v6.40.0

DEPRECATIONS:

• notebook: google_notebook_runtime is deprecated and will be removed in a future major release. Use google_workbench_instance instead. (#23251)

FEATURES:

• New Data Source: google_dataplex_data_quality_rules (#23255)
• New Resource: google_dialogflow_cx_tool (#23192)

IMPROVEMENTS:

• backupdr: added support for updating in-place to the google_backup_dr_backup_plan_association resource (#23237)
• bigqueryanalyticshub: added log_linked_dataset_query_user_email field to google_bigquery_analytics_hub_listing resource (#23238)
• compute: added cipher_suite block with phase1 and phase2 encryption configurations to google_compute_vpn_tunnel resource. (#23253)
• compute: added fingerprint field in google_compute_target_http_proxy and google_compute_target_https_proxy resources. (#23231)
• compute: added headers, expected_output_url, and expected_redirect_response_code fields to test in google_compute_url_map resource and made service field optional (#23199)
• compute: added path_matcher.default_route_action fields to google_compute_region_url_map resource (#23226)
• compute: added workload_policy and group_placement_policy.gpu_topology fields to google_compute_resource_policy resource (ga) (#23229)
• gkehub: added custom_role field to google_gke_hub_scope_rbac_role_binding resource (#23183)
• integrationconnectors: added support for log_config.level for google_integration_connectors_connection (#23224)
• networkconnectivity: added psc_config.producer_instance_location and psc_config.allowed_google_producers_resource_hierarchy_level fields to google_network_connectivity_service_connection_policy (#23240)
• redis: added managed_server_ca to google_redis_cluster resource (#23223)
• resourcemanager: allowed dataproc-control.googleapis.com and stackdriverprovisioning.googleapis.com services in google_project_service resource (#23230)
• storage: removed the hardcoded 80m timeout used during google_storage_bucket deletion when removing an anywhere cache, polling instead. This should speed up deletion in these cases. (#23198)
• vertexai: added region in google_vertex_ai_index_endpoint_deployed_index (#23247)

BUG FIXES:

• beyondcorp: fixed the issue where hubs.internet_gateway.assigned_ips was not populated correctly in the google_beyondcorp_security_gateway resource (#23244)
• compute: fixed google_compute_router_nat where changes to auto_network_tier are always shown after initial apply (#23190)
• compute: fixed validation for target_service field in google_compute_service_attachment resource causing issues when targeting a google_network_services_gateway resource (#23239)
• dataflow: fields network, subnetwork, num_workers, max_num_workers and machine_type will no longer cause permadiff on dataflow_flex_template_job (#23222)
• dataproc: fixed a permadiff with "prodcurrent" and "prodprevious" within image subminor version for google_dataproc_cluster (#23207)
• networksecurity: marked google_network_security_address_group capacity as immutable because it can't be updated in place. (#23209)

v6.39.0

FEATURES:

• New Resource: google_apihub_curation (#23144)
• New Resource: google_compute_interconnect_attachment_group (#23159)
• New Resource: google_compute_interconnect_group (#23159)
• New Resource: google_compute_snapshot_settings (#23151)

IMPROVEMENTS:

• apigee: added client_ip_resolution_config field to google_apigee_environment resource (#23172)
• beyondcorp: added delegating_service_account field to google_beyondcorp_security_gateway resource (#23094)
• bigquery: added data_source_id to update requests through google_bigquery_data_transfer_config (#23134)
• cloudrunv2: added google_cloud_run_v2_job support for depends_on and startup_probe properties (#23179)
• container: added network_performance_config field to google_container_cluster resource (#23098)
• container: promoted flex_start in google_container_cluster to GA (#23093)
• dataplex: added catalog_publishing_enabled field to google_dataplex_datascan resource (#23165)
• datastream: added network_attachment support via psc_interface_config attribute in google_datastream_private_connection (#23091)
• eventarc: made network_attachment field optional in google_eventarc_pipeline (#23133)
• gemini: added disable_web_grounding field to google_gemini_gemini_gcp_enablement_setting resource (#23096)
• gemini: added enable_data_sharing field to google_gemini_data_sharing_with_google_setting resource (#23173)
• gkehub2: added spec.rbacrolebindingactuation field to resource google_gke_hub_feature (#23102)
• gkehub: added custom_role field to google_gke_hub_scope_rbac_role_binding resource (#23183)
• iambeta: enforced workload_identity_pool_managed_identity_id field validation per the documented specifications (#23149)
• pubsub: added message_transform field to google_pubsub_topic resource (#23161)
• pubsub: added message_transforms field to google_pubsub_subscription resource (#23162)

