chore(deps): update terraform google to v2.20.3 #14
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.5.0
->2.20.3
Release Notes
hashicorp/terraform-provider-google
v2.20.3
Compare Source
NOTES:
2.20.3
is a backport release, and some changes will not appear in3.X
series releases until3.12.0
.To upgrade to
3.X
you will need to perform a large jump in versions, and it is strongly advised that you attempt to upgrade to3.X
instead of using this release.2.20.3
is primarily a preventative fix, in anticipation of a change in API response messages adding a default value.BUG FIXES:
google_compute_instance_template
resources withnetwork_interface[*].name
set. (#5812)v2.20.2
Compare Source
BUG FIXES:
v2.20.1
Compare Source
Note: 2.20.1 is a backport release. The changes in it are unavailable in 3.0.0-beta.1 through 3.2.0.
BUG FIXES:
v2.20.0
Compare Source
BREAKING CHANGES:
backend.group
field is now required forgoogle_compute_region_backend_service
. Configurations without this would not have worked, so this isn't considered an API break. (#4772)IMPROVEMENTS:
google_bigtable_table
(#4849)load_balancing_scheme
forgoogle_compute_forwarding_rule
now acceptsINTERNAL_MANAGED
as a value. (#4772)google_compute_region_backend_service
to includebackend.balancing_mode
,backend.capacity_scaler
,backend.max_connections
,backend.max_connections_per_endpoint
,backend.max_connections_per_instance
,backend.max_rate
,backend.max_rate_per_endpoint
,backend.max_rate_per_instance
, andbackend.max_utilization
(#4772)id
for many IAM resources to the reference resource long name. Updatedinstance_name
ongoogle_compute_instance_iam
andsubnetwork
ongoogle_compute_subnetwork
to their respective long names in state (#4866)display_name
field togoogle_logging_metric
resource (#4839)validate_ssl
togoogle_monitoring_uptime_check_config
(#4637)google_project_service
read calls, so fewer API requests are made (#4854)notification_id
field togoogle_storage_notification
(#4879)BUG FIXES:
min_replicas
ingoogle_compute_autoscaler
andgoogle_compute_region_autoscaler
would set that field to its server-side default instead of 0. (#4851)network
blocks are defined withoutnetwork_url
s (#4840)v2.19.0
Compare Source
DEPRECATIONS:
compute
: deprecatedenable_flow_logs
ongoogle_compute_subnetwork
. The presence of thelog_config
block signals that flow logs are enabled for a subnetwork (#4791)compute
: deprecatedinstance_template
forgoogle_compute_instance_group_manager
andgoogle_compute_region_instance_group_manager
. Useversion.instance_template
instead. (#4763)compute
: deprecatedupdate_strategy
forgoogle_compute_instance_group_manager
. Useupdate_policy
instead. (#4763)container
: deprecatedgoogle_container_cluster
ip_allocation_policy.create_subnetwork
,ip_allocation_policy.subnetwork_name
,ip_allocation_policy.node_ipv4_cidr_block
. Define an explicitgoogle_compute_subnetwork
and usesubnetwork
instead. (#4774)container
: deprecatedgoogle_container_cluster
ip_allocation_policy.use_ip_aliases
. If it's set to true, remove it from your config. If false, removeip_allocation_policy
as a whole. (#4774)iam
: Deprecatedpgp_key
ongoogle_service_account_key
resource. See https://www.terraform.io/docs/extend/best-practices/sensitive-state.html for more information. (#4810)BREAKING CHANGES:
google_service_account_iam_*
resources now support IAM Conditions. If any conditions had been created out of band before this release, take extra care to ensure they are present in your Terraform config so the provider doesn't try to create new bindings with no conditions. Terraform will show a diff that it is adding the condition to the resource, which is safe to apply. (#4541)FEATURES:
compute
: addedgoogle_compute_router
datasource (#4614)IMPROVEMENTS:
cloudbuild
: added ability to specifyname
forcloud_build_trigger
to avoid name collisions when creating multiple triggers at once. (#4709)compute
:log_config
is now available in GA forgoogle_compute_subnetwork
(#4791)compute
: added support for multiple versions ofinstance_template
and granular control of the update policies forgoogle_compute_instance_group_manager
andgoogle_compute_region_instance_group_manager
. (#4763)container
: addedmaintenance_policy.recurring_window
support togoogle_container_cluster
, significantly increasing expressive range. (#4736)container
: addedtaint
field in GKE resources to the GAgoogle
provider (#4743)container
: fix a diff created in the cloud console whenMaintenanceExclusions
