v5.17.0

NOTES:

• cloudbuildv2: changed underlying actuation engine for google_cloudbuildv2_connection, there should be no user-facing impact (#6943)

DEPRECATIONS:

• container: deprecated support for relay_mode field in google_container_cluster.monitoring_config.advanced_datapath_observability_config in favor of enable_relay field, relay_mode field will be removed a future major release (#6960)

FEATURES:

• New Resource: google_firebase_app_check_debug_token (#6953)
• New Resource: google_network_security_firewall_endpoint (#6940)
• New Resource: google_clouddeploy_custom_target_type (#6956)
• New Resource: google_network_security_security_profile_group (#6961)

IMPROVEMENTS:

• cloudasset: allowed overriding the billing project for the google_cloud_asset_resources_search_all datasource (#6941)
• clouddeploy: added support for canary_revision_tags, prior_revision_tags, stable_revision_tags, and stable_cutback_duration to google_clouddeploy_delivery_pipeline (#6951)
• cloudfunctions: added version_id on google_cloudfunctions_function (#6968)
• container: added support for enable_relay field to google_container_cluster.monitoring_config.advanced_datapath_observability_config (#6960)
• eventarc: added support for http_endpoint.uri and network_config.network_attachment to google_eventarc_trigger (#6951)
• healthcare: added reject_duplicate_message field to google_healthcare_hl7_v2_store resource (#6964)
• identityplatform: added client, permissions, monitoring and mfa fields to google_identity_platform_config (#6944)
• notebooks: added desired_state field to google_notebooks_instance (#6965)
• vertexai: added feature_registry_source field to google_vertex_ai_feature_online_store_featureview resource (#6962)
• workbench: added desired_state field to google_workbench_instance resource (#6966)
• workstations: added support for disable_ssh in google_workstations_workstation_config (#6947)

BUG FIXES:

• compute: made resource_manager_tags updatable on google_compute_instance_template and google_compute_region_instance_template (#6958)
• notebooks: prevented recreation of google_notebooks_instance when kms_key or service_account_scopes are changed server-side (#6948)

v5.16.0

FEATURES:

• New Resource: google_clouddeploy_delivery_pipeline_iam_* (#6928)
• New Resource: google_compute_instance_group_membership (#6933)
• New Resource: google_discovery_engine_search_engine (#6919)
• New Resource: google_firebase_app_check_service_config (#6921)

IMPROVEMENTS:

• bigquery: promoted table_replication_info field on resource_bigquery_table resource to GA (#6929)
• compute: added confidential_instance_config.confidential_instance_type field to google_compute_instance, google_compute_instance_template, and google_compute_region_instance_template resources (#6934)
• networksecurity: removed unused custom code from google_network_security_address_group (#6931)
• provider: added an optional provider level label goog-terraform-provisioned to identify resources that were created by Terraform when viewing/editing these resources in other tools. (#6924)

BUG FIXES:

• firebasehosting: fixed typing in google_firebase_hosting_custom_domain issues.details field (#6926)

v5.15.0

FEATURES:

• New Data Source: google_compute_machine_types (#6903)
• New Resource: google_blockchain_node_engine_blockchain_nodes (#6897)
• New Resource: google_compute_region_network_endpoint (#6913)
• New Resource: google_discovery_engine_chat_engine (#6918)
• New Resource: google_discovery_engine_search_engine (#6919)
• New Resource: google_netapp_volume_snapshot (#6914)

IMPROVEMENTS:

• compute: added INTERNET_IP_PORT and INTERNET_FQDN_PORT options for the google_compute_region_network_endpoint_group resource. (#6913)
• compute: added creation_timestamp to google_compute_instance_group_manager and google_compute_region_instance_group_manager. (#6904)
• compute: added disk_id attribute to google_compute_disk resource (#6906)
• compute: added stack_type attribute for google_compute_interconnect_attachment resource. (#6915)
• compute: updated the google_compute_security_policy resource's json_parsing field to accept the value STANDARD_WITH_GRAPHQL (#6898)
• memcache: added reserved_ip_range_id field to google_memcache_instance resource (#6901)
• netapp: added deletion_policy field to google_netapp_volume resource (#6905)

