com/hashicorp/terraform-provider-aws/issues/36699))
### [`v5.43.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5430-March-28-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.42.0...v5.43.0)
FEATURES:
- **New Data Source:** `aws_resourceexplorer2_search` ([#36560](https://togithub.com/hashicorp/terraform-provider-aws/issues/36560))
- **New Data Source:** `aws_servicecatalogappregistry_application` ([#36596](https://togithub.com/hashicorp/terraform-provider-aws/issues/36596))
- **New Resource:** `aws_cloudfrontkeyvaluestore_key` ([#36534](https://togithub.com/hashicorp/terraform-provider-aws/issues/36534))
- **New Resource:** `aws_devopsguru_notification_channel` ([#36557](https://togithub.com/hashicorp/terraform-provider-aws/issues/36557))
- **New Resource:** `aws_dynamodb_resource_policy` ([#36595](https://togithub.com/hashicorp/terraform-provider-aws/issues/36595))
- **New Resource:** `aws_ec2_instance_metadata_defaults` ([#36589](https://togithub.com/hashicorp/terraform-provider-aws/issues/36589))
- **New Resource:** `aws_lakeformation_resource_lf_tag` ([#36537](https://togithub.com/hashicorp/terraform-provider-aws/issues/36537))
- **New Resource:** `aws_m2_application` ([#35399](https://togithub.com/hashicorp/terraform-provider-aws/issues/35399))
- **New Resource:** `aws_m2_deployment` ([#35408](https://togithub.com/hashicorp/terraform-provider-aws/issues/35408))
- **New Resource:** `aws_m2_environment` ([#35311](https://togithub.com/hashicorp/terraform-provider-aws/issues/35311))
- **New Resource:** `aws_redshiftserverless_custom_domain_association` ([#35865](https://togithub.com/hashicorp/terraform-provider-aws/issues/35865))
- **New Resource:** `aws_servicecatalogappregistry_application` ([#36277](https://togithub.com/hashicorp/terraform-provider-aws/issues/36277))
ENHANCEMENTS:
- data-source/aws_cloudfront_function: Add `key_value_store_associations` attribute ([#36585](https://togithub.com/hashicorp/terraform-provider-aws/issues/36585))
- data-source/aws_db_snapshot: Add `original_snapshot_create_time` attribute ([#36544](https://togithub.com/hashicorp/terraform-provider-aws/issues/36544))
- resource/aws_cloudfront_function: Add `key_value_store_associations` argument ([#36585](https://togithub.com/hashicorp/terraform-provider-aws/issues/36585))
- resource/aws_ec2\_host: Add user configurable timeouts ([#36538](https://togithub.com/hashicorp/terraform-provider-aws/issues/36538))
- resource/aws_glacier_vault_lock: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_iam_group_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_iam_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_iam_role: Allow `assume_role_policy` and `inline_policy.*.policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_iam_role_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_iam_user_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_kinesisanalyticsv2\_application: Add support for `FLINK-1_18` `runtime_environment` value ([#36562](https://togithub.com/hashicorp/terraform-provider-aws/issues/36562))
- resource/aws_media_store_container_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_ssoadmin_permission_set_inline_policy: Allow `inline_policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_transfer_access: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_transfer_user: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597))
- resource/aws_vpc_ipam: Add `tier` argument ([#36504](https://togithub.com/hashicorp/terraform-provider-aws/issues/36504))
BUG FIXES:
- data-source/aws_cur_report_definition: Direct all API calls to the `us-east-1` endpoint as this is the only Region in which AWS Cost and Usage Reports is available ([#36540](https://togithub.com/hashicorp/terraform-provider-aws/issues/36540))
- resource/aws_applicationinsights_application: Make `ACTIVE` a valid create target status ([#36615](https://togithub.com/hashicorp/terraform-provider-aws/issues/36615))
- resource/aws_autoscaling_group: Don't attempt to remove scale-in protection from instances that don't have the feature enabled ([#36586](https://togithub.com/hashicorp/terraform-provider-aws/issues/36586))
- resource/aws_cur_report_definition: Direct all API calls to the `us-east-1` endpoint as this is the only Region in which AWS Cost and Usage Reports is available ([#36540](https://togithub.com/hashicorp/terraform-provider-aws/issues/36540))
- resource/aws_elasticsearch_domain_policy: Handle delayed domain status propagation, preventing a `ValidationException`. ([#36592](https://togithub.com/hashicorp/terraform-provider-aws/issues/36592))
- resource/aws_iam_instance_profile: Detect when the associated `role` no longer exists ([#34099](https://togithub.com/hashicorp/terraform-provider-aws/issues/34099))
- resource/aws_instance: Replace an instance when an `instance_type` change also requires an architecture change, such as x86\_64 to arm64 ([#36590](https://togithub.com/hashicorp/terraform-provider-aws/issues/36590))
- resource/aws_opensearch_domain_policy: Handle delayed domain status propagation, preventing a `ValidationException`. ([#36592](https://togithub.com/hashicorp/terraform-provider-aws/issues/36592))
- resource/aws_quicksight_dashboard: Fix failure when updating a dashboard takes a while ([#34227](https://togithub.com/hashicorp/terraform-provider-aws/issues/34227))
- resource/aws_quicksight_template: Fix "Invalid address to set" errors ([#34227](https://togithub.com/hashicorp/terraform-provider-aws/issues/34227))
- resource/aws_quicksight_template: Fix "a number is required" errors when state contains an empty string ([#34227](https://togithub.com/hashicorp/terraform-provider-aws/issues/34227))
- resource/aws_redshift_cluster: Fix `InvalidParameterCombination` errors when updating only `skip_final_snapshot` ([#36635](https://togithub.com/hashicorp/terraform-provider-aws/issues/36635))
- resource/aws_route53\_zone: Prevent re-creation when `name` casing changes ([#36563](https://togithub.com/hashicorp/terraform-provider-aws/issues/36563))
- resource/aws_secretsmanager_secret_version: Fix to handle versions deleted out-of-band without raising an `InvalidRequestException` ([#36609](https://togithub.com/hashicorp/terraform-provider-aws/issues/36609))
- resource/aws_ssm_parameter: force create a new SSM parameter when `data_type` is updated. ([#35960](https://togithub.com/hashicorp/terraform-provider-aws/issues/35960))
### [`v5.42.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5420-March-22-2024)
[Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.41.0...v5.42.0)
FEATURES:
- **New Data Source:** `aws_redshift_producer_data_shares` ([#36481](https://togithub.com/hashicorp/terraform-provider-aws/issues/36481))
- **New Resource:** `aws_devopsguru_event_sources_config` ([#36485](https://togithub.com/hashicorp/terraform-provider-aws/issues/36485))
- **New Resource:** `aws_devopsguru_resource_collection` ([#36489](https://togithub.com/hashicorp/terraform-provider-aws/issues/36489))
- **New Resource:** `aws_dynamodb_table_export` ([#30399](https://togithub.com/hashicorp/terraform-provider-aws/issues/30399))
ENHANCEMENTS:
- data-source/aws_vpc_peering_connection: Add `ipv6_cidr_block_set` and `peer_ipv6_cidr_block_set` attributes ([#36391](https://togithub.com/hashicorp/terraform-provider-aws/issues/36391))
- resource/aws_datasync_location_hdfs: Add `kerberos_keytab_base64` and `kerberos_krb5_conf_base64` arguments ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072))