are added. (#4764)compute
: addedgoogle_compute_instance
support for display device (Virtual Displays) (#4775)iam
: added support for IAM Conditions to thegoogle_service_account_iam_*
resources (beta provider only) (#4541)iam
: addeddescription
togoogle_service_account
. (#4734)BUG FIXES:
appengine
: Resolved permadiff ingoogle_app_engine_domain_mapping.ssl_settings.certificate_id
. (#4754)storage
: Fixed error ingoogle_storage_bucket
where locked retention policies would cause a bucket to report failure on all updates (even though updates were applied correctly). (#4761)v2.18.1
Compare Source
BUGS:
resourcemanager
: fixed deleting the default network ingoogle_project
(#4748)v2.18.0
Compare Source
KNOWN ISSUES:
resourcemanager
:google_project
auto_create_network
is failing to delete networks when set tofalse
. Use an earlier provider version to resolve.DEPRECATIONS:
container
: Thekubernetes_dashboard
addon is deprecated forgoogle_container_cluster
. (#4648)FEATURES:
google_app_engine_application_url_dispatch_rules
(#4674)IMPROVEMENTS:
all
: increased support for custom endpoints across the provider (#4641)appengine
: added the ability to delete the parent service ofgoogle_app_engine_standard_app_version
(#4596)container
: Addedshielded_instance_config
attribute tonode_config
(#4554)dataflow
: addedip_configuration
option tojob
. (#4726)pubsub
: Added fieldoidc_token
togoogle_pubsub_subscription
(#4679)sql
: addedlocation
field tobackup_configuration
block ingoogle_sql_database_instance
(#4681)BUGS:
all
: fixed the custom endpoint version used by older legacy REST clients (#4695)bigquery
: fix issue withgoogle_bigquery_data_transfer_config
params
crashing on boolean values (#4676)cloudrun
: fixed the apiVersion sent ingoogle_cloud_run_domain_mapping
requests (#4657)compute
: added support for updating multiple fields at once togoogle_compute_subnetwork
(#4688)compute
: fixed diffs ingoogle_compute_instance_group
'snetwork
field when equivalent values were specified (#4728)compute
: fixed issues updatinggoogle_compute_instance_group
'sinstances
field when config/state values didn't match (#4728)iam
: fixed bug where IAM binding wouldn't replace members if they were deleted outside of terraform. (#4693)pubsub
: Fixed permadiff due to interaction of organization policies andgoogle_pubsub_topic
. (#4721)v2.17.0
Compare Source
NOTES:
google_project_services
users of provider versions prior to2.17.0
should update, as past versions of the provider will not handle an upcoming rename ofbigquery-json.googleapis.com
tobigquery.googleapis.com
well. See https://github.com/terraform-providers/terraform-provider-google/issues/4590 for details. (#4616)DEPRECATIONS:
google_project_services
(#4587)FEATURES:
google_bigtable_gc_policy
(#4578)google_binary_authorization_attestor_iam_policy
(#4517)google_compute_region_ssl_certificate
(#4537)google_compute_region_target_http_proxy
(#4537)google_compute_region_target_https_proxy
(#4537)google_iap_app_engine_service_iam_*
(#4566)google_iap_app_engine_version_iam_*
(#4566)google_storage_bucket_access_control
(#4531)IMPROVEMENTS:
monitoring-read
scope available. (#4569)google_bigtable_instance
(#4598)default_max_pods_per_node
to ga. (#4621)google_containeranalysis_note
to ga (#4517)BUGS:
app_engine_http_target.app_engine_routing
ongoogle_cloud_scheduler_job
(#4444)quic_override
ongoogle_compute_https_target_proxy
to empty. (#4588)region_backend_service.backends.failover
was not detected. (#4622)google_compute_router_peer
to default if empty foradvertise_mode
(#4503)google_compute_router_nat
when referencing subnetwork vianame
(#4549)master_ipv4_cidr_block
ingoogle_container_cluster
(#4577)v2.16.0
Compare Source
KNOWN ISSUES:
google_project_services
resource may have seen thebigquery.googleapis.com
service added and thebigquery-json.googleapis.com
service removed, causing a diff. This was later reverted, causing another diff. This issue is being tracked as https://github.com/terraform-providers/terraform-provider-google/issues/4590.FEATURES:
google_compute_region_url_map
is now available. To support this, theprotocol
forgoogle_compute_region_backend_service
can now be set toHTTP
,HTTPS
,HTTP2
, andSSL
. (#4496)google_runtimeconfig_config_iam_*
resources (#4454)google_compute_resource_policy
andgoogle_compute_disk_resource_policy_attachment
to managegoogle_compute_disk