BUG FIXES:

• bigquery: modified google_bigquery_dataset_iam_member to no longer remove authorized views and routines (#23177)
• colab: fixed perma-diff in google_colab_runtime_template caused by the API returning a non-null default value. (#23137)
• colab: fixed perma-diff in google_colab_runtime_template caused by empty blocks. (#23163)
• compute: fixed a permadiff in network_profile field of google_compute_network related to specifying partial self-links (#23164)
• compute: fixed an issue where google_compute_firewall_policy_with_rules.target_resources could see a diff between the beta and v1 API in the resource's self-link (#23170)
• container: fixed nodepool secondary range validation to allow the use of netmasks. (#23142)
• gemini: removed overly restrictive product validation on google_gemini_gemini_gcp_enablement_setting_binding, google_gemini_data_sharing_with_google_setting_binding. New values like GOOGLE_CLOUD_ASSIST will now be accepted. (#23178)

v6.38.0

DEPRECATIONS:

• colab: deprecated post_startup_script_config field in google_colab_runtime_template resource (#23075)

FEATURES:

• New Data Source: google_bigquery_datasets (#23059)
• New Resource: google_dataplex_entry (#23000)

IMPROVEMENTS:

• compute: added numeric_id field to google_compute_region_instance_template resource (#23065)
• compute: added source_subnetwork_ip_ranges_to_nat64 and nat64_subnetwork fields to google_compute_router_nat resource (#23078)
• container: promoted pod_autoscaling field in google_container_cluster resource to GA (#23002)
• datastream: added psc_interface_config field in google_datastream_private_connection resource (#23091)
• dns: added dns64_config field to google_dns_policy resource (#23078)
• filestore: added effective_replication.role and effective_replication.replicas.peer_instance fields to google_filestore_instance resource (#23001)
• netapp: added backup_retention_policy.backup_minimum_enforced_retention_days, backup_retention_policy.daily_backup_immutable, backup_retention_policy.weekly_backup_immutable, backup_retention_policy.monthly_backup_immutable, and backup_retention_policy.manual_backup_immutable fields to google_netapp_backup_vault (#23087)
• networkconnectivity: added IPV6 enum to protocolVersion field in PolicyBasedRoute resource (#23069)
• privateca: added support for setting default values for basic constraints for google_privateca_certificate_template via the null_ca and zero_max_issuer_path_length fields (#22981)
• privateca: added name_constraints field for google_privateca_certificate_template resource (#22981)
• provider: supported service account impersonation in different universes through credential file (#23063)

BUG FIXES:

• colab: fixed perma-diff in google_colab_runtime_template caused by the API returning a non-null default value (#23137)
• compute: fixed an issue where rules ordering in google_compute_region_security_policy caused a diff after apply (#23076)
• filestore: fixed bug where google_filestore_instance.initial_replication field could not be set (#23001)

v6.37.0

FEATURES:

• New Data Source: google_bigquery_table (#22973)
• New Data Source: google_gke_hub_membership (#22972)
• New Resource: google_apigee_security_monitoring_condition (#22953)
• New Resource: google_beyondcorp_security_gateway_application (#22938)
• New Resource: google_cloud_run_v2_worker_pool (#22933)
• New Resource: google_compute_future_reservation (#22860)
• New Resource: google_dataplex_glossary_category (#22835)
• New Resource: google_dataplex_glossary_term (#22835)
• New Resource: google_iam_workforce_pool_provider_key (#22960)
• New Resource: google_managed_kafka_acl (#22957)