- resource/aws_finspace_kx_dataview: Add `read_write` and `segment_configuration.on_demand` arguments ([#36486](https://togithub.com/hashicorp/terraform-provider-aws/issues/36486))
- resource/aws_rds_cluster: Add `enable_local_write_forwarding` argument to support Aurora MySQL local write forwarding ([#34370](https://togithub.com/hashicorp/terraform-provider-aws/issues/34370))
BUG FIXES:
- provider: Change the default AWS SDK for Go v2 API client [`RateLimiter`](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#RateLimiter) to [`ratelimit.None`](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/ratelimit#pkg-variables) so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 ([#36467](https://togithub.com/hashicorp/terraform-provider-aws/issues/36467))
- resource/aws_appautoscaling_policy: Fix errors when importing an MSK storage autoscaling policy ([#34934](https://togithub.com/hashicorp/terraform-provider-aws/issues/34934))
- resource/aws_appautoscaling_scheduled_action: Always send `start_time` and `end_time` values on update when configured ([#33713](https://togithub.com/hashicorp/terraform-provider-aws/issues/33713))
- resource/aws_appautoscaling_scheduled_action: Read correct resource by using `scalable_dimension` as an additional filter ([#34382](https://togithub.com/hashicorp/terraform-provider-aws/issues/34382))
- resource/aws_datasync_location_azure_blob: Fix missing `container_url` attribute value and bad `subdirectory` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072))
- resource/aws_datasync_location_efs: Fix missing `efs_file_system_arn` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072))
- resource/aws_datasync_location_hdfs: Mark `qop_configuration` as Computed ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072))
- resource/aws_datasync_location_nfs: Fix missing `server_hostname` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072))
- resource/aws_datasync_location_s3: Fix missing `s3_bucket_arn` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072))
- resource/aws_datasync_location_smb: Fix missing `server_hostname` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072))
- resource/aws_dms_replication_config: Fix persistent change in `replication_settings` ([#35670](https://togithub.com/hashicorp/terraform-provider-aws/issues/35670))
- resource/aws_dms_replication_task: Fix persistent change in `replication_task_settings` ([#35670](https://togithub.com/hashicorp/terraform-provider-aws/issues/35670))
- resource/aws_eks_access_entry: Always send `kubernetes_groups` and `user_name` values on update when configured ([#36484](https://togithub.com/hashicorp/terraform-provider-aws/issues/36484))
- resource/aws_glue_job: Adjust `number_of_workers` minimum value to `1` ([#36458](https://togithub.com/hashicorp/terraform-provider-aws/issues/36458))
- resource/aws_lexv2models_slot: Fix custom_payload typo ([#36488](https://togithub.com/hashicorp/terraform-provider-aws/issues/36488))
- resource/aws_route: Allow resource creation if a propagated route to the same destination exists ([#36512](https://togithub.com/hashicorp/terraform-provider-aws/issues/36512))
- resource/aws_vpn_connection: `local_ipv6_network_cidr`, `remote_ipv6_network_cidr`, `tunnel1_inside_ipv6_cidr`, and `tunnel2_inside_ipv6_cidr` no longer require `transit_gateway_id` to be specified ([#36405](https://togithub.com/hashicorp/terraform-provider-aws/issues/36405))
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
~> 5.41.0
->~> 5.51.0
Release Notes
hashicorp/terraform-provider-aws (aws)
### [`v5.51.1`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5511-May-24-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.51.0...v5.51.1) ENHANCEMENTS: - resource/aws_ecs_service: Add `volume_configuration` argument ([#37019](https://togithub.com/hashicorp/terraform-provider-aws/issues/37019)) - resource/aws_ecs_task_definition: Add `configure_at_launch` parameter in `volume` argument ([#37019](https://togithub.com/hashicorp/terraform-provider-aws/issues/37019)) BUG FIXES: - data-source/aws_route53\_zone: Fix incorrect `name_servers` values ([#37685](https://togithub.com/hashicorp/terraform-provider-aws/issues/37685)) - data-source/aws_route53\_zone: Permit both `name` and `zone_id` arguments when one is an empty string ([#37686](https://togithub.com/hashicorp/terraform-provider-aws/issues/37686)) - resource/aws_route53\_zone: Fix incorrect `name_servers` values ([#37685](https://togithub.com/hashicorp/terraform-provider-aws/issues/37685)) ### [`v5.51.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5510-May-23-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.50.0...v5.51.0) NOTES: - data-source/aws_lambda_function: `source_code_hash` attribute has been deprecated in favor of `code_sha256`. Will be removed in a future major version ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669)) - data-source/aws_lambda_layer_version: `source_code_hash` attribute has been deprecated in favor of `code_sha256`. Will be removed in a future major version ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646)) FEATURES: - **New Data Source:** `aws_chatbot_slack_workspace` ([#37218](https://togithub.com/hashicorp/terraform-provider-aws/issues/37218)) - **New Resource:** `aws_lambda_runtime_management_config` ([#37643](https://togithub.com/hashicorp/terraform-provider-aws/issues/37643)) - **New Resource:** `aws_vpc_endpoint_private_dns` ([#37628](https://togithub.com/hashicorp/terraform-provider-aws/issues/37628)) - **New Resource:** `aws_vpc_endpoint_service_private_dns_verification` ([#37176](https://togithub.com/hashicorp/terraform-provider-aws/issues/37176)) ENHANCEMENTS: - data-source/aws_lambda_function: Add `code_sha256` attribute ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669)) - data-source/aws_lambda_layer_version: Add `code_sha256` attribute ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646)) - data-source/aws_route53\_traffic_policy_document: Add support for `application-load-balancer`, `elastic-beanstalk` and `network-load-balancer` `endpoint.type` values ([#37618](https://togithub.com/hashicorp/terraform-provider-aws/issues/37618)) - resource/aws_api_gateway_deployment: Add `canary_settings` attribute ([#37573](https://togithub.com/hashicorp/terraform-provider-aws/issues/37573)) - resource/aws_iam_openid_connect_provider: Allow `client_id_list` to be updated in-place ([#37612](https://togithub.com/hashicorp/terraform-provider-aws/issues/37612)) - resource/aws_lambda_function: Add `code_sha256` attribute ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669)) - resource/aws_lambda_function: Remove `replace_security_group_on_destroy` and `replacement_security_group_ids` deprecations, re-implement with alternate workflow ([#37624](https://togithub.com/hashicorp/terraform-provider-aws/issues/37624)) - resource/aws_lambda_layer_version: Add `code_sha256` attribute ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646)) - resource/aws_route53\_health_check: Add plan-time validation of `cloudwatch_alarm_region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510)) - resource/aws_route53\_record: Add plan-time validation of `latency_routing_policy.region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510)) - resource/aws_route53\_vpc_association_authorization: Add plan-time validation of `vpc_region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510)) - resource/aws_route53\_zone_association: Add plan-time validation of `vpc_region` ([#37510](https://togithub.com/hashicorp/terraform-provider-aws/issues/37510)) - resource/aws_wafv2\_web_acl: Add `api_gateway`, `app_runner_service`, `cognito_user_pool`, and `verified_access_instance` configuration blocks to `association_config.request_body` ([#37588](https://togithub.com/hashicorp/terraform-provider-aws/issues/37588)) BUG FIXES: - resource/aws_dynamodb_table_replica: Correctly set `kms_key_arn` on Read ([#37570](https://togithub.com/hashicorp/terraform-provider-aws/issues/37570)) - resource/aws_kms_grant: Change `grant_token` to [`Sensitive`](https://developer.hashicorp.com/terraform/plugin/best-practices/sensitive-state#using-sensitive-flag-functionality) ([#37593](https://togithub.com/hashicorp/terraform-provider-aws/issues/37593)) - resource/aws_lambda_function: Fix issue when `source_code_hash` causes drift even if source code has not changed ([#37669](https://togithub.com/hashicorp/terraform-provider-aws/issues/37669)) - resource/aws_lambda_layer_version: Fix issue when `source_code_hash` forces a replacement even if source code has not changed ([#37646](https://togithub.com/hashicorp/terraform-provider-aws/issues/37646)) - resource/aws_m2\_deployment: Fix `state` error on `deployment_id` during start/stop update ([#37581](https://togithub.com/hashicorp/terraform-provider-aws/issues/37581)) - resource/aws_storagegateway_smb_file_share: Fix crash when `cache_attributes` is removed on update ([#37611](https://togithub.com/hashicorp/terraform-provider-aws/issues/37611)) ### [`v5.50.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5500-May-17-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.49.0...v5.50.0) ENHANCEMENTS: - data-source/aws_budgets_budget: Add `tags` attribute ([#37361](https://togithub.com/hashicorp/terraform-provider-aws/issues/37361)) - data-source/aws_instance: Add `launch_time` attribute ([#37002](https://togithub.com/hashicorp/terraform-provider-aws/issues/37002)) - resource/aws_budgets_budget: Add `tags` argument ([#37361](https://togithub.com/hashicorp/terraform-provider-aws/issues/37361)) - resource/aws_budgets_budget_action: Add `tags` argument ([#37361](https://togithub.com/hashicorp/terraform-provider-aws/issues/37361)) - resource/aws_ecs_account_setting_default: Add support for `fargateTaskRetirementWaitPeriod` value in `Name` argument ([#37018](https://togithub.com/hashicorp/terraform-provider-aws/issues/37018)) - resource/aws_ssm_resource_data_sync: Add plan-time validation of `s3_destination.kms_key_arn`, `s3_destination.region` and `s3_destination.sync_format` ([#37481](https://togithub.com/hashicorp/terraform-provider-aws/issues/37481)) BUG FIXES: - data-source/aws_bedrock_foundation_models: Fix validation regex for the `by_provider` argument ([#37306](https://togithub.com/hashicorp/terraform-provider-aws/issues/37306)) - resource/aws_dynamodb_table: Fix `UnknownOperationException: Tagging is not currently supported in DynamoDB Local` errors on resource Read ([#37472](https://togithub.com/hashicorp/terraform-provider-aws/issues/37472)) - resource/aws_glue_job: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `notify_delay_after` is empty (`null`) ([#37347](https://togithub.com/hashicorp/terraform-provider-aws/issues/37347)) - resource/aws_iam_server_certificate: Now correctly reads tags after update and on read. ([#37483](https://togithub.com/hashicorp/terraform-provider-aws/issues/37483)) - resource/aws_lakeformation_data_cells_filter: Fix inconsistent `state` error when using `row_filter.all_rows_wildcard` ([#37433](https://togithub.com/hashicorp/terraform-provider-aws/issues/37433)) - resource/aws_organizations_account: Allow import of accounts with IAM access to the AWS Billing and Cost Management console ([#35662](https://togithub.com/hashicorp/terraform-provider-aws/issues/35662)) - resource/aws_ram_principal_association: Correct plan-time validation of `principal` to fix `panic: unexpected format for ID parts ([...]), the following id parts indexes are blank ([1])` ([#37450](https://togithub.com/hashicorp/terraform-provider-aws/issues/37450)) - resource/aws_route53\_record: Change region default to us-east-1 ([#37565](https://togithub.com/hashicorp/terraform-provider-aws/issues/37565)) - resource/aws_vpc_endpoint_service: Fix destroy error when endpoint service is deleted out-of-band ([#37534](https://togithub.com/hashicorp/terraform-provider-aws/issues/37534)) ### [`v5.49.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5490-May-10-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.48.0...v5.49.0) FEATURES: - **New Data Source:** `aws_datazone_environment_blueprint` ([#36600](https://togithub.com/hashicorp/terraform-provider-aws/issues/36600)) - **New Resource:** `aws_bedrockagent_data_source` ([#37158](https://togithub.com/hashicorp/terraform-provider-aws/issues/37158)) - **New Resource:** `aws_datazone_domain` ([#36600](https://togithub.com/hashicorp/terraform-provider-aws/issues/36600)) - **New Resource:** `aws_datazone_environment_blueprint_configuration` ([#36600](https://togithub.com/hashicorp/terraform-provider-aws/issues/36600)) ENHANCEMENTS: - data-source/aws_iam_policy_document: Add `minified_json` attribute ([#35677](https://togithub.com/hashicorp/terraform-provider-aws/issues/35677)) - resource/aws_dynamodb_table_export: Add plan-time validation of `table_arn` ([#37288](https://togithub.com/hashicorp/terraform-provider-aws/issues/37288)) - resource/aws_kms_key: Add `rotation_period_in_days` argument ([#37140](https://togithub.com/hashicorp/terraform-provider-aws/issues/37140)) - resource/aws_securitylake_subscriber_notification: Better handles importing resource ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332)) - resource/aws_securitylake_subscriber_notification: Deprecates `endpoint_id` in favor of `subscriber_endpoint` ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332)) - resource/aws_securitylake_subscriber_notification: Handles `configuration.https_notification_configuration.authorization_api_key_value` as sensitive value ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332)) BUG FIXES: - data-source/aws_fsx_ontap_storage_virtual_machine: Correctly set `tags` on Read ([#37353](https://togithub.com/hashicorp/terraform-provider-aws/issues/37353)) - data-source/aws_rds_orderable_db_instance: Fix `InvalidParameterValue: Invalid value 3412 for MaxRecords. Must be between 20 and 1000` errors ([#37251](https://togithub.com/hashicorp/terraform-provider-aws/issues/37251)) - data-source/aws_resourceexplorer2\_search: Fix 401 unauthorized error due to missing `view_arn` in the AWS API request ([#36778](https://togithub.com/hashicorp/terraform-provider-aws/issues/36778)) - data-source/aws_resourceexplorer2\_search: Fix panic caused by bad mappping between Terraform and AWS schemas ([#36778](https://togithub.com/hashicorp/terraform-provider-aws/issues/36778)) - data-source/aws_resourceexplorer2\_search: Fix state persistence and data types ([#36778](https://togithub.com/hashicorp/terraform-provider-aws/issues/36778)) - resource/aws_bedrockagent_agent: Fix to use the configured `prepare_agent` value (or default value of `true` when omitted) for all create and update operations ([#37405](https://togithub.com/hashicorp/terraform-provider-aws/issues/37405)) - resource/aws_elasticsearch_domain: Fix