resource policies as fine-grained resources (#4409)ENHANCEMENTS:
python_version
and ability to setimage_version
ingoogle_composer_environment
in the GA provider (#4465)google_compute_global_forwarding_rule
now supportsmetadata_filters
. (#4495)google_compute_backend_service
now supportslocality_lb_policy
,outlier_detection
,consistent_hash
, andcircuit_breakers
. (#4412)guest_os_features
to resourcegoogle_compute_image
(#4483)google_compute_router_nat
now supportsdrain_nat_ips
field (#4480)google_container_node_pool
now supports node_locations to specify specific node zones. (#4478)google_netblock_ip_ranges
data source now has aprivate-googleapis
field, for the IP addresses used for Private Google Access for services that do not support VPC Service Controls API access. (#4367)google_project_iam_*
Properly set theproject
field in state (#4488)BUG FIXES:
subfolder_matches
were not set ingoogle_cloudiot_registry
event_notification_configs
(#4527)v2.15.0
Compare Source
FEATURES:
google_iap_web_iam_binding/_member/_policy
are now available for managing IAP web IAM permissions (#4253)google_iap_web_backend_service_binding/_member/_policy
are now available for managing IAM permissions on IAP enabled backend services (#4253)google_iap_web_type_compute_iam_binding/_member/_policy
are now available for managing IAM permissions on IAP enabled compute services (#4253)google_iap_web_type_app_engine_iam_binding/_member/_policy
are now available for managing IAM permissions on IAP enabled App Engine applications (#4253)google_app_engine_domain_mapping
(#4310)google_cloudfunctions_function_iam_policy
,google_cloudfunctions_function_iam_binding
, andgoogle_cloudfunctions_function_iam_member
have been added (#4420)google_compute_reservation
allows you to reserve instance capacity in GCE. (#4332)google_compute_region_health_check
is now available. This andgoogle_compute_health_check
now include additional support for HTTP2 health checks. (#4270)ENHANCEMENTS:
google_compute_router_peer
(#4371)tunnel_id
togoogle_compute_vpn_tunnel
andgateway_id
togoogle_compute_vpn_gateway
(#4373)google_compute_subnetwork
now includes thepurpose
androle
fields. (#4261)purpose
field togoogle_compute_address
(#4400)mode
option togoogle_compute_instance.boot_disk
(#4413)google_compute_firewall
does not show a diff if allowed or denied rules are specified with uppercase protocol values (#4467)metric_descriptor.unit
togoogle_logging_metric
resource (#4407)BUG FIXES:
master_authorized_networks_config
is removed from thegoogle_container_cluster
configuration. (#4446)google_service_account_
andgoogle_service_account_iam_*
validation less restrictive to allow for more default service accounts (#4377)google_logging_metric
explicit
bucket option can now be set (#4358)google_sql_database_instance
(#4376)MISC:
v2.14.0
Compare Source
DEPRECATIONS:
resource_cloudiot_registry
'sevent_notification_config
field has been deprecated. (#4282)FEATURES:
google_bigtable_app_profile
is now available. (#4126)google_ml_engine_model
(#4053)google_dataproc_autoscaling_policy
(#2220)google_kms_secret_ciphertext
(#4204)ENHANCEMENTS:
num_nodes
can now be updated ingoogle_bigtable_instance
(#4026)resource_cloudiot_registry
now has fields pluralevent_notification_configs
andlog_level
, andevent_notification_config
has been deprecated. (#4282)google_compute_region_instance_group_manager.update_policy
now supportsinstance_redistribution_type
(#4301)oauth_token
andoidc_token
on resourcegoogle_cloud_scheduler_job
(#4222)BUG FIXES:
google_project_iam_custom_role
now sets the project properly on import. (#4343)google_sql_database
. (#4279)v2.13.0
Compare Source
KNOWN ISSUES:
bigtable
:google_bigtable_instance
may cause a panic on Terraform0.11
. This was resolved in2.17.0
.FEATURES:
google_vpc_access_connector
resource and thevpc_connector
option on thegoogle_cloudfunctions_function
resource. (#4189)google_scc_source
resource for managing Cloud Security Command Center sources in Terraform (#4236)google_compute_network_endpoint_group
(#4173)ENHANCEMENTS:
google_bigquery_data_transfer_config
(which include scheduled queries). (#4102)google_bigtable_instance
max number ofcluster
blocks is now 4 (#4156)globalPolicyEvaluationMode
togoogle_binary_authorization_policy
. (#4124)google_compute_router_nat
google_netblock_ip_ranges
to supportmultiple useful IP address ranges that have a special meaning on GCP. (#4121)google_project
,google_folder
, andgoogle_*_organization_policy
