chore(deps): update terraform google to v4 #20
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.5.0->4.5.0Release Notes
hashicorp/terraform-provider-google
v4.5.0Compare Source
FEATURES:
IMPROVEMENTS:
return_table_typefield togoogle_bigquery_routine(#10743)available_secretstogoogle_cloudbuild_trigger(#10714)min_instancestogoogle_cloudfunctions_function(#10712)cloud_composer_connection_subnetworkingoogle_composer_environment(#10724)google_compute_instance'scan_ip_forwardcould not be updated without recreating or restarting the instance. (#10741)public_access_preventionto resourcebucket(beta) (#10740)google_privateca_certificate,google_privateca_certificate_authority, andgoogle_privateca_ca_poolvia thenon_caandzero_max_issuer_path_lengthfields (#10702)BUG FIXES:
google_assured_workloads_workloadfrom being created in any region other than us-central1 (#10749)v4.4.0Compare Source
DEPRECATIONS:
zoneongoogle_filestore_instancein favor oflocationto allow for regional instances (#10662)FEATURES:
google_os_config_os_policy_assignment(#10676)google_recaptcha_enterprise_key(#10672)google_spanner_instance_iam_policy(#10695)google_spanner_instance_iam_binding(#10695)google_spanner_instance_iam_member(#10695)IMPROVEMENTS:
ENTERPRISEvalue ongoogle_filestore_instancetier(#10662)google_privateca_certificate,google_privateca_certificate_authority, andgoogle_privateca_ca_poolvia thenon_caandzero_max_issuer_path_lengthfields (#10702)allocated_ip_rangeto resourcegoogle_sql_database_instance(#10687)BUG FIXES:
INTERNAL_MANAGEDgoogle_compute_region_backend_service. (#10664)instance_group_managerwould not start update ifwait_for_instanceswas set and initial status was notSTABLE(#10680)ROUTESvalue for thenetworking_modefield ingoogle_container_cluster. A recent API change unintentionally changed the default to aVPC_NATIVEcluster, and removed the ability to create aROUTES-based one. Provider versions prior to this one will default toVPC_NATIVEdue to this change, and are unable to createROUTESclusters. (#10686)v4.3.0Compare Source
FEATURES:
google_compute_router_status(#10573)google_folders(#10658)google_notebooks_runtime(#10627)google_vertex_ai_metadata_store(#10657)google_cloudbuild_worker_pool(#10617)IMPROVEMENTS:
google_apigee_environment. (#10608)google_apigee_instance. (#10636)node_grouptonode_configfor container clusters and node pools to support sole tenancy (#10646)replicaCount,nodes,readEndpoint,readEndpointPort,readReplicasModeingoogle_redis_instance(#10607)BUG FIXES:
emailingoogle_essential_contacts_contactas requiring recreation (#10592)CertificateAuthority(#10577)v4.2.1Compare Source
BUG FIXES:
v4.2.0for Terraform0.13and above. This release should be compatible with Terraform0.12.31v4.2.0Compare Source
FEATURES:
google_compute_router_status(#10573)IMPROVEMENTS:
queue_counttogoogle_compute_instance.network_interfaceandgoogle_compute_instance_template.network_interface(#10571)BUG FIXES:
google_bigquery_routine. (#10546)cache_modeis set to FORCE_CACHE_ALL ongoogle_compute_backend_bucket(#10572)google_compute_region_health_checkwhenlog_config.enableis set to false (#10553)google_service_directory_endpoint. (#10569)v4.1.0Compare Source
IMPROVEMENTS:
bfdtogoogle_compute_router_peer(#10487)gcfs_configtonode_configofgoogle_container_node_poolresource (#10499)confidential_nodesfield ingoogle_container_clusterto GA (#10531)resourceNotReadyerror returned when attempting to add resources to a recently-modified subnetwork (#10498)message_retention_durationfield togoogle_pubsub_topic(#10501)BUG FIXES:
google_apigee_instance_attachmentcould not be used on the samegoogle_apigee_instance(#10520)google_bigquery_table(#10521)labelsongoogle_billing_budget(#10490)source_diskto accept full image path ongoogle_compute_snapshot(#10516)google_compute_firewallthat would cause changes insource_rangesto not correctly be applied (#10515)descriptionongoogle_logging_project_sink,google_logging_folder_sinkandgoogle_logging_organization_sink(#10493)v4.0.0Compare Source
NOTES:
BREAKING CHANGES:
google_app_engine_standard_app_versionentrypointas required (#10425)trace-appendortrace-roas scopes ingoogle_compute_instance, usetraceinstead (#10377)advanced_machine_featuresongoogle_compute_instance_templateto track changes when the block is undefined in a user's config (#10427)source_rangesingoogle_compute_firewall_ruleto track changes when it is not set in a config file (#10439)metadata_startup_script,metadata.startup-scriptingoogle_compute_instance. Now,metadata.startup-scriptwill be set by default, andmetadata_startup_scriptwill only be set if present. (#10392)source_disk_linkfield fromgoogle_compute_snapshot(#10424)enable_displayfield fromgoogle_compute_instance_template(#10410)update_policy.min_ready_secfield fromgoogle_compute_instance_group_manager,google_compute_region_instance_group_manager(#10410)instance_group_urlshas been removed in favor ofnode_pool.managed_instance_group_urls(#10442)enable_shielded_nodesto true forgoogle_container_cluster(#10403)master_auth.client_certificate_configto required (#10441)master_auth.usernameandmaster_auth.passwordfromgoogle_container_cluster(#10441)workload_metadata_configuration.node_metadatain favor ofworkload_metadata_configuration.modeingoogle_container_cluster(#10400)pod_security_policy_configfield fromgoogle_container_cluster(#10410)workload_identity_config.0.identity_namespacefield fromgoogle_container_cluster, useworkload_identity_config.0.workload_poolinstead (#10410)bigquery-json.googleapis.com, the provider will no longer convert it as the upstream API migration is finished. Usebigquery.googleapis.cominstead. (#10370)credentials,access_tokenprecedence so thatcredentialsvalues in configuration take precedence overaccess_tokenvalues assigned through environment variables (#10393)pathfield fromgoogle_pubsub_subscription(#10424)google_projectremoveorg_idandfolder_idfrom state when they are removed from config (#10373)org_id,folder_idat plan time ingoogle_project(#10373)projectfield toRequiredin allgoogle_project_iam_*resources (#10394)google(GA) provider includinggoogle_runtimeconfig_config,google_runtimeconfig_variable,google_runtimeconfig_config_iam_policy,google_runtimeconfig_config_iam_binding,google_runtimeconfig_config_iam_member,data.google_runtimeconfig_config. They are only available in thegoogle-betaprovider, as the underlying service is in beta. (#10410)google_sql_database_instancefields:activation_policy(defaultsALWAYS),availability_type(defaultsZONAL),disk_type(defaultsPD_SSD),encryption_key_name(#10412)database_versionfield toRequiredingoogle_sql_database_instanceresource (#10398)google_sql_database_instancefields:authorized_gae_applications,crash_safe_replication,replication_type(#10412)bucket_policy_onlyfromgoogle_storage_bucket(#10397)locationfield to required ingoogle_storage_bucket(#10399)VALIDATION CHANGES:
statement_timeout_ms,statement_byte_budget, orkey_result_statementis required ongoogle_bigquery_job.query.script_options.(#10371)query,load,copyorextractis required ongoogle_bigquery_job(#10371)source_tableorsource_modelis required ongoogle_bigquery_job.extract(#10371)branch_name,commit_shaortag_nameis required ongoogle_cloudbuild_trigger.build.source.repo_source(#10371)fixed_delayorpercentageis required ongoogle_compute_url_map.default_route_action.fault_injection_policy.delay(#10371)fixedorpercentis required ongoogle_compute_autoscaler.autoscaling_policy.scale_down_control.max_scaled_down_replicas(#10371)fixedorpercentis required ongoogle_compute_autoscaler.autoscaling_policy.scale_in_control.max_scaled_in_replicas(#10371)fixedorpercentis required ongoogle_compute_region_autoscaler.autoscaling_policy.scale_down_control.max_scaled_down_replicas(#10371)fixedorpercentis required ongoogle_compute_region_autoscaler.autoscaling_policy.scale_in_control.max_scaled_in_replicas(#10371)max_scaled_down_replicasortime_window_secis required ongoogle_compute_autoscaler.autoscaling_policy.scale_down_control(#10371)max_scaled_down_replicasortime_window_secis required ongoogle_compute_region_autoscaler.autoscaling_policy.scale_down_control(#10371)max_scaled_in_replicasortime_window_secis required ongoogle_compute_autoscaler.autoscaling_policy.scale_in_control.0.(#10371)max_scaled_in_replicasortime_window_secis required ongoogle_compute_region_autoscaler.autoscaling_policy.scale_in_control.0.