IMPROVEMENTS:

• alloydb: added activation_policy field to google_alloydb_instance resource (#22818)
• compute: added in-place update support for mtu field in google_compute_network (#22956)
• compute: promoted google_compute_region_network_firewall_policy_with_rules, google_compute_network_firewall_policy_with_rules, and compute_firewall_policy_with_rules resources to GA (#22958)
• container: added in-place update support for ip_allocation_policy.stack_type field in google_container_cluster resource (#22915)
• container: added in-place update support for enable_multi_networking in google_container_cluster resource (#22924)
• databasemigrationservice: added create_without_validation field to google_database_migration_service_private_connection resource (#22925)
• dataflow: added additional_pipeline_options field to google_dataflow_flex_template_job resource (#22919)
• memorystore: added field desired_auto_created_endpoints for google_memorystore_instance resource (#22871)
• netapp: added hybrid_peering_details and hybrid_replication_type fields to google_netapp_volume_replication resource (#22975)
• netapp: added hybrid_replication_parameters fields to google_netapp_volume resource (#22975)
• netblock: added restricted-googleapis-with-directconnectivity and private-googleapis-with-directconnectivity range_types to google_netblock_ip_ranges data source (#22930)
• netblock: added ipv6 ranges for restricted-googleapis and private-googleapis range_types to google_netblock_ip_ranges data source (#22930)
• privateca: added name_constraints field for google_privateca_certificate_template resource (#22981)
• spanner: added field instance_type to the google_spanner_instance resource (#22916)
• storage: added ip_filter to google_storage_bucket resource. (#22976)

BUG FIXES:

• compute: fixed forced instance recreation when adding a attached_disk with force_attach being false to google_compute_instance (#22954)
• gemini: fixed permadiff on product field in google_gemini_logging_setting_binding resource (#22819)
• gemini: fixed permadiff on product field in google_gemini_release_channel_setting_binding resource (#22929)
• networkservices: fixed validation error when modifying the cache_mode field in edge_cache_service (#22932)
• privateca: fixed issue preventing setting 0 and null values for basic constraints in the google_privateca_certificate_template resource via the addition of null_ca and zero_max_issuer_path_length fields (#22981)
• vpcaccess: fixed an issue where Terraform config validation conditions could have erroneously invalidated existing google_vpc_access_connector resources (#22837)

v6.36.1

BUG FIXES:

• compute: fixed forced instance recreation when adding a attached_disk with unset force_attach to google_compute_instance (#22954)

v6.36.0

DEPRECATIONS:

• beyondcorp: deprecated google_beyondcorp_application (#22754)
• firestore: deprecated deletion_policy field of google_firestore_database resource (#22764)

FEATURES:

• New Data Source: google_beyondcorp_security_gateway (#22793)
• New Data Source: google_lustre_instance (#22766)
• New Resource: google_bigquery_row_access_policy (#22806)
• New Resource: google_dataplex_glossary (#22794)
• New Resource: google_firebase_app_hosting_default_domain (#22748)
• New Resource: google_firebase_app_hosting_domain (#22748)
• New Resource: google_firebase_app_hosting_traffic (#22748)
• New Resource: google_network_security_intercept_deployment (#22790)
• New Resource: google_network_security_intercept_deployment_group (#22790)
• New Resource: google_network_security_intercept_endpoint_group (#22790)
• New Resource: google_network_security_intercept_endpoint_group_association (#22790)

IMPROVEMENTS:

• beyondcorp: increased default timeouts on google_beyondcorp_app_gateway operations from 20m to 40m (#22805)
• bigtable: added deletion_protection field to google_bigtable_logical_view resource (#22755)
• compute: added 'H2C' as a supported value for protocol in google_compute_backend_service and google_compute_region_backend_service (#22791)
• compute: added external_managed_backend_bucket_migration_state and external_managed_backend_bucket_migration_testing_percentage to google_compute_global_forwarding_rule resource. (#22781)
• compute: added external_managed_migration_state and external_managed_migration_testing_percentage to google_compute_backend_service resource. (#22781)
• compute: added force_attach field to boot_disk and attached_disk of google_compute_instance resource (#22801)
• compute: added numeric_id to google_compute_instance_template resource (#22763)
• compute: added the numeric id as generated_id attribute to the google_compute_network_endpoint_group (#22780)
• compute: added update support for load_balancing_scheme in google_compute_backend_service and google_compute_global_forwarding_rule resources to allow migrating between classic and global external ALB (#22781)
• container: added in_transit_encryption_config field in google_container_cluster resource (#22758)
• container: allowed in-place update node_config.windows_node_config field in google_container_cluster and google_container_node_pool resource (#22782)
• container: allowed in-place update for node_config.storage_pools field in google_container_cluster and google_container_node_pool resource (#22753)
• dialogflowcx: added event_handlers.trigger_fulfillment.enable_generative_fallback field to google_dialogflow_cx_flow resource (#22671)
• dialogflowcx: added gen_app_builder_settings field to google_dialogflow_cx_agent resource (#22757)
• netapp: added custom_performance_enabled, total_throughput_mibps, and total_iops fields to google_netapp_storage_pool resource (#22778)
• vmwareengine: increased google_cloud_vmwareengine_private_cloud timeout to 6 hours. (#22762)

BUG FIXES:

• compute: added global retry for "resourceNotReady for Networks" 400 errors (#22756)
• dialogflowcx: fixed an issue where dialogflow_cx_custom_endpoint is not correctedly handled (#22792)
• iamoauthclient: marked google_iam_oauth_client_credential.client_secret as sensitive (#22789)
• resourcemanager: fixed an issue in google_projects data source where the provider universe_domain did not overwrite the list URL (#22747)

v6.35.0

BREAKING CHANGES:

• metastore: removed non-functioning tags field from google_dataproc_metastore_service. It was introduced in v6.31.0 but the feature was not yet GA. (#22636)
• redis: removed non-functioning tags field from google_redis_instance . It was introduced in v6.31.0 but the feature was not yet GA. (#22637)

FEATURES:

• New Resource: google_compute_cross_site_network (#22632)

IMPROVEMENTS:

• alloydb: added psc_auto_connections field to google_alloydb_instance resource (#22630)
• apigee: added s_sl_info.enforce field in google_apigee_target_server resource (#22594)
• bigquery: added security_mode option for google_bigquery_routine resource (#22643)
• bigtable: added support for explicit disable automated backup on create for google_bigtable_table (#22635)
• compute: added guest_os_features and architecture to google_compute_instance_template and google_compute_region_instance_template (#22644)
• compute: allowed in-place updates for subnetworks, description, producer_accept_lists, and producer_reject_lists on google_compute_network_attachment (#22611)
• dialogflowcx: added knowledge_connector_settings field to google_dialogflow_cx_flow and google_dialogflow_cx_page resources (#22631)
• netapp: added backup_vault_type, backup_region, source_region, source_backup_vault, and destination_backup_vault fields to google_netapp_backup_vault (#22625)
• netapp: added volume_region and backup_region fields to google_netapp_backup (#22625)
• networkconnectivity: added immutability field to google_network_connectivity_internal_range resource (#22623)
• networkservices: added flex_shielding field to google_network_services_edge_cache_origin resource (#22645)
• spanner: added field default_time_zone to google_spanner_database resource (#22628)
• storage: added new field content_hexsha512 and content_base64sha512 in data source google_storage_bucket_object_content (#22592)

BUG FIXES:

• gemini: fixed bug on google_gemini_code_repository_index where force_destroy field did nothing (#22648)
• privateca: removed requirement to specify organization for google_privateca_certificate_authority resource (#22634)
• workbench: fixed some metadata changes not being reflected in google_workbench_instance (#22612)

v6.34.1

BUG FIXES:

• bigtable: fixed forced instance recreation due to addition of cluster.node_scaling_factor for google_bigtable_instance (#22674)

v6.34.0

DEPRECATIONS:

• tpu: deprecated google_tpu_node resource. google_tpu_node is deprecated and will be removed in a future major release. Use google_tpu_v2_vm instead. (#22552)

FEATURES:

• New Resource: google_apigee_security_profile_v2 (#22524)

IMPROVEMENTS:

• bigtable: added cluster.node_scaling_factor field to google_bigtable_instance resource (#22560)
• cloudrunv2: added scaling_mode and manual_instance_count fields to google_cloud_run_v2_service resource (#22561)
• networkconnectivity: added state_reason field to google_network_connectivity_spoke resource (#22525)
• sql: added connection_pool_config field to the google_sql_database_instance resource (#22583)
• vpcaccess: changed fields min_instances, max_instances, machine_type to allow update google_vpc_access_connector without recreation. (#22572)

BUG FIXES:

• compute: fixed the bug when validating the subnetwork project in google_compute_instance resource (#22571)
• workbench: fixed a permadiff on metadata of instance-region in google_workbench_instance resource (#22553)

v6.33.0

FEATURES:

• New Data Source: google_memcache_instance (#22477)
• New Resource: google_bigtable_logical_view (#22499)
• New Resource: google_bigtable_materialized_view (#22475)
• New Resource: google_compute_region_security_policy_rule (ga) (#22443)
• New Resource: google_compute_region_security_policy (ga) (#22443)
• New Resource: google_os_config_v2_policy_orchestrator_for_folder (#22441)

IMPROVEMENTS:

• beyondcorp: added upstreams fields to google_beyondcorp_application resource (#22514)
• compute: added fields like raw_key, rsa_encrypted_key, kms_key_service_account to all relevant resources on google_compute_instance_template and google_compute_region_instance_template (#22503)
• compute: added disk_id to google_compute_region_disk resource (#22462)
• compute: marked location field as required in google_compute_interconnect resource (#22480)
• container: added data_cache_count to ephemeral_storage_local_ssd_config for google_container_node_pool (#22456)
• container: added update for gvnic to google_container_node_pool (#22421)
• dataplex: added notification_report field to google_dataplex_datascan resource (#22464)
• gkehub: added configmanagement.config_sync.deployment_overrides field to google_gke_hub_feature_membership resource (#22403)
• identityplatform: added response_type field to google_identity_platform_oauth_idp_config (#22463)
• networkservices: added metadata field to google_networkservices_lbtrafficextension resource (#22454)
• sql: added output-only field dns_names to google_sql_database_instance resource (#22502)
• storage: added new fields time_created and updated in google_storage_bucket (#22500)
• storagetransfer: added transfer_spec.aws_s3_data_source.managed_private_network field to google_storage_transfer_job resource (#22509)

BUG FIXES:

• alloydb: stopped diffs when google_alloydb_instance.network_config is not specified as the API newly returns a value. Removing the field from config will no longer create a diff and will preserve the current value (#22504)
• clouddeploy: allowed sending empty block for rollback field in google_clouddeploy_automation resource. (#22501)
• compute: fixed an issue preventing terms.priority from being set to priority value 0 in google_compute_router_route_policy resource (#22417)
• securesourcemanager: increased default timeouts on google_secure_source_manager_instance operations to 120m from 60m. Operations could take longer than an hour. (#22483)
• sql: replaced the Terraform-based default value for settings.disk_type in google_sql_database_instance with a server-assigned default, allowing for compatibility with machine types that require HyperDisk_Balanced (#22485)
• workstations: increased default timeouts on google_workstations_workstation_cluster operations to 120m from 60m. Operations could take longer than an hour. (#22482)