(#4098)user_project_override
, which allows billing, quota checks, and service enablement checks to occur against the project a resource is in instead of the project the credentials are from. (#4202)BUG FIXES:
v2.12.0
Compare Source
FEATURES:
google_cloud_run_service
- Set up a cloud run service (#3714)google_cloud_run_domain_mapping
- Allows custom domains to map to a cloud run service (#3714)google_binary_authorization_attestor
andgoogle_binary_authorization_policy
are available in the GA provider (#3960)ENHANCEMENTS:
binary_authorization_attestor
. (#4078)google_composer_environment
(#3952)google_compute_health_check
(#4001)google_compute_network_endpoint
and add location-only import formats (#4037)labels
on resourcegoogle_dataflow_job
(#4095)optional_components
to resourceresource_dataproc_cluster
(#4073)retention_policy
to resourcegoogle_storage_bucket
(#4044)BUG FIXES:
dataproc: Suppress diff for
google_dataproc_cluster
software_config.0.image_version
to prevent permadiff when server uses more specific versions of config value (#4088)google_organization_iam_policy
,google_folder_iam_policy
) (#4084)google_storage_bucket
Set website metadata during read (#3977)v2.11.0
Compare Source
NOTES:
FEATURES:
google_bigtable_instance_iam_binding
,google_bigtable_instance_iam_member
, andgoogle_bigtable_instance_iam_policy
are now available. (#3939)google_sourcerepo_repository_iam_*
(#3961)ENHANCEMENTS:
external_data_configuration
togoogle_bigquery_table
. (#3602)google_compute_instance_template
(#4000)google_firestore_index
query_scope
can haveCOLLECTION_GROUP
specified. (#3972)BUG FIXES:
google_backend_service
(#3969)kms_key_self_link
as computed (#3802)google_container_cluster
keep clusters in state if they are created in an error state and don't get correctly cleaned up. (#3995)google_container_cluster
will now wait to act until the cluster can be operated on, respecting timeouts. (#3989)google_container_node_pool
Correctly set nodepool autoscaling in state when disabled in the API (#3997)google_monitoring_uptime_check_config
on a deprecated field. (#4019)google_service_networking_connection
correctly delete the connection when the resource is destroyed. (#4003)google_storage_transfer_job
schedule_end_date
caused requests to fail if unset. (#4005)google_storage_object_acl
Prevent panic when using interpolated object names. (#3970)v2.10.0
Compare Source
DEPRECATIONS:
is_internal
andinternal_checkers
fromgoogle_monitoring_uptime_check_config
. (#3919)FEATURES:
google_compute_project_default_network_tier
(#3907)ENHANCEMENTS:
google_compute_backend_service
, includingmax_connections_per_endpoint
andmax_rate_per_endpoint
(#3863)google_compute_instance_group_manager
andgoogle_compute_region_instance_group_manager
(#3955)logging.googleapis.com/kubernetes
andmonitoring.googleapis.com/kubernetes
are now GA for cluster logging/monitoring servicegoogle_folder
improve error message on delete (#3902)google_*_iam_policy
resources to get simpler diffs (#3855)google_kms_crypto_key
now supports labels. (#3910)google_pubsub_topic
supports KMS keys withkms_key_name
. (#3925)BUG FIXES:
google_service_networking_connection
fix update (#3887)v2.9.1
Compare Source
BUG FIXES:
google_kms_crypto_key
resources (#3893)google_storage_bucket
fix for crash that occurs when running plan on old buckets (#3886)google_storage_bucket
allow updatingbucket_policy_only
to false (#3886)v2.9.0
Compare Source
FEATURES:
google_compute_network_endpoint_group
) and fine-grained resource endpoints (google_compute_network_endpoint
) are now available. (#3832)google_service_networking_connection
is now available (previously beta-only)ENHANCEMENTS:
google_compute_instance
,google_container_cluster
,google_dataproc_cluster
, andgoogle_sql_database_instance
(#3872)google_compute_global_address
supportsprefix_length
,purpose
, andnetwork
(#3877)google_dns_record_set
: allow importing dns record sets in any project (#3862)kms_crypto_key
supportspurpose
(#3843)google_storage_bucket
now supports enablingbucket_policy_only
access control. (#1878google_storage_bucket_iam_*
) now all support import (#3830)google_pubsub_topic
Updates for labels are now supported (#3828)BUG FIXES:
google_bigquery_dataset
Relax IAM role restrictions on BQ datasets (#3451)google_project_iam
When importing resourcesproject
no longer needs to be set in the config post import (#3777)google_compute_instance_template