BUG FIXES:

• alloydb: fixed an issue where database_flags in secondary google_alloydb_instance resources would cause a diff, as they are copied from the primary (#6910)
• filestore: made google_filestore_instance.source_backup field configurable (#6899)
• vmwareengine: fixed a bug to prevent recreation of existing google_vmwareengine_private_cloud resources when upgrading provider version from <5.10.0 (#6911)

v5.14.0

FEATURES:

• New Resource: google_discovery_engine_data_store (#6892)
• New Resource: google_securityposture_posture_deployment (#6893)
• New Resource: google_securityposture_posture (#6890)

IMPROVEMENTS:

• cloudrun: added template.spec.volumes.csi field to google_cloud_run_service resource to support mounting Cloud Storage buckets using GCSFuse (#6875)
• composer: added data_retention_config field to google_composer_environment resource (#6877)
• logging: updated the google_logging_project_bucket_config resource to be created using the asynchronous create method (#6883)
• pubsub: added use_table_schema field to google_pubsub_subscription resource (#6881)
• vertexai: added vector_search_config field to google_vertex_ai_feature_online_store_featureview resource (#6876)
• workflows: added call_log_level field to google_workflows_workflow resource (#6878)
• workstations: added readiness_checks field to google_workstations_workstation_config resource (#6895)

BUG FIXES:

• cloudfunctions2: fixed permadiff when build_config.docker_repository field is not specified on google_cloudfunctions2_function resource (#6887)
• compute: fixed error when iap field is unset for google_compute_region_backend_service resource (#6886)
• eventarc: fixed error when setting destination.cloud_function field on google_eventarc_trigger resource by making it output-only (#6879)

v5.13.0

NOTES:

• cloudbuildv2: changed underlying actuation engine for google_cloudbuildv2_repository, there should be no user-facing impact (#6843)
• provider: added support for in-place update for labels and terraform_labels fields in immutable resources (#6857)

FEATURES:

• New Resource: google_netapp_backup_policy (#6839)
• New Resource: google_netapp_volume (#6852)
• New Resource: google_network_security_address_group_iam_* (#6859)
• New Resource: google_network_security_security_profile (#6868)
• New Resource: google_vertex_ai_feature_group_feature (#6861)

IMPROVEMENTS:

• alloydb: allowed database_version as an input on google_alloydb_cluster resource (#6841)
• bigquery: added spark_options field to google_bigquery_routine resource (#6867)
• bigquery: added support for replica materialized view in google_bigquery_table resource (#6865)
• cloudrunv2: added nfs and gcs fields to google_cloud_run_v2_service.template.volumes (#6845)
• cloudrunv2: added tcp_socket field to google_cloud_run_v2.template.containers.liveness_probe (#6845)
• composer: added enable_private_environment and enable_private_builds_only fields to google_composer_environment resource (#6870)
• compute: added enable_confidential_compute field to google_compute_instance.boot_disk.initialize_params (#6842)
• gkehub2: added clusterupgrade field to google_gke_hub_feature resource (#6836)
• healthcare: added enable_history_modifications field to google_healthcare_fhir_store resource (#6864)
• notebooks: allowed machine_type and accelerator_config to be updatable on google_notebooks_runtime resource (#6854)
• workstations: added disable_tcp_connections field to google_workstations_workstation_config resource (#6863)

BUG FIXES:

• compute: fixed the bug that max_ttl is sent in API calls even it is removed from configuration when changing cache_mode to FORCE_CACHE_ALL in google_compute_backend_bucket resource (#6847)
• networkservices: fixed a perma-diff on addresses field in google_network_services_gateway resource (#6871)
• provider: fixed universe_domain behavior to correctly throw an error when explicitly configured universe_domain values did not match credentials assumed to be in the default universe (#6860)
• spanner: fixed error when adding autoscaling_config to an existing google_spanner_instance resource (#6869)

v5.12.0

FEATURES:

• New Data Source: google_dns_managed_zones (#6835)
• New Data Source: google_filestore_instance (#6822)
• New Data Source: google_vmwareengine_external_access_rule (#6811)
• New Resource: google_clouddomains_registration (#6833)
• New Resource: google_netapp_kmsconfig (#6831)
• New Resource: google_vertex_ai_feature_online_store_featureview (#6821)
• New Resource: google_vmwareengine_external_access_rule (#6811)

IMPROVEMENTS:

• compute: added md5_authentication_key field to google_compute_router_peer resource (#6815)
• compute: added in-place update support to params.resource_manager_tags field in google_compute_instance resource (#6828)
• compute: added in-place update support to description field in google_compute_instance resource (#6804)
• gkehub: added policycontroller field to google_gke_hub_feature_membership resource (#6813)
• gkehub2: added clusterupgrade field to google_gke_hub_feature resource (#6836)
• gkeonprem: added in-place update support to vsphere_config field and added host_groups field in google_gkeonprem_vmware_node_pool resource (#6802)
• iam: added create_ignore_already_exists field to google_service_account resource. If ignore_create_already_exists is set to true, resource creation would succeed when response error is 409 ALREADY_EXISTS. (#6818)
• servicenetworking: added field deletion_policy to google_service_networking_connection (#6830)
• sql: set replica_configuration, ca_cert, and server_ca_cert fields to be sensitive in google_sql_instance and google_sql_ssl_cert resources (#6823)

BUG FIXES:

• bigquery: fixed perma-diff of encryption_configuration when API returns an empty object on google_bigquery_table resource (#6817)
• compute: fixed an issue where the provider would wait_for_instances if set before deleting on google_compute_instance_group_manager and google_compute_region_instance_group_manager resources (#6829)
• compute: fixed perma-diff that reordered stateful_external_ip and stateful_internal_ip blocks on google_compute_instance_group_manager and google_compute_region_instance_group_manager resources (#6810)
• datapipeline: fixed perma-diff of scheduler_service_account_email when it's not explicitly specified in google_data_pipeline_pipeline resource (#6814)
• edgecontainer: fixed resource import on google_edgecontainer_vpn_connection resource (#6834)
• servicemanagement: fixed an issue where an inconsistent plan would be created when certain fields such as openapi_config, grpc_config, and protoc_output_base64, had computed values in google_endpoints_service resource (#6832)
• storage: fixed an issue where retry timeout wasn't being utilized when creating google_storage_bucket resource (#6806)

v5.11.0

NOTES:

• compute: changed underlying actuation engine for google_network_firewall_policy and google_region_network_firewall_policy, there should be no user-facing impact (#6776)
  DEPRECATIONS:
• gkehub2: deprecated field configmanagement.config_sync.oci.version in google_gke_hub_feature resource (#6764)

FEATURES:

• New Data Source: google_compute_reservation (#6791)
• New Resource: google_clouddeploy_automation (#6794)
• New Resource: google_integration_connectors_endpoint_attachment (#6766)
• New Resource: google_logging_folder_settings (#6754)
• New Resource: google_logging_organization_settings (#6754)
• New Resource: google_netapp_active_directory (#6781)
• New Resource: google_vertex_ai_feature_online_store (#6779)
• New Resource: google_vertex_ai_feature_group (#6780)
• New Resource: google_netapp_backup_vault (#6793)

IMPROVEMENTS:

• bigqueryanalyticshub: added restricted_export_config field to google_bigquery_analytics_hub_listing resource (#6784)
• composer: added support for composer_internal_ipv4_cidr_block field to google_composer_environment (#6761)
• composer: added config.software_config.web_server_plugins_mode, config.workloads_config and dag_processor fields to google_composer_environment. (#6797)
• compute: added provisioned_iopsand provisioned_throughput fields under boot_disk.initialize_params to google_compute_instance resource (#6792)
• compute: added resource_manager_tags and disk.resource_manager_tags for google_compute_instance_template (#6798)
• compute: added resource_manager_tags and disk.resource_manager_tags for google_compute_region_instance_template (#6798)
• container: added workload_alts_config field to google_container_cluster resource (#6762)
• dataproc: added auxiliary_node_groups field to google_dataproc_cluster resource (#6753)
• edgecontainer: increased default timeout on google_edgecontainer_cluster, google_edgecontainer_node_pool to 480m from 60m (#6796)
• gkehub2: added field version under configmanagement in google_gke_hub_feature resource (#6764)
• kms: added output-only field primary to google_kms_crypto_key (#6782)
• metastore: added consumers.custom_routes_enabled to google_dataproc_metastore_service (#6767)
• sql: added support for IAM GROUP authentication in the type field of google_sql_user (#6787)
• storagetransfer: made name field settable on google_storage_transfer_job (#6777)

BUG FIXES:

• container: added check that node_version and min_master_version are the same on create of google_container_cluster, when running terraform plan (#6763)
• container: fixed a bug where disabling PDCSI addon gce_persistent_disk_csi_driver_config during creation will result in permadiff in google_container_cluster resource (#6751)
• container: fixed an issue in which migrating from the deprecated Binauthz enablement bool to the new evaluation mode enum inadvertently caused two cluster update events, instead of none. (#6785)
• containerattached: fixed crash when updating a cluster to remove admin_users or admin_groups in google_container_attached_cluster (#6786)
• dialogflowcx: fixed a permadiff in the git_integration_settings field of google_diagflow_cx_agent (#6756)
• gkehub2: added field version under configmanagement in google_gke_hub_feature resource (#6764)
• monitoring: fixed the index out of range crash in dashboard_json for the resource google_monitoring_dashboard (#6750)

v5.10.0

FEATURES:

• New Data Source: google_compute_region_disk (#6726)
• New Data Source: google_vmwareengine_external_address (#6714)
• New Data Source: google_vmwareengine_subnet (#6715)
• New Data Source: google_vmwareengine_vcenter_credentials (#6717)
• New Resource: google_vmwareengine_external_address (#6714)
• New Resource: google_vmwareengine_subnet (#6715)
• New Resource: google_workbench_instance (#6739)
• New Resource: google_workbench_instance_iam_* (#6739)

IMPROVEMENTS:

• bigquery: added external_dataset_reference field to google_bigquery_dataset resource (#6716)
• compute: added network_performance_config field to google_container_node_pool resource to support GKE tier 1 networking (#6719)
• compute: added remove_instance_on_destroy option to google_compute_per_instance_config resource (#6724)
• compute: added remove_instance_on_destroy option to google_compute_region_per_instance_config resource (#6724)
• container: added support for network_performance_config.total_egress_bandwidth_tier to support GKE tier 1 networking (#6712)
• container: added support for in-place update for machine_type/disk_type/disk_size_gb in google_container_node_pool resource (#6722)
• containerazure: added config.labels to google_container_azure_node_pool (#6732)
• dataform: added display_name, labels and npmrc_environment_variables_secret_version fields to google_dataform_repository resource (#6727)
• monitoring: added severity field to google_monitoring_alert_policy resource (#6741)
• notebooks: added support for labels to google_notebooks_runtime (#6746)
• orgpolicy: added dry_run_spec to google_org_policy_policy (#6732)
• recaptchaenterprise: added waf_settings to google_recaptcha_enterprise_key (#6732)
• securesourcemanager: added host_config, state_note, kms_key, and private_config fields to google_secure_source_manager_instance resource (#6725)
• spanner: added autoscaling_config.max_nodes and autoscaling_config.min_nodes to google_spanner_instance (#6748)
• storage: added rpo field to google_storage_bucket resource (#6734)
• vmwareengine: added type field to google_vmwareengine_private_cloud resource (#6744)
• workloadidentity: added saml block to google_iam_workload_identity_pool_provider resource (#6718)