(#10371)source_tags,source_rangesorsource_service_accountson INGRESSgoogle_compute_firewallresources (#10369)start_timeorend_timeis required ongoogle_data_loss_prevention_trigger.inspect_job.storage_config.timespan_config(#10371)urlorregex_file_setis required ongoogle_data_loss_prevention_trigger.inspect_job.storage_config.cloud_storage_options.file_set(#10371)self_linkfield fromgoogle_kms_crypto_keyandgoogle_kms_key_ring(#10424)linux_exec_step_configorwindows_exec_step_configis required ongoogle_os_config_patch_deployment.patch_config.post_step(#10371)linux_exec_step_configorwindows_exec_step_configis required ongoogle_os_config_patch_deployment.patch_config.pre_step(#10371)reboot_config,apt,yum,goozypper,windows_update,pre_steporpre_stepis required ongoogle_os_config_patch_deployment.patch_config(#10371)security,minimal,excludesorexclusive_packagesis required ongoogle_os_config_patch_deployment.patch_config.yum(#10371)type,excludesorexclusive_packagesis required ongoogle_os_config_patch_deployment.patch_config.apt(#10371)with_optional,with_update,categories,severities,excludesorexclusive_patchesis required ongoogle_os_config_patch_deployment.patch_config.zypper(#10371)classifications,excludesorexclusive_patchesis required ongoogle_os_config_patch_deployment.inspect_job.patch_config.windows_update(#10371)num_nodesorprocessing_unitsis required ongoogle_spanner_instance(#10371)IMPROVEMENTS:
encrypted_interconnect_routertogoogle_compute_router(#10454)managed_instance_group_urlstogoogle_container_node_poolto replaceinstance_group_urlsongoogle_container_cluster(#10467)google_kms_crypto_key.protection_level(#10391)billing_projectongoogle_project_service(#10395)google_spanner_instanceoperations from 4 minutes to 20 minutes, significantly reducing the likelihood that resources will time out (#10437)BUG FIXES:
google_bigquery_table(#10421)ttlfields ongoogle_compute_backend_bucket(#10375)subnetworkwhen it is optional ongoogle_compute_network_endpoint_group(#10420)log_config.enableof bothgoogle_compute_backend_serviceandgoogle_compute_region_backend_service(#10378)google_compute_instance_group_manager.update_policy.0.min_ready_secfield so that updating it to0works (#10457)google_compute_region_instance_group_manager.update_policy.0.min_ready_secfield so that updating it to0works (#10457)data.google_spanner_instanceso that non-configurable fields are considered outputs (#10450)v3.90.1Compare Source
DEPRECATIONS:
master_auth, constraining it tomaster_auth.usernameandmaster_auth.passwordv3.90.0Compare Source
DEPRECATIONS:
workload_identity_config.0.identity_namespaceand it will be removed in a future major release as it has been deprecated in the API. Useworkload_identity_config.0.workload_poolinstead. Switching your configuration from one value to the other will trigger a diff at plan time, and a spurious update. (#10327)google_container_clusterfields:instance_group_urlsandmaster_auth(#10356)IMPROVEMENTS:
node_config.0.guest_accelerator.0.gpu_partition_sizefield to google_container_node_pool (#10339)workload_identity_config.0.workload_pooltogoogle_container_cluster(#10327)monitoring_configto acceptWORKLOAD(#10321)BUG FIXES:
template.spec.containers.ports.nameof thegoogle_cloud_run_serviceresource (#10340)config.node_config.zonerequirement ongoogle_composer_environment(#10353)failover_policyongoogle_compute_region_backend_service(#10316)descriptionupdatable without recreation ongoogle_compute_instance_group_manager(#10329)google_container_node_pool.workload_metadata_config.mode(#10313)google_scc_notification_config.streaming_config.filterwas not updating. (#10315)v3.89.0Compare Source
DEPRECATIONS:
enable_displayfield ingoogle_compute_instance_templatein thegoogle(GA) provider. It will only be available in thegoogle-betaprovider in a future release, as the underlying feature is in beta. (#10281)BUG FIXES:
google_compute_router_peercould not set an advertised route priority of 0, causing permadiff. (#10292)monitoring_configofgoogle_container_cluster(#10290)google_storage_bucketresources. (#10287)v3.88.0Compare Source
NOTES:
DEPRECATIONS:
workload_metadata_configuration.node_metadatain favor ofworkload_metadata_configuration.modeingoogle_container_cluster(#10238)google_dataproc_workflow_template.versionfield, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#10183)google(GA) provider includinggoogle_runtimeconfig_config,google_runtimeconfig_variable,google_runtimeconfig_config_iam_policy,google_runtimeconfig_config_iam_binding,google_runtimeconfig_config_iam_member,data.google_runtimeconfig_config. They will only be available in thegoogle-betaprovider in a future release, as the underlying service is in beta. (#10232)BREAKING CHANGES:
config_membershipfield ingoogle_gke_hub_featurerequired, disallowing invalid configurations (#10199)configmanagement,feature,location,membershipfields ingoogle_gke_hub_feature_membershiprequired, disallowing invalid configurations (#10199)FEATURES:
google_service_networking_peered_dns_domain(#10229)google_sourcerepo_repository(#10203)google_storage_bucket(#10190)google_pubsub_lite_reservation(#10263)google_service_networking_peered_dns_domain(#10229)IMPROVEMENTS:
workloads_configandcloud_composer_network_ipv4_cidr_blocktocomposer_environment(10269)google_compute_subnetworkandgoogle_compute_instance.network_interfaces(#10189)workload_metadata_configuration.modeingoogle_container_cluster(#10238)uidoutput field,cloud_functiondestination togoogle_eventarc_trigger(#10199)gcp_service_account_emailwhen configuring Git sync ingoogle_gke_hub_feature_membership(#10199)resource_state,stateoutputs togoogle_gke_hub_feature(#10199)google_pubsub_lite_reservationtogoogle_pubsub_lite_topic. (#10263)BUG FIXES:
google_monitoring_uptime_check_configwhereNOT_MATCHES_REGEXcould not be specified. (#10249)v3.87.0Compare Source
DEPRECATIONS:
google_dataproc_workflow_template.versionfield, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#10183)FEATURES:
google_org_policy_policy(#10111)IMPROVEMENTS:
service_accounttogoogle_cloudbuild_trigger(#10159)scheduler_counttogoogle_composer_environment(#10158)resource_policiesproperty (#10173)logging_configandmonitoring_configtogoogle_container_cluster(#10125)import_onlytogoogle_kms_crypto_key(#10157)google_network_services_edge_cache_originfrom 30m to 60m (#10182)BUG FIXES:
reserved_ip_rangeongoogle_filestore_instancevia recreation of the instance (#10146)v3.86.0Compare Source
IMPROVEMENTS:
google_healthcare_hl7_v2_store.parseConfig.versionto GA (#10099)BUG FIXES:
google_dns_record_setwhererrdatascould not be updated (#10089)google_dns_record_setwhere creating the resource would result in an 409 error (#10089)google_organization_policy(#10082)v3.85.0Compare Source
IMPROVEMENTS:
user_project_overrideingoogle_bigtable_instanceandgoogle_bigtable_table(#10060)iapfields togoogle_compute_region_backend_service(#10038)nextHopIlbfield ofgoogle_compute_routeresource (#10048)disabledfield togoogle_service_accountresource (#10033)pathtogoogle_storage_transfer_job(#10047)BUG FIXES:
deployment.container.imagewould update to an old version even if inignore_changes(#10058)destination_encryption_config.kms_key_namestored the version rather than the key name. (#10068)google_redis_instance(#10037)google_project_servicewhere users could not reenable services that were disabled outside of Terraform. (#10045)v3.84.0Compare Source
FEATURES:
google_secret_manager_secret(#9983)IMPROVEMENTS:
google_compute_service_attachment(#9982)BUG FIXES:
maintenance_exclusionongoogle_container_cluster(#10025)google_compute_router_natwhere removinglog_configresulted in a perma-diff (#9950)advanced_machine_featureserror messages ingoogle_compute_instance(#10023)google_cloudfunctions_function(#10011)bucket_options.linear_buckets.widthongoogle_logging_metric(#9985)google_os_config_guest_policies(#10019)days_since_noncurrent_timeofgoogle_storage_bucket(#10024)v3.83.0Compare Source
FEATURES:
google_privateca_certificate_template(#9905)IMPROVEMENTS:
certificate_templatetogoogle_privateca_certificate. (#9915)ip_addressfield ofgoogle_compute_router_peer(#9913)google_compute_service_attachmentto ga (#9914)roleandpurposefields ingoogle_compute_subnetworkto ga (#9914)destroy_scheduled_durationtogoogle_kms_crypto_key(#9911)BUG FIXES:
config_idongoogle_endpoints_service(#9912)google_cloudbuild_triggeras requiring one of branch_name/tag_name/commit_sha within build.source.repo_source (#9952)enablefield ofgoogle_compute_router_peer(#9940)next_hop_instance_zoneongoogle_compute_routewhennext_hop_instancewas set to a self link (#9931)google_compute_router_natwhere removinglog_configresulted in a perma-diff (#9950)publishing_optionsongoogle_privateca_ca_poolwhen both attributes set false (#9926)google_storage_bucket_object(#9937)v3.82.0Compare Source