handling of unset `auto_tune_options.rollback_on_disable` argument ([#37394](https://togithub.com/hashicorp/terraform-provider-aws/issues/37394)) - resource/aws_fsx_ontap_storage_virtual_machine: Correctly set `tags` and `tags_all` on resource Read ([#37353](https://togithub.com/hashicorp/terraform-provider-aws/issues/37353)) - resource/aws_fsx_openzfs_file_system: Correctly set `tags` and `tags_all` on resource Read ([#37353](https://togithub.com/hashicorp/terraform-provider-aws/issues/37353)) - resource/aws_kms_custom_key_store: Change `trust_anchor_certificate` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#37092](https://togithub.com/hashicorp/terraform-provider-aws/issues/37092)) - resource/aws_opensearch_domain: Fix handling of unset `auto_tune_options.rollback_on_disable` argument ([#37394](https://togithub.com/hashicorp/terraform-provider-aws/issues/37394)) - resource/aws_opensearch_domain: Wait for `auto_tune_options` to be applied during creation ([#37394](https://togithub.com/hashicorp/terraform-provider-aws/issues/37394)) - resource/aws_securitylake_aws_log_source: Correctly handles unspecified `source_version` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_aws_log_source: Prevents errors when creating multiple log sources concurrently ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_custom_log_source: Prevents errors when creating multiple log sources concurrently ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_custom_log_source: Validates length of `source_name` parameter ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_subscriber: Allow more than one log source ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_subscriber: Correctly handles unspecified `access_type` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_subscriber: Correctly handles unspecified `source_version` parameter for `aws_log_source_resource` and `custom_log_source_resource` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_subscriber: Correctly requires `source_name` parameter for `aws_log_source_resource` and `custom_log_source_resource` ([#36268](https://togithub.com/hashicorp/terraform-provider-aws/issues/36268)) - resource/aws_securitylake_subscriber_notification: No longer recreates resource when not needed ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332)) - resource/aws_securitylake_subscriber_notification: Requires value for `configuration.https_notification_configuration.endpoint` ([#37332](https://togithub.com/hashicorp/terraform-provider-aws/issues/37332)) - resource/provider: Change the AWS SDK for Go v2 API client [`BackoffDelayer`](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2@v1.26.1/aws/retry#BackoffDelayer) to maintain behavioral compatibility with AWS SDK for Go v1 ([#37404](https://togithub.com/hashicorp/terraform-provider-aws/issues/37404)) ### [`v5.48.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5480-May-2-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.47.0...v5.48.0) FEATURES: - **New Resource:** `aws_bedrockagent_agent_knowledge_base_association` ([#37185](https://togithub.com/hashicorp/terraform-provider-aws/issues/37185)) ENHANCEMENTS: - resource/aws_cloudwatch_event_target: Add `force_destroy` argument ([#37130](https://togithub.com/hashicorp/terraform-provider-aws/issues/37130)) - resource/aws_elasticache_replication_group: Increase default Delete timeout to 45 minutes ([#37182](https://togithub.com/hashicorp/terraform-provider-aws/issues/37182)) - resource/aws_elasticache_replication_group: Use the configured Delete timeout when detaching from any global replication group ([#37182](https://togithub.com/hashicorp/terraform-provider-aws/issues/37182)) - resource/aws_fsx_ontap_file_system: Add support for specifying 1 ha_pair with `SINGLE_AZ_1` and `MULTI_AZ_1` deployment types ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511)) - resource/aws_fsx_ontap_file_system: Increase `storage_capacity` maximum to 1PiB ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511)) - resource/aws_fsx_ontap_file_system: Support up to 12 `ha_pairs` ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511)) - resource/aws_fsx_ontap_file_system: Update `throughput_capacity_per_ha_pair` to support all values from `throughput_capacity` ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511)) - resource/aws_fsx_ontap_volume: Add `aggregate_configuration` configuration block ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511)) - resource/aws_fsx_ontap_volume: Add `size_in_bytes` and `volume_style` arguments ([#36511](https://togithub.com/hashicorp/terraform-provider-aws/issues/36511)) BUG FIXES: - resource/aws_bcmdataexports_export: Fix `table_configurations` expand/flatten ([#37205](https://togithub.com/hashicorp/terraform-provider-aws/issues/37205)) - resource/aws_cloudwatch_event_connection: Add plan-time validation preventing empty `auth_parameters.oauth.oauth_http_parameters` or `auth_parameters.invocation_http_parameters` `body`, `header` and `query_string` configuration blocks ([#26755](https://togithub.com/hashicorp/terraform-provider-aws/issues/26755)) - resource/aws_elasticache_replication_group: Decrease replica count after other updates ([#34819](https://togithub.com/hashicorp/terraform-provider-aws/issues/34819)) - resource/aws_elasticache_replication_group: Fix `unexpected state 'snapshotting'` errors when increasing or decreasing replica count ([#30493](https://togithub.com/hashicorp/terraform-provider-aws/issues/30493)) ### [`v5.47.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5470-April-26-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.46.0...v5.47.0) NOTES: - provider: Updates to Go 1.22. This is the last Go release that will run on macOS 10.15 Catalina ([#36996](https://togithub.com/hashicorp/terraform-provider-aws/issues/36996)) - resource/aws_bedrockagent_knowledge_base: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#36783](https://togithub.com/hashicorp/terraform-provider-aws/issues/36783)) FEATURES: - **New Data Source:** `aws_identitystore_groups` ([#36993](https://togithub.com/hashicorp/terraform-provider-aws/issues/36993)) - **New Resource:** `aws_bcmdataexports_export` ([#36847](https://togithub.com/hashicorp/terraform-provider-aws/issues/36847)) - **New Resource:** `aws_bedrockagent_agent` ([#36851](https://togithub.com/hashicorp/terraform-provider-aws/issues/36851)) - **New Resource:** `aws_bedrockagent_agent_action_group` ([#36935](https://togithub.com/hashicorp/terraform-provider-aws/issues/36935)) - **New Resource:** `aws_bedrockagent_agent_alias` ([#36905](https://togithub.com/hashicorp/terraform-provider-aws/issues/36905)) - **New Resource:** `aws_bedrockagent_knowledge_base` ([#36783](https://togithub.com/hashicorp/terraform-provider-aws/issues/36783)) - **New Resource:** `aws_globalaccelerator_cross_account_attachment` ([#35991](https://togithub.com/hashicorp/terraform-provider-aws/issues/35991)) - **New Resource:** `aws_verifiedpermissions_policy` ([#35413](https://togithub.com/hashicorp/terraform-provider-aws/issues/35413)) ENHANCEMENTS: - data-source/aws_eip: Add `arn` attribute ([#35991](https://togithub.com/hashicorp/terraform-provider-aws/issues/35991)) - resource/aws_api_gateway_rest_api: Correctly set `root_resource_id` on resource Read ([#37040](https://togithub.com/hashicorp/terraform-provider-aws/issues/37040)) - resource/aws_appmesh_mesh: Add `spec.service_discovery` argument ([#37042](https://togithub.com/hashicorp/terraform-provider-aws/issues/37042)) - resource/aws_cloudformation_stack_set: Adds guidance on permissions when using delegated administrator account ([#37069](https://togithub.com/hashicorp/terraform-provider-aws/issues/37069)) - resource/aws_db_instance: Add `dedicated_log_volume` argument ([#36503](https://togithub.com/hashicorp/terraform-provider-aws/issues/36503)) - resource/aws_eip: Add `arn` attribute ([#35991](https://togithub.com/hashicorp/terraform-provider-aws/issues/35991)) - resource/aws_elasticache_replication_group: Add `transit_encryption_mode` argument ([#30403](https://togithub.com/hashicorp/terraform-provider-aws/issues/30403)) - resource/aws_elasticache_replication_group: Changes to the `transit_encryption_enabled` argument can now be done in-place for engine versions > `7.0.5` ([#30403](https://togithub.com/hashicorp/terraform-provider-aws/issues/30403)) - resource/aws_kinesis_firehose_delivery_stream: Add `snowflake_configuration` argument ([#36646](https://togithub.com/hashicorp/terraform-provider-aws/issues/36646)) - resource/aws_memorydb_user: Support IAM authentication mode ([#32027](https://togithub.com/hashicorp/terraform-provider-aws/issues/32027)) - resource/aws_sagemaker_app_image_config: Add `code_editor_app_image_config` and `jupyter_lab_image_config.jupyter_lab_image_config` arguments ([#37059](https://togithub.com/hashicorp/terraform-provider-aws/issues/37059)) - resource/aws_sagemaker_app_image_config: Change `kernel_gateway_image_config.kernel_spec` MaxItems to 5 ([#37059](https://togithub.com/hashicorp/terraform-provider-aws/issues/37059)) - resource/aws_transfer_server: Add `sftp_authentication_methods` argument ([#37015](https://togithub.com/hashicorp/terraform-provider-aws/issues/37015)) BUG FIXES: - resource/aws_batch_job_definition: Fix issues where changes causing a new `revision` do not trigger changes in dependent resources and/or cause an error, "Provider produced inconsistent final plan" ([#37111](https://togithub.com/hashicorp/terraform-provider-aws/issues/37111)) - resource/aws_ce_cost_category: Allow up to 3 levels of `and`, `not` and `or` operand nesting for the `rule` argument ([#30862](https://togithub.com/hashicorp/terraform-provider-aws/issues/30862)) - resource/aws_elasticache_replication_group: Fix excessive delay on read ([#30403](https://togithub.com/hashicorp/terraform-provider-aws/issues/30403)) - resource/aws_servicecatalog_portfolio: Fixes error where deletion fails if resource was deleted out of band. ([#37066](https://togithub.com/hashicorp/terraform-provider-aws/issues/37066)) - resource/aws_servicecatalog_provisioned_product: Fixes error where tag values are not applied to products when tag values don't change. ([#37066](https://togithub.com/hashicorp/terraform-provider-aws/issues/37066)) ### [`v5.46.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5460-April-18-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.45.0...v5.46.0) NOTES: - provider: When using YAML or JSON documents, such as in `template_body` of `aws_cloudformation_stack`, CRLF was previously treated as different from LF but these are now treated as equivalent in many situations ([#14270](https://togithub.com/hashicorp/terraform-provider-aws/issues/14270)) FEATURES: - **New Resource:** `aws_eip_domain_name` ([#36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963)) ENHANCEMENTS: - data-source/aws_alb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - data-source/aws_eip: Add `ptr_record` attribute ([#36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963)) - data-source/aws_iam_policy: Add `attachment_count` attribute ([#36759](https://togithub.com/hashicorp/terraform-provider-aws/issues/36759)) - data-source/aws_lb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - data-source/aws_organizations_organization: Add `master_account_name` attribute ([#36797](https://togithub.com/hashicorp/terraform-provider-aws/issues/36797)) - data-source/aws_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` attribute ([#36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934)) - resource/aws_alb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - resource/aws_autoscaling_group: Add `alarm_specification` to the `instance_refresh.preferences` configuration block ([#36954](https://togithub.com/hashicorp/terraform-provider-aws/issues/36954)) - resource/aws_cloudformation_stack_set: Add retry when creating to potentially help with eventual consistency problems ([#36982](https://togithub.com/hashicorp/terraform-provider-aws/issues/36982)) - resource/aws_cloudfront_origin_access_control: Add `lambda` and `mediapackagev2` as valid values for `origin_access_control_origin_type` ([#34362](https://togithub.com/hashicorp/terraform-provider-aws/issues/34362)) - resource/aws_cloudwatch_event_rule: Add `force_destroy` attribute ([#34905](https://togithub.com/hashicorp/terraform-provider-aws/issues/34905)) - resource/aws_codebuild_project: Add GitLab and GitLab Self Managed support to the `report_build_status` and `build_status_config` arguments ([#36942](https://togithub.com/hashicorp/terraform-provider-aws/issues/36942)) - resource/aws_default_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` as Computed attribute ([#36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934)) - resource/aws_dms_replication_task: Add `resource_identifier` argument ([#36901](https://togithub.com/hashicorp/terraform-provider-aws/issues/36901)) - resource/aws_eip: Add `ptr_record` attribute ([#36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963)) - resource/aws_elasticache_serverless_cache: Add `minimum` attribute in `cache_usage_limits.data_storage` and `cache_usage_limits.ecpu_per_second` ([#36766](https://togithub.com/hashicorp/terraform-provider-aws/issues/36766)) - resource/aws_fsx_openzfs_file_system: Add `endpoint_ip_address` attribute ([#36767](https://togithub.com/hashicorp/terraform-provider-aws/issues/36767)) - resource/aws_iam_policy: Add `attachment_count` attribute ([#36759](https://togithub.com/hashicorp/terraform-provider-aws/issues/36759)) - resource/aws_imagebuilder_image: Add `execution_role` and `workflow` arguments ([#36953](https://togithub.com/hashicorp/terraform-provider-aws/issues/36953)) - resource/aws_lb: Add `client_keep_alive` argument ([#36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - resource/aws_mwaa_environment: Add `database_vpc_endpoint_service` and `webserver_vpc_endpoint_service` attributes ([#36903](https://togithub.com/hashicorp/terraform-provider-aws/issues/36903)) - resource/aws_organizations_organization: Add `master_account_name` attribute ([#36797](https://togithub.com/hashicorp/terraform-provider-aws/issues/36797)) - resource/aws_transfer_connector: Add `security_policy_name` argument ([#36893](https://togithub.com/hashicorp/terraform-provider-aws/issues/36893)) - resource/aws_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` attribute ([#36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934)) - resource/aws_vpc_ipam_pool: Add `cascade` argument ([#36898](https://togithub.com/hashicorp/terraform-provider-aws/issues/36898)) BUG FIXES: - data-source/aws_iam_policy_document: When using multiple principals, sort them to avoid differences based only on order ([#25967](https://togithub.com/hashicorp/terraform-provider-aws/issues/25967)) - resource/aws_appconfig_deployment: Fix `ConflictException` errors on resource Create ([#36980](https://togithub.com/hashicorp/terraform-provider-aws/issues/36980)) - resource/aws_ce_anomaly_monitor: Change `monitor_dimension` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#36773](https://togithub.com/hashicorp/terraform-provider-aws/issues/36773)) - resource/aws_ce_anomaly_subscription: Change `account_id` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#36773](https://togithub.com/hashicorp/terraform-provider-aws/issues/36773)) - resource/aws_cloudformation_stack: CRLF line endings in `template_body` no longer cause erroneous diffs ([#14270](https://togithub.com/hashicorp/terraform-provider-aws/issues/14270)) - resource/aws_db_proxy: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `auth` is empty (`{}`) ([#36967](https://togithub.com/hashicorp/terraform-provider-aws/issues/36967)) - resource/aws_dms_replication_config: Adds validation to `replication_settings` to disallow `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream`. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_config: Suppresses differences in partial `replication_settings` JSON documents. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_task: Adds validation to `replication_task_settings` to disallow `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream`. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_task: Allows leaving `replication_task_settings` unset to use default settings. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_task: Suppresses differences in partial `replication_task_settings` JSON documents. ([#36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_fsx_windows_file_system: Fix error `BadRequest: AuditLogDestination must not be provided when auditing is disabled` when updating `audit_log_configuration.0.file_access_audit_log_level` and `audit_log_configuration.0.file_share_access_audit_log_level` to `"DISABLED"` ([#36928](https://togithub.com/hashicorp/terraform-provider-aws/issues/36928)) - resource/aws_glue_job: Mark `number_of_workers` and `worker_type` as optional/computed, preventing persistent differences when `max_capacity` is set. ([#36770](https://togithub.com/hashicorp/terraform-provider-aws/issues/36770)) - resource/aws_iam_user_login_profile: Fix forced re-creation when `password_reset_required` is `true` and initial password reset is completed ([#36926](https://togithub.com/hashicorp/terraform-provider-aws/issues/36926)) - resource/aws_lightsail_distribution: Fix to properly set `certificate_name` on create and update ([#36888](https://togithub.com/hashicorp/terraform-provider-aws/issues/36888)) - resource/aws_vpc_dhcp_options: Fix `NotFound` error handling on delete ([#36933](https://togithub.com/hashicorp/terraform-provider-aws/issues/36933)) ### [`v5.45.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5450-April-11-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.44.0...v5.45.0) NOTES: - resource/aws_redshift_cluster: The `logging` argument is now deprecated. Use the `aws_redshift_logging` resource instead. ([#36862](https://togithub.com/hashicorp/terraform-provider-aws/issues/36862)) - resource/aws_redshift_cluster: The `snapshot_copy` argument is now deprecated. Use the `aws_redshift_snapshot_copy` resource instead. ([#36810](https://togithub.com/hashicorp/terraform-provider-aws/issues/36810)) FEATURES: - **New Resource:** `aws_redshift_logging` ([#36862](https://togithub.com/hashicorp/terraform-provider-aws/issues/36862)) - **New Resource:** `aws_redshift_snapshot_copy` ([#36810](https://togithub.com/hashicorp/terraform-provider-aws/issues/36810)) ENHANCEMENTS: - data-source/aws_sagemaker_prebuilt_ecr_image: Add `registry_id` for `af-south-1` AWS Region ([#36803](https://togithub.com/hashicorp/terraform-provider-aws/issues/36803)) - resource/aws_api_gateway_documentation_part: Add `documentation_part_id` attribute ([#36445](https://togithub.com/hashicorp/terraform-provider-aws/issues/36445)) - resource/aws_wafregional_web_acl_association: Add configurable timeouts ([#36445](https://togithub.com/hashicorp/terraform-provider-aws/issues/36445)) - resource/aws_wafregional_web_acl_association: Add plan-time validation of `resource_arn` ([#36445](https://togithub.com/hashicorp/terraform-provider-aws/issues/36445)) BUG FIXES: - provider: Change the default AWS SDK for Go v2 API client [`MaxBackoff`](https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/retries-timeouts/#limiting-the-max-back-off-delay) value to 300 seconds so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 ([#36855](https://togithub.com/hashicorp/terraform-provider-aws/issues/36855)) - resource/aws_datasync_location_object_storage: Allow update to `agent_arns` ([#36819](https://togithub.com/hashicorp/terraform-provider-aws/issues/36819)) - resource/aws_devopsguru_notification_channel: Fix persistent diff when `filters.message_types` or `filters.severities` contains multiple elements ([#36804](https://togithub.com/hashicorp/terraform-provider-aws/issues/36804)) - resource/aws_securityhub_configuration_policy: Mark `configuration_policy.enabled_standard_arns` as Optional, fixing `InvalidInputException: Invalid semantics: Enabled standards and security control configurations must be configured when Security Hub is enabled` errors ([#36740](https://togithub.com/hashicorp/terraform-provider-aws/issues/36740)) ### [`v5.44.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5440-April-4-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.43.0...v5.44.0) FEATURES: - **New Data Source:** `aws_devopsguru_notification_channel` ([#36656](https://togithub.com/hashicorp/terraform-provider-aws/issues/36656)) - **New Data Source:** `aws_devopsguru_resource_collection` ([#36657](https://togithub.com/hashicorp/terraform-provider-aws/issues/36657)) - **New Data Source:** `aws_ecr_lifecycle_policy_document` ([#6133](https://togithub.com/hashicorp/terraform-provider-aws/issues/6133)) - **New Function:** `trim_iam_role_path` ([#36723](https://togithub.com/hashicorp/terraform-provider-aws/issues/36723)) - **New Resource:** `aws_devopsguru_service_integration` ([#36694](https://togithub.com/hashicorp/terraform-provider-aws/issues/36694)) ENHANCEMENTS: - data-source/aws_servicecatalogappregistry_application: Add `application_tag` attribute ([#36647](https://togithub.com/hashicorp/terraform-provider-aws/issues/36647)) - data/aws_glue_data_catalog_encryption_settings: Add `data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role` attribute ([#35978](https://togithub.com/hashicorp/terraform-provider-aws/issues/35978)) - resource/aws_appstream_fleet: Add `desired_sessions` argument to the `compute_capacity` block. ([#34266](https://togithub.com/hashicorp/terraform-provider-aws/issues/34266)) - resource/aws_appstream_fleet: Add `max_sessions_per_instance` argument. ([#34266](https://togithub.com/hashicorp/terraform-provider-aws/issues/34266)) - resource/aws_batch_job_definition: Add update functions instead of ForceNew. Add `deregister_on_new_revision` to allow keeping prior versions ACTIVE when a new revision is published. ([#35149](https://togithub.com/hashicorp/terraform-provider-aws/issues/35149)) - resource/aws_db_instance: Adds warning when setting `character_set_name` when `replicate_source_db`, `restore_to_point_in_time`, or `snapshot_identifier` is set ([#36518](https://togithub.com/hashicorp/terraform-provider-aws/issues/36518)) - resource/aws_emr_cluster: Add `unhealthy_node_replacement` argument ([#36523](https://togithub.com/hashicorp/terraform-provider-aws/issues/36523)) - resource/aws_glue_data_catalog_encryption_settings: Add `data_catalog_encryption_settings.encryption_at_rest.catalog_encryption_service_role` argument ([#35978](https://togithub.com/hashicorp/terraform-provider-aws/issues/35978)) - resource/aws_lambda_function: Add support for `ruby3.3` `runtime` value ([#36751](https://togithub.com/hashicorp/terraform-provider-aws/issues/36751)) - resource/aws_lambda_layer_version: Add support for `ruby3.3` `compatible_runtimes` value ([#36751](https://togithub.com/hashicorp/terraform-provider-aws/issues/36751)) - resource/aws_servicecatalogappregistry_application: Add `application_tag` attribute ([#36647](https://togithub.com/hashicorp/terraform-provider-aws/issues/36647)) - resource/aws_transfer_server: Add `s3_storage_options` configuration block ([#36664](https://togithub.com/hashicorp/terraform-provider-aws/issues/36664)) - resource/aws_wafv2\_web_acl: Add `address_fields` and `phone_number_fields` to `statement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_acfp_rule_set.request_inspection` ([#36685](https://togithub.com/hashicorp/terraform-provider-aws/issues/36685)) BUG FIXES: - provider: Correctly handles user agents passed using `TF_APPEND_USER_AGENT` which contain `/`, `(`, `)`, or space. ([#36738](https://togithub.com/hashicorp/terraform-provider-aws/issues/36738)) - resource/aws_batch_scheduling_policy: Fixes error where tags could not be updated ([#36517](https://togithub.com/hashicorp/terraform-provider-aws/issues/36517)) - resource/aws_cloudfront_key_value_store: Serialize CloudFront KeyValueStore access ([#36734](https://togithub.com/hashicorp/terraform-provider-aws/issues/36734)) - resource/aws_cloudfrontkeyvaluestore_key: Serialize CloudFront KeyValueStore access ([#36734](https://togithub.com/hashicorp/terraform-provider-aws/issues/36734)) - resource/aws_cognito_user_pool: Correct plan-time validation of `email_verification_message`, `email_verification_subject`, `admin_create_user_config.invite_message_template.email_message`, `admin_create_user_config.invite_message_template.email_subject`, `admin_create_user_config.invite_message_template.sms_message`, `sms_authentication_message`, `sms_verification_message`, `verification_message_template.email_message`, `verification_message_template.email_message_by_link`, `verification_message_template.email_subject`, `verification_message_template.email_subject_by_link`, and `verification_message_template.sms_message` to count UTF-8 characters properly ([#36661](https://togithub.com/hashicorp/terraform-provider-aws/issues/36661)) - resource/aws_ecr_lifecycle_policy: Add missing `tagPatternList` change detection in policy JSON ([#35231](https://togithub.com/hashicorp/terraform-provider-aws/issues/35231)) - resource/aws_ecs_service: Correctly set `alarms.rollback` on resource Create and Update ([#36691](https://togithub.com/hashicorp/terraform-provider-aws/issues/36691)) - resource/aws_iam_user: When `force_destroy` is used and there are inline or attached policies, allow resource to be destroyed ([#36640](https://togithub.com/hashicorp/terraform-provider-aws/issues/36640)) - resource/aws_imagebuilder_distribution_configuration: Fix validation regex for `ami_distribution_configuration.name` ([#36659](https://togithub.com/hashicorp/terraform-provider-aws/issues/36659)) - resource/aws_redshift_cluster: Fix error preventing modification of a configured `snapshot_copy` block ([#36655](https://togithub.com/hashicorp/terraform-provider-aws/issues/36655)) - resource/aws_route53\_record: Fix to correctly interpret alias names with wildcards ([#36699](https://togithub.com/hashicorp/terraform-provider-aws/issues/36699)) ### [`v5.43.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5430-March-28-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.42.0...v5.43.0) FEATURES: - **New Data Source:** `aws_resourceexplorer2_search` ([#36560](https://togithub.com/hashicorp/terraform-provider-aws/issues/36560)) - **New Data Source:** `aws_servicecatalogappregistry_application` ([#36596](https://togithub.com/hashicorp/terraform-provider-aws/issues/36596)) - **New Resource:** `aws_cloudfrontkeyvaluestore_key` ([#36534](https://togithub.com/hashicorp/terraform-provider-aws/issues/36534)) - **New Resource:** `aws_devopsguru_notification_channel` ([#36557](https://togithub.com/hashicorp/terraform-provider-aws/issues/36557)) - **New Resource:** `aws_dynamodb_resource_policy` ([#36595](https://togithub.com/hashicorp/terraform-provider-aws/issues/36595)) - **New Resource:** `aws_ec2_instance_metadata_defaults` ([#36589](https://togithub.com/hashicorp/terraform-provider-aws/issues/36589)) - **New Resource:** `aws_lakeformation_resource_lf_tag` ([#36537](https://togithub.com/hashicorp/terraform-provider-aws/issues/36537)) - **New Resource:** `aws_m2_application` ([#35399](https://togithub.com/hashicorp/terraform-provider-aws/issues/35399)) - **New Resource:** `aws_m2_deployment` ([#35408](https://togithub.com/hashicorp/terraform-provider-aws/issues/35408)) - **New Resource:** `aws_m2_environment` ([#35311](https://togithub.com/hashicorp/terraform-provider-aws/issues/35311)) - **New Resource:** `aws_redshiftserverless_custom_domain_association` ([#35865](https://togithub.com/hashicorp/terraform-provider-aws/issues/35865)) - **New Resource:** `aws_servicecatalogappregistry_application` ([#36277](https://togithub.com/hashicorp/terraform-provider-aws/issues/36277)) ENHANCEMENTS: - data-source/aws_cloudfront_function: Add `key_value_store_associations` attribute ([#36585](https://togithub.com/hashicorp/terraform-provider-aws/issues/36585)) - data-source/aws_db_snapshot: Add `original_snapshot_create_time` attribute ([#36544](https://togithub.com/hashicorp/terraform-provider-aws/issues/36544)) - resource/aws_cloudfront_function: Add `key_value_store_associations` argument ([#36585](https://togithub.com/hashicorp/terraform-provider-aws/issues/36585)) - resource/aws_ec2\_host: Add user configurable timeouts ([#36538](https://togithub.com/hashicorp/terraform-provider-aws/issues/36538)) - resource/aws_glacier_vault_lock: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_iam_group_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_iam_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_iam_role: Allow `assume_role_policy` and `inline_policy.