BUG FIXES:

• logging: fixed an issue where value change of unique_writer_identity on google_logging_project_sink does not trigger diff on dependent's usages of writer_identity (#6742)

v5.9.0

FEATURES:

• New Data Source: google_logging_folder_settings (#6699)
• New Data Source: google_logging_organization_settings (#6699)
• New Data Source: google_logging_project_settings (#6699)
• New Data Source: google_vmwareengine_network_policy (#6686)
• New Data Source: google_vmwareengine_nsx_credentials (#6701)
• New Resource: google_scc_event_threat_detection_custom_module (#6693)
• New Resource: google_secure_source_manager_instance (#6685)
• New Resource: google_vmwareengine_network_policy (#6686)

IMPROVEMENTS:

• bigqueryconnection: added spark support to google_bigquery_connection resource (#6708)
• cloudidentity: added expiry_detail field to google_cloud_identity_group_membership resource (#6689)
• container: added queued_provisioning field to google_container_node_pool resource (#6678)
• gkehub: added default_cluster_config field to google_gke_hub_fleet resource (#6683)
• gkehub: added binary_authorization_config field to google_gke_hub_fleet resource (#6705)
• sql: added support for in-place updates to the edition field in google_sql_database_instance resource (#6681)

BUG FIXES:

• artifactregistry: fixed permadiff due to unsorted virtual_repository_config array in google_artifact_registry_repository (#6691)
• container: made dns_config field updatable on google_container_cluster resource (#6695)
• dlp: added conflicting field validation in the storage_config.timespan_config block in data_loss_prevention_job_trigger resource (#6680)
• dlp: updated the storage_config.timespan_config.timestamp_field field in data_loss_prevention_job_trigger to be optional (#6680)
• firestore: added retries during creation of google_firestore_index resources to address retryable 409 code API errors ("Please retry, underlying data changed", and "Aborted due to cross-transaction contention") (#6677, #6702)
• storage: fixed unexpected lifecycle_rule conditions being added for google_storage_bucket (#6711)

v5.8.0

FEATURES:

• New Data Source: google_vmwareengine_network_peering (#6675)
• New Resource: google_dataform_repository_iam_* (beta) (#6648)
• New Resource: google_migration_center_group (#6651)
• New Resource: google_netapp_storage_pool (#6663)
• New Resource: google_vertex_ai_endpoint_iam_* (beta) (#6657)
• New Resource: google_vmwareengine_network_peering (#6675)

IMPROVEMENTS:

• artifactregistry: added remote_repository_config.upstream_credentials field to google_artifact_registry_repository resource (#6658)
• cloudbuild: added fields build.artifacts.maven_artifacts, build.artifacts.npm_packages , and build.artifacts.python_packages to resource google_cloudbuild_trigger (#6650
• composer: added database_config.zone field in google_composer_environment (#6653)
• compute: added field service_directory_registrations to resource google_compute_global_forwarding_rule (#6667)
• firestore: added virtual field deletion_policy to google_firestore_database (#6664)
• firestore: enabled database deletion upon destroy for google_firestore_database (#6664)
• gkehub2: added policycontroller field to fleet_default_member_config in google_gke_hub_feature (#6649)
• iam: added allowed_services, disable_programmatic_signin fields to google_iam_workforce_pool resource (#6666)
• vmwareengine: added STANDARD type support to google_vmwareengine_network resource (#6669)

BUG FIXES:

• compute: fixed a permadiff caused by issues with ipv6 diff suppression in google_compute_forwarding_rule and google_compute_global_forwarding_rule (#6652)
• firestore: fixed an issue where google_firestore_database could be deleted when delete_protection_state was DELETE_PROTECTION_ENABLED (#6664)
• firestore: made resource creation retry for 409 errors with the text "Aborted due to cross-transaction contention" in google_firestore_index (#6677)