Fixed issue so project can now be specified by interpolated varibles. (#3798)google_compute_instance_template
Throw error when using incompatible disk fields instead of continual plan diff (#3789)google_compute_instance_from_template
Make sure disk type is expanded to a URL (#3717)google_compute_instance_template
Attempt to put disks in state in the same order they were specified (#3717)google_container_cluster
Stop guest_accelerator from having a permadiff for accelerators withcount=0
(#3860)google_container_cluster
andgoogle_node_pool
now retry correctly when polling for status of an operation. (#3801)google_dns_record_set
overrides all existing record types on create, not just NS (#3859)google_monitoring_notification_channel
Allow setting enabled to false (#3874)google_pubsub_subscription
andgoogle_pubsub_topic
resources can be created inside VPC service controls. (#3818)google_redis_instance
Fall back to region fromlocation_id
when region isn't specified (#3846)google_sql_user
User's can now be updated to change their password (#3785)google_sql_user
now correctly actually registers that the user was created and gives a slightly more understandable error/diff, instead of returning a generic "provider error" (#3857)v2.8.0
Compare Source
DEPRECATIONS:
auto_create_routes
field ongoogle_compute_network_peering
has been deprecated because it is not user configurable. (#3394)FEATURES:
google_compute_ssl_certificate
(#3683)google_composer_image_versions
(#3694)ENHANCEMENTS:
app_engine_application
locations. (#3674)google_composer_environment
image version updateable. (#3681)google_compute_router_interface
now supports specifying aninterconnect_attachment
. (#3715)google_compute_router_nat
now supports specifying alog_config
block (#3684)google_compute_router_nat
now supports more import formats. (#3744)google_compute_network_peering
now supports importing/exporting custom routes (#3699)google_compute_backend_service
,google_compute_global_forwarding_rule
. (#3719)services_ipv4_cidr
forcontainer_cluster
. (#3776)google_dns_managed_zone
now supports DNSSec. (#3677)google_dataflow_job
now supports setting machine type (#1862)google_kms_key_ring
is now autogenerated using Magic Modules (#3689)google_pubsub_subscription
supports setting anexpiration_policy
with nottl
. (#3742)BUG FIXES:
google_compute_region_backend_service
was unable to perform a state migration. (#3731)google_compute_network
. (#3741)google_container_cluster
will no longer diff unnecessarily onissue_client_certificate
. (#3751)google_container_cluster
can enable client certificates on GKE1.12+
series releases. (#3751)google_container_cluster
now retries the call to remove default node pools during cluster creation (#3769)v2.7.0
Compare Source
NOTE:
google_compute_backend_bucket_signed_url_key
andgoogle_compute_backend_service_signed_url_key
were introduced in2.4.0
.BACKWARDS INCOMPATIBILITIES:
google_cloudfunctions_function.runtime
now has an explicit default value ofnodejs6
. Users who have a different value set in the API but the value undefined in their config will see a diff. (#3605)FEATURES:
google_compute_instance_iam_binding
,google_compute_instance_iam_member
, andgoogle_compute_instance_iam_policy
are now available. (#3551)google_dataproc_job_iam_policy
,google_dataproc_job_iam_member
,google_dataproc_job_iam_binding
,google_dataproc_cluster_iam_policy
,google_dataproc_cluster_iam_member
,google_dataproc_cluster_iam_binding
) are now available. #3632ENHANCEMENTS:
google_client_config
datasource (#3262)google_compute_backend_service
now supportsHTTP2
protocol (beta-only feature, use with GA provider at own risk)#3631interconnect_attachment
Make vlanTag8021q computed for using PARTNER attachments (#3600)google_compute_organization_policies*
Allow all organization policies to be removed/unset from a constraint. (#3611)google_compute_instance
now supportsshielded_instance_config
for verifiable integrity of your VM instances. (#3531)google_compute_instance_template
now supportsshielded_instance_config
for verifiable integrity of your VM instances. (#3531)BUG FIXES:
google_cloudfunctions_function.runtime
now has an explicit default value ofnodejs6
. (#3605)compute_backend_service
hash function (#3610)google_monitoring_alert_policy
is more likely to succeed (#3587)google_kms_crypto_key
now (in addition to marking all crypto key versions fConfiguration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.