*.policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_iam_role_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_iam_user_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_kinesisanalyticsv2\_application: Add support for `FLINK-1_18` `runtime_environment` value ([#36562](https://togithub.com/hashicorp/terraform-provider-aws/issues/36562)) - resource/aws_media_store_container_policy: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_ssoadmin_permission_set_inline_policy: Allow `inline_policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_transfer_access: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_transfer_user: Allow `policy` to have leading whitespace ([#36597](https://togithub.com/hashicorp/terraform-provider-aws/issues/36597)) - resource/aws_vpc_ipam: Add `tier` argument ([#36504](https://togithub.com/hashicorp/terraform-provider-aws/issues/36504)) BUG FIXES: - data-source/aws_cur_report_definition: Direct all API calls to the `us-east-1` endpoint as this is the only Region in which AWS Cost and Usage Reports is available ([#36540](https://togithub.com/hashicorp/terraform-provider-aws/issues/36540)) - resource/aws_applicationinsights_application: Make `ACTIVE` a valid create target status ([#36615](https://togithub.com/hashicorp/terraform-provider-aws/issues/36615)) - resource/aws_autoscaling_group: Don't attempt to remove scale-in protection from instances that don't have the feature enabled ([#36586](https://togithub.com/hashicorp/terraform-provider-aws/issues/36586)) - resource/aws_cur_report_definition: Direct all API calls to the `us-east-1` endpoint as this is the only Region in which AWS Cost and Usage Reports is available ([#36540](https://togithub.com/hashicorp/terraform-provider-aws/issues/36540)) - resource/aws_elasticsearch_domain_policy: Handle delayed domain status propagation, preventing a `ValidationException`. ([#36592](https://togithub.com/hashicorp/terraform-provider-aws/issues/36592)) - resource/aws_iam_instance_profile: Detect when the associated `role` no longer exists ([#34099](https://togithub.com/hashicorp/terraform-provider-aws/issues/34099)) - resource/aws_instance: Replace an instance when an `instance_type` change also requires an architecture change, such as x86\_64 to arm64 ([#36590](https://togithub.com/hashicorp/terraform-provider-aws/issues/36590)) - resource/aws_opensearch_domain_policy: Handle delayed domain status propagation, preventing a `ValidationException`. ([#36592](https://togithub.com/hashicorp/terraform-provider-aws/issues/36592)) - resource/aws_quicksight_dashboard: Fix failure when updating a dashboard takes a while ([#34227](https://togithub.com/hashicorp/terraform-provider-aws/issues/34227)) - resource/aws_quicksight_template: Fix "Invalid address to set" errors ([#34227](https://togithub.com/hashicorp/terraform-provider-aws/issues/34227)) - resource/aws_quicksight_template: Fix "a number is required" errors when state contains an empty string ([#34227](https://togithub.com/hashicorp/terraform-provider-aws/issues/34227)) - resource/aws_redshift_cluster: Fix `InvalidParameterCombination` errors when updating only `skip_final_snapshot` ([#36635](https://togithub.com/hashicorp/terraform-provider-aws/issues/36635)) - resource/aws_route53\_zone: Prevent re-creation when `name` casing changes ([#36563](https://togithub.com/hashicorp/terraform-provider-aws/issues/36563)) - resource/aws_secretsmanager_secret_version: Fix to handle versions deleted out-of-band without raising an `InvalidRequestException` ([#36609](https://togithub.com/hashicorp/terraform-provider-aws/issues/36609)) - resource/aws_ssm_parameter: force create a new SSM parameter when `data_type` is updated. ([#35960](https://togithub.com/hashicorp/terraform-provider-aws/issues/35960)) ### [`v5.42.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5420-March-22-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.41.0...v5.42.0) FEATURES: - **New Data Source:** `aws_redshift_producer_data_shares` ([#36481](https://togithub.com/hashicorp/terraform-provider-aws/issues/36481)) - **New Resource:** `aws_devopsguru_event_sources_config` ([#36485](https://togithub.com/hashicorp/terraform-provider-aws/issues/36485)) - **New Resource:** `aws_devopsguru_resource_collection` ([#36489](https://togithub.com/hashicorp/terraform-provider-aws/issues/36489)) - **New Resource:** `aws_dynamodb_table_export` ([#30399](https://togithub.com/hashicorp/terraform-provider-aws/issues/30399)) ENHANCEMENTS: - data-source/aws_vpc_peering_connection: Add `ipv6_cidr_block_set` and `peer_ipv6_cidr_block_set` attributes ([#36391](https://togithub.com/hashicorp/terraform-provider-aws/issues/36391)) - resource/aws_datasync_location_hdfs: Add `kerberos_keytab_base64` and `kerberos_krb5_conf_base64` arguments ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072)) - resource/aws_finspace_kx_dataview: Add `read_write` and `segment_configuration.on_demand` arguments ([#36486](https://togithub.com/hashicorp/terraform-provider-aws/issues/36486)) - resource/aws_rds_cluster: Add `enable_local_write_forwarding` argument to support Aurora MySQL local write forwarding ([#34370](https://togithub.com/hashicorp/terraform-provider-aws/issues/34370)) BUG FIXES: - provider: Change the default AWS SDK for Go v2 API client [`RateLimiter`](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#RateLimiter) to [`ratelimit.None`](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/ratelimit#pkg-variables) so that services migrated to AWS SDK for Go v2 maintain behavioral compatibility with AWS SDK for Go v1 ([#36467](https://togithub.com/hashicorp/terraform-provider-aws/issues/36467)) - resource/aws_appautoscaling_policy: Fix errors when importing an MSK storage autoscaling policy ([#34934](https://togithub.com/hashicorp/terraform-provider-aws/issues/34934)) - resource/aws_appautoscaling_scheduled_action: Always send `start_time` and `end_time` values on update when configured ([#33713](https://togithub.com/hashicorp/terraform-provider-aws/issues/33713)) - resource/aws_appautoscaling_scheduled_action: Read correct resource by using `scalable_dimension` as an additional filter ([#34382](https://togithub.com/hashicorp/terraform-provider-aws/issues/34382)) - resource/aws_datasync_location_azure_blob: Fix missing `container_url` attribute value and bad `subdirectory` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072)) - resource/aws_datasync_location_efs: Fix missing `efs_file_system_arn` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072)) - resource/aws_datasync_location_hdfs: Mark `qop_configuration` as Computed ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072)) - resource/aws_datasync_location_nfs: Fix missing `server_hostname` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072)) - resource/aws_datasync_location_s3: Fix missing `s3_bucket_arn` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072)) - resource/aws_datasync_location_smb: Fix missing `server_hostname` attribute value from state read/refresh ([#36072](https://togithub.com/hashicorp/terraform-provider-aws/issues/36072)) - resource/aws_dms_replication_config: Fix persistent change in `replication_settings` ([#35670](https://togithub.com/hashicorp/terraform-provider-aws/issues/35670)) - resource/aws_dms_replication_task: Fix persistent change in `replication_task_settings` ([#35670](https://togithub.com/hashicorp/terraform-provider-aws/issues/35670)) - resource/aws_eks_access_entry: Always send `kubernetes_groups` and `user_name` values on update when configured ([#36484](https://togithub.com/hashicorp/terraform-provider-aws/issues/36484)) - resource/aws_glue_job: Adjust `number_of_workers` minimum value to `1` ([#36458](https://togithub.com/hashicorp/terraform-provider-aws/issues/36458)) - resource/aws_lexv2models_slot: Fix custom_payload typo ([#36488](https://togithub.com/hashicorp/terraform-provider-aws/issues/36488)) - resource/aws_route: Allow resource creation if a propagated route to the same destination exists ([#36512](https://togithub.com/hashicorp/terraform-provider-aws/issues/36512)) - resource/aws_vpn_connection: `local_ipv6_network_cidr`, `remote_ipv6_network_cidr`, `tunnel1_inside_ipv6_cidr`, and `tunnel2_inside_ipv6_cidr` no longer require `transit_gateway_id` to be specified ([#36405](https://togithub.com/hashicorp/terraform-provider-aws/issues/36405))Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.