FEATURES:
google_privateca_certificate_template(#9905)google_compute_firewall_policy(#9887)google_compute_firewall_policy_association(#9887)google_compute_firewall_policy_rule(#9887)IMPROVEMENTS:
collationtogoogle_sql_database_instance(#9888)BUG FIXES:
apigatewayresources (#9871)google_dns_managed_zone(#9898)google_healthcare_hl7_v2_store.parser_configsubfields would error with "...parser_config.version field is immutable..." (#9900)google_os_config_guest_policies(#9872)google_pubsub_schemato deal with eventually consistent deletes (#9863)replicationfields would not update ingoogle_secret_manager_secret(#9894)google_service_usage_consumer_quota_override(#9876)typewhen BUILT_IN ongoogle_sql_user(#9864)google_sql_userwith CLOUD_IAM_USERs on POSTGRES. (#9859)v3.81.0Compare Source
IMPROVEMENTS:
enableattribute togoogle_compute_router_peer(#9776)L3_DEFAULTasip_protocolforgoogle_compute_forwarding_ruleandUNSPECIFIEDasprotocolforgoogle_compute_region_backend_serviceto support network load balancers that forward all protocols and ports. (#9799)security_settingstogoogle_compute_backend_service(#9797)google_essential_contacts_contactto GA (#9822)google_gke_hub_membershipsupport for both//container.googleapis.com/${google_container_cluster.my-cluster.id}andgoogle_container_cluster.my-cluster.idinendpoint.0.gke_cluster.0.resource_link(#9765)request_reason(#9794)billing_projectacross all resources. Ifuser_project_overrideis set totrueand abilling_projectis set, theX-Goog-User-Projectheader will be sent for all resources. (#9852)BUG FIXES:
google_assured_workloads_workloadcan delete what it creates (#9835)locationof thegoogle_bigquery_dataset(#9810)wait_for_instancesingoogle_compute_instance_group_managerandgoogle_compute_region_instance_group_managerto no longer block plan / refresh, waiting on managed instance statuses during apply instead (#9832)negative_caching_policycannot be set always revalidate ongoogle_compute_backend_service(#9821)/projectsafter the host (#9834)__name__ongoogle_firestore_index(#9820)google_privateca_certificate_authoritywithmax_issuer_path_length = 0. (#9856)ignore_active_certificates_on_deletionon the importedgoogle_privateca_certificate_authority(#9781)v3.80.0Compare Source
FEATURES:
google_dialogflow_cx_environment(#9738)IMPROVEMENTS:
//container.googleapis.com/${google_container_cluster.my-cluster.id}andgoogle_container_cluster.my-cluster.idreferences ingoogle_gke_hub_membership.endpoint.0.gke_cluster.0.resource_link(#9765)namefield togoogle_kms_crypto_key_versiondatasource (#9762)BUG FIXES:
google_apigee_envgroup(#9740)google_privateca_certificate_authorityof typeSUBORDINATEdue to an invalid attempt to activate it on creation. (#9761)v3.79.0Compare Source
NOTES:
num_nodesfield ongoogle_spanner_instancewill have its default removed in a future major release, and eithernum_nodesorprocessing_unitswill be required. (#9716)FEATURES:
google_dialogflow_cx_entity_type(#9717)google_dialogflow_cx_page(#9683)IMPROVEMENTS:
processing_unitstogoogle_spanner_instance(#9716)customer_encryptiononresource_storage_bucket_object(#9704)v3.78.0Compare Source
FEATURES:
google_gke_hub_membership(#9616)IMPROVEMENTS:
user_project_overrideandbilling_projecttogoogle_service_networking_connection(#9668)BUG FIXES:
azure_blob_storage_data_sourceforgoogle_storage_transfer_job(#9644)google_sql_userin state for iam users. (#9625)azure_credentialswas defined ingoogle_storage_transfer_job(#9671)v3.77.0Compare Source
FEATURES:
google_scc_notification_config(#9578)IMPROVEMENTS:
log_configfield ofgoogle_compute_region_backend_service(#9568)crypto_replace_ffx_fpe_configandcrypto_replace_ffx_fpe_configas primitive transformation types togoogle_data_loss_prevention_deidentify_template(#9572)BUG FIXES:
destination_dataset_idwas required, it is now optional. (#9605)budget_filter. projectsongoogle_billing_budget(#9598)0.8fromgoogle_backend_service.backend.max_utilizationand it will now default from API. Allmax_connections_xxxandmax_rate_xxxwill also default from API as these are all conditional on balancing mode. (#9587)Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.