feat(deps): Expand Terraform Google Provider to v5 (major)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Pending
google (source)	required_provider	major	>= 3.77, < 5.0 -> >= 3.77, < 5.5	5.5.0
google-beta (source)	required_provider	major	>= 3.77, < 5.0 -> >= 3.77, < 5.5	5.5.0

---

Release Notes

hashicorp/terraform-provider-google (google)

v5.4.0

Compare Source

DEPRECATIONS:

• bigquery: deprecated cloud_spanner.use_serverless_analytics on google_bigquery_connection. Use cloud_spanner.use_data_boost instead. (#​16310)

NOTES:

• provider: added universe_domain attribute as a provider attribute (#​16323)

BREAKING CHANGES:

• cloudrunv2: marked location field as required in resource google_cloud_run_v2_job. Any configuration without location specified will cause resource creation fail (#​16311)
• cloudrunv2: marked location field as required in resource google_cloud_run_v2_service. Any configuration without location specified will cause resource creation fail (#​16311)

FEATURES:

• New Data Source: google_cloud_identity_group_lookup (#​16296)
• New Resource: google_network_connectivity_policy_based_route (#​16326)
• New Resource: google_pubsub_schema_iam_* (#​16301)

IMPROVEMENTS:

• accesscontextmanager: added support for specifying vpc_network_sources to google_access_context_manager_access_levels, google_access_context_manager_access_level, and google_access_context_manager_access_level_condition (#​16327)
• apigee: added support for type in google_apigee_environment (#​16349)
• bigquery: added cloud_spanner.database_role, cloud_spanner.use_data_boost, and cloud_spanner.max_parallelism fields to google_bigquery_connection (#​16310)
• bigquery: added support for iam_member to google_bigquery_dataset.access (#​16322)
• container: promoted field identity_service_config in google_container_cluster to GA (#​16305)
• container: added update support for google_container_node_pool.node_config.taint (#​16306)
• containerattached: added admin_groups field to google_container_attached_cluster resource (#​16307)
• dialogflowcx: added advanced_settings field to google_dialogflow_cx_flow resource (#​16315)
• dialogflowcx: added advanced_settings fields to google_dialogflow_cx_page resource (#​16315)
• dialogflowcx: added advanced_settings, text_to_speech_settings, git_integration_settings fields to google_dialogflow_cx_agent resource (#​16315)

BUG FIXES:

• bigquery: fixed a bug when updating a google_bigquery_dataset that contained an iamMember access rule added out of band with Terraform (#​16322)
• bigqueryreservation: fixed bug of incorrect resource recreation when capacity_commitment_id is unspecified in resource google_bigquery_capacity_commitment (#​16320)
• cloudrunv2: made annotations field on the google_cloud_run_v2_job data source include all annotations present on the resource in GCP (#​16300)
• cloudrunv2: made annotations field on the google_cloud_run_v2_service data source include all annotations present on the resource in GCP (#​16300)
• cloudrunv2: made labels and terraform labels fields on the google_cloud_run_v2_job data source include all annotations present on the resource in GCP (#​16300)
• cloudrunv2: made labels and terraform labels fields on the google_cloud_run_v2_service data source include all annotations present on the resource in GCP (#​16300)
• edgecontainer: fixed an issue where the update endpoint for google_edgecontainer_cluster was incorrect. (#​16347)
• redis: allow replica_count to be set to zero in the google_redis_cluster resource (#​16302)

v5.3.0

Compare Source

DEPRECATIONS:

• bigquery: deprecated time_partitioning.require_partition_filter in favor of new top level field require_partition_filter in resource google_bigquery_table (#​16238)

FEATURES:

• New Data Source: google_cloud_run_v2_job (#​16260)
• New Data Source: google_cloud_run_v2_service (#​16290)
• New Data Source: google_compute_networks (#​16240)
• New Resource: google_org_policy_custom_constraint (#​16220)

IMPROVEMENTS:

• cloudidentity: added additional_group_keys attribute to google_cloud_identity_group resource (#​16250)
• composer: promoted config.0.workloads_config.0.triggerer to GA in resource google_composer_environment (#​16218)
• compute: added internal_ipv6_range to google_compute_network data source and internal_ipv6_prefix field to google_compute_subnetwork data source (#​16267)
• container: added support for security_posture_config.vulnerability_mode value VULNERABILITY_ENTERPRISEin google_container_cluster (#​16283)
• dataform: added ssh_authentication_config and service_account to google_dataform_repository resource (#​16205)
• dataproc: added min_num_instances field to google_dataproc_cluster resource (#​16249)
• gkeonprem: promoted google_gkeonprem_bare_metal_admin_cluster, google_gkeonprem_bare_metal_cluster, and google_gkeonprem_bare_metal_node_pool resources to GA (#​16237)
• gkeonprem: promoted google_gkeonprem_vmware_cluster and google_gkeonprem_vmware_node_pool resources to GA (#​16237)
• logging: added custom_writer_identity field to google_logging_project_sink (#​16216)
• secretmanager: made ttl field mutable in google_secret_manager_secret (#​16285)
• storage: added terminal_storage_class to the autoclass field in google_storage_bucket resource (#​16282)

BUG FIXES:

• bigquerydatatransfer: fixed an error when updating google_bigquery_data_transfer_config related to incorrect update masks (#​16269)
• compute: fixed an error during the deletion when post was set to 0 on google_compute_global_network_endpoint (#​16286)
• compute: fixed an issue with TTLs being sent for google_compute_backend_service when cache_mode is set to USE_ORIGIN_HEADERS (#​16245)
• container: fixed an issue where empty autoscaling block would crash the provider for google_container_node_pool (#​16212)
• dataflow: fixed a bug where resource updates returns an error if only labels has changes for batch google_dataflow_job and google_dataflow_flex_template_job (#​16248)
• dialogflowcx: fixed updating google_dialogflow_cx_version; updates will no longer time out. (#​16214)
• sql: fixed a bug where adding the edition field to a google_sql_database_instance resource that already existed and used ENTERPRISE edition resulted in a permant diff in plans (#​16215)
• sql: removed host validation to support IP address and DNS address in host in google_sql_source_representation_instance resource (#​16235)

v5.2.0

Compare Source

FEATURES:

• New Data Source: google_secret_manager_secrets (#​16182)
• New Resource: google_alloydb_user (#​16141)
• New Resource: google_firestore_backup_schedule (#​16186)
• New Resource: google_redis_cluster (#​16203)

IMPROVEMENTS:

• alloydb: added cluster_type and secondary_config fields to support secondary clusters in google_alloydb_cluster resource. (#​16197)
• compute: added recreate_closed_psc flag to support recreating the PSC Consumer forwarding rule if the psc_connection_status is closed on google_compute_forwarding_rule. (#​16188)
• compute: added INTERNET_IP_PORT, INTERNET_FQDN_PORT, SERVERLESS, and PRIVATE_SERVICE_CONNECT as acceptable values for the network_endpoint_type field for the resource_compute_network_endpoint_group resource (#​16194)
• compute: added SEV_LIVE_MIGRATABLE_V2 to guest_os_features enum on google_compute_image resource. (#​16187)
• compute: added allow_subnet_cidr_routes_overlap field to google_compute_subnetwork resource (#​16116)
• compute: promoted labels, effective_labels, terraform_labels, and label_fingerprint fields in google_compute_address to GA (#​16120)
• compute: promoted internal_ip and external_ip fields in resources google_compute_instance_group_manager and google_compute_region_instance_group_manager to GA (#​16140)
• compute: promoted internal_ip and external_ip fields in resources google_compute_per_instance_config and google_compute_region_per_instance_config to GA (#​16140)
• iamworkforcepool: promoted field oidc.jwks_json in resource google_iam_workforce_pool to GA (#​16199)

BUG FIXES:

• alloydb: added client_connection_config field to google_alloydb_instance resource (#​16202)
• bigquery: removed mutual exclusivity checks for view, materialized_view, and schema for the google_bigquery_table resource (#​16193)
• compute: added certificate_manager_certificates field to google_compute_target_https_proxy resource (#​16179)
• compute: fixed an issue where external google_compute_global_address can't be created when network_tier in google_compute_project_default_network_tier is set to STANDARD (#​16144)
• compute: fixed a false permadiff on ip_address when it is set to ipv6 on google_compute_forwarding_rule (#​16115)
• provider: fixed a bug where an update request was sent to services when updateMask is empty (#​16111)

v5.1.0

Compare Source

FEATURES:

• New Resource: google_database_migration_service_private_connection (#​16104)
• New Resource: google_edgecontainer_cluster (#​16055)
• New Resource: google_edgecontainer_node_pool (#​16055)
• New Resource: google_edgecontainer_vpn_connection (#​16055)
• New Resource: google_firebase_hosting_custom_domain (#​16062)
• New Resource: google_gke_hub_fleet (#​16072)

IMPROVEMENTS:

• compute: added device_name field to scratch_disk block of google_compute_instance resource (#​16049)
• container: added node_config.linux_node_config.cgroup_mode field to google_container_node_pool (#​16103)
• databasemigrationservice: added support for oracle profiles to google_database_migration_service_connection_profile (#​16087)
• firestore: added api_scope field to google_firestore_index resource (#​16085)
• gkehub: added location field to google_gke_hub_membership_iam_* resources (#​16105)
• gkehub: added location field to google_gke_hub_membership resource (#​16105)
• gkeonprem: added update-in-place support for vcenter fields in google_gkeonprem_vmware_cluster (#​16073)
• identityplatform: added sms_region_config to the resource google_identity_platform_config (#​16044)

BUG FIXES:

• dns: fixed record set configuration parsing in google_dns_record_set (#​16042)
• provider: fixed an issue where the plugin-framework implementation of the provider handled default region values that were self-links differently to the SDK implementation. This issue is not believed to have affected users because of downstream functions that turn self links into region names. (#​16100)
• provider: fixed a bug that caused update requests to be sent for resources with a terraform_labels field even if no fields were updated (#​16111)

v5.0.0

Compare Source

KNOWN ISSUES:

• Updating some resources post-upgrade results in an error like "The update_mask in the Update{{Resource}}Request must be set". This should be resolved in 5.1.0, see https://github.com/hashicorp/terraform-provider-google/issues/16091 for details.

Terraform Google Provider 5.0.0 Upgrade Guide

NOTES:

• provider: some provider default values are now shown at plan-time (#​15707)

LABELS REWORK:

• provider: default labels configured on the provider through the new default_labels field are now supported. The default labels configured on the provider will be applied to all of the resources with standard labels field.
• provider: resources with labels - three label-related fields are now in all of the resources with standard labels field. labels field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-only terraform_labels field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-only effective_labels field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.
• provider: resources with annotations - two annotation-related fields are now in all of the resources with standard annotations field. The annotations field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-only effective_annotations field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.
• provider: datasources with labels - three fields labels, terraform_labels, and effective_labels are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent to effective_labels on the resource.
• provider: datasources with annotations - both annotations and effective_annotations are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent to effective_annotations on the resource.

BREAKING CHANGES:

• provider: added provider-level validation so these fields are not set as empty strings in a user's config: credentials, access_token, impersonate_service_account, project, billing_project, region, zone (#​15968)
• provider: fixed many import functions throughout the provider that matched a subset of the provided input when possible. Now, the GCP resource id supplied to "terraform import" must match exactly. (#​15977)
• provider: made data sources return errors on 404s when applicable instead of silently failing (#​15799)
• provider: made empty strings in the provider configuration block no longer be ignored when configuring the provider(#​15968)
• accesscontextmanager: changed multiple array fields to sets where appropriate to prevent duplicates and fix diffs caused by server side reordering. (#​15756)
• bigquery: added more input validations for google_bigquery_table schema (#​15338)
• bigquery: made routine_type required for google_bigquery_routine (#​15517)
• cloudfunction2: made location required on google_cloudfunctions2_function (#​15830)
• cloudiot: removed deprecated datasource google_cloudiot_registry_iam_policy (#​15739)
• cloudiot: removed deprecated resource google_cloudiot_device (#​15739)
• cloudiot: removed deprecated resource google_cloudiot_registry (#​15739)
• cloudiot: removed deprecated resource google_cloudiot_registry_iam_* (#​15739)
• cloudrunv2: removed deprecated field liveness_probe.tcp_socket from google_cloud_run_v2_service resource. (#​15430)
• cloudrunv2: removed deprecated fields startup_probe and liveness_probe from google_cloud_run_v2_job resource. (#​15430)
• cloudrunv2: retyped volumes.cloud_sql_instance.instances to SET from ARRAY for google_cloud_run_v2_service (#​15831)
• compute: made google_compute_node_group require one of initial_size or autoscaling_policy fields configured upon resource creation (#​16006)
• compute: made size in google_compute_node_group an output only field. (#​16006)
• compute: removed default value for rule.rate_limit_options.encorce_on_key on resource google_compute_security_policy (#​15681)
• compute: retyped consumer_accept_lists to a SET from an ARRAY type for google_compute_service_attachment (#​15985)
• container: added deletion_protection to google_container_cluster which is enabled to true by default. When enabled, this field prevents Terraform from deleting the resource. (#​16013)
• container: changed management.auto_repair and management.auto_upgrade defaults to true in google_container_node_pool (#​15931)
• container: changed networking_mode default to VPC_NATIVE for newly created google_container_cluster resources (#​6402)
• container: removed enable_binary_authorization in google_container_cluster (#​15868)
• container: removed default for logging_variant in google_container_node_pool (#​15931)
• container: removed default value in network_policy.provider in google_container_cluster (#​15920)
• container: removed the behaviour that google_container_cluster will delete the cluster if it's created in an error state. Instead, it will mark the cluster as tainted, allowing manual inspection and intervention. To proceed with deletion, run another terraform apply. (#​15887)
• container: reworked the taint field in google_container_cluster and google_container_node_pool to only manage a subset of taint keys based on those already in state. Most existing resources are unaffected, unless they use sandbox_config- see upgrade guide for details. (#​15959)
• dataplex: removed data_profile_result and data_quality_result from google_dataplex_scan (#​15505)
• firebase: changed deletion_policy default to DELETE for google_firebase_web_app. (#​15406)
• firebase: removed google_firebase_project_location (#​15764)
• gameservices: removed Terraform support for gameservices (#​15558)
• logging: changed the default value of unique_writer_identity from false to true in google_logging_project_sink. (#​15743)
• logging: made growth_factor, num_finite_buckets, and scale required for google_logging_metric (#​15680)
• looker: removed LOOKER_MODELER as a possible value in google_looker_instance.platform_edition (#​15956)
• monitoring: fixed perma-diffs in google_monitoring_dashboard.dashboard_json by suppressing values returned by the API that are not in configuration (#​16014)
• monitoring: made labels immutable in google_monitoring_metric_descriptor (#​15988)
• privateca: removed deprecated fields config_values, pem_certificates from google_privateca_certificate (#​15537)
• secretmanager: removed automatic field in google_secret_manager_secret resource (#​15859)
• servicenetworking: used Create instead of Patch to create google_service_networking_connection (#​15761)
• servicenetworking: used the deleteConnection method to delete the resource google_service_networking_connection (#​15934)

FEATURES:

• New Resource: google_scc_folder_custom_module (#​15979)
• New Resource: google_scc_organization_custom_module (#​16012)

IMPROVEMENTS:

• alloydb: added additional fields to google_alloydb_instance and google_alloydb_backup (#​15973)
• artifactregistry: added support for remote APT and YUM repositories to google_artifact_registry_repository (#​15973)
• baremetal: made delete a noop for the resource google_bare_metal_admin_cluster to better align with actual behavior (#​16010)
• bigtable: added state output attribute to google_bigtable_instance clusters (#​15961)
• compute: made google_compute_node_group mutable (#​16006)
• container: added the effective_taints attribute to google_container_cluster and google_container_node_pool, outputting all known taint values (#​15959)
• container: allowed setting addons_config.gcs_fuse_csi_driver_config on google_container_cluster with enable_autopilot: true. (#​15996)
• containeraws: added binary_authorization to google_container_aws_cluster (#​15989)
• containeraws: added update_settings to google_container_aws_node_pool (#​15989)
• google_compute_instance (#​15933)
• osconfig: added week_day_of_month.day_offset field to the google_os_config_patch_deployment resource (#​15997)
• secretmanager: allowed update for rotation.rotation_period field in google_secret_manager_secret resource (#​15952)
• sql: added preferred_zone field to google_sql_database_instance resource (#​15971)
• storagetransfer: added event_stream field to google_storage_transfer_job resource (#​16004)

BUG FIXES:

• bigquery: fixed diff suppression in external_data_configuration.connection_id in google_bigquery_table (#​15983)
• bigquery: fixed view and materialized view creation when schema is specified in google_bigquery_table (#​15442)
• bigtable: avoided re-creation of google_bigtable_instance when cluster is still updating and storage type changed (#​15961)
• bigtable: fixed a bug where dynamically created clusters would incorrectly run into duplication error in google_bigtable_instance (#​15940)
• compute: removed the default value for field reconcile_connections in resource google_compute_service_attachment, the field will now default to a value returned by the API when not set in configuration (#​15919)
• compute: replaced incorrect default value for enable_endpoint_independent_mapping with APIs default in resource google_compute_router_nat (#​15478)
• container: fixed an issue in google_container_node_pool where empty linux_node_config.sysctls would crash the provider (#​15941)
• dataflow: fixed issue causing error message when max_workers and num_workers were supplied via parameters in google_dataflow_flex_template_job (#​15976)
• dataflow: fixed max_workers read value permanently displaying as 0 in google_dataflow_flex_template_job (#​15976)
• dataflow: fixed permadiff when SdkPipeline values are supplied via parameters in google_dataflow_flex_template_job (#​15976)
• identityplayform: fixed a potential perma-diff for sign_in in google_identity_platform_config resource (#​15907)
• firebase: made google_firebase_rules.release immutable (#​15989)
• monitoring: fixed an issue where metadata was not able to be updated in google_monitoring_metric_descriptor (#​16014)
• monitoring: fixed bug where importing google_monitoring_notification_channel failed when no default project was supplied in provider configuration or through environment variables (#​15929)
• secretmanager: fixed an issue in google_secretmanager_secret where replacing replication.automatic with replication.auto would destroy and recreate the resource (#​15922)
• sql: fixed diffs when re-ordering existing database_flags in google_sql_database_instance (#​15678)
• tags: fixed import failure on google_tags_tag_binding (#​16005)
• vertexai: made contents_delta_uri a required field in google_vertex_ai_index as omitting it would result in an error (#​15992)

hashicorp/terraform-provider-google-beta (google-beta)

v5.4.0

Compare Source

DEPRECATIONS:

• bigquery: deprecated cloud_spanner.use_serverless_analytics on google_bigquery_connection. Use cloud_spanner.use_data_boost instead. (#​6539)

NOTES:

• provider: added universe_domain attribute as a provider attribute (#​6551)

BREAKING CHANGES:

• cloudrunv2: marked location field as required in resource google_cloud_run_v2_job. Any configuration without location specified will cause resource creation fail (#​6540)
• cloudrunv2: marked location field as required in resource google_cloud_run_v2_service. Any configuration without location specified will cause resource creation fail (#​6540)

FEATURES:

• New Data Source: google_cloud_identity_group_lookup (#​6530)
• New Resource: google_network_connectivity_policy_based_route (#​6552)
• New Resource: google_pubsub_schema_iam_* (#​6533)

IMPROVEMENTS:

• accesscontextmanager: added support for specifying vpc_network_sources to google_access_context_manager_access_levels, google_access_context_manager_access_level, and google_access_context_manager_access_level_condition (#​6553)
• apigee: added support for type in google_apigee_environment (#​6562)
• bigquery: added cloud_spanner.database_role, cloud_spanner.use_data_boost, and cloud_spanner.max_parallelism fields to google_bigquery_connection (#​6539)
• bigquery: added support for iam_member to google_bigquery_dataset.access (#​6550)
• compute: added maintenance_interval field to google_compute_node_group resource (#​6561)
• container: added enable_confidential_storage to node_config in google_container_cluster and google_container_node_pool (#​6531)
• container: added update support for google_container_node_pool.node_config.taint (#​6536)
• containerattached: added admin_groups field to google_container_attached_cluster resource (#​6537)
• dialogflowcx: added advanced_settings field to google_dialogflow_cx_flow resource (#​6543)
• dialogflowcx: added advanced_settings fields to google_dialogflow_cx_page resource (#​6543)
• dialogflowcx: added advanced_settings, text_to_speech_settings, git_integration_settings fields to google_dialogflow_cx_agent resource (#​6543)
• tpuv2: added cidr_block, labels, tags, network_config, scheduling_config, shielded_instance_config, service_account and data_disks fields to google_tpu_v2_vm (#​6555)
• tpuv2: added accelerator_config field to google_tpu_v2_vm resource (#​6559)

BUG FIXES:

• bigquery: fixed a bug when updating a google_bigquery_dataset that contained an iamMember access rule added out of band with Terraform (#​6550)
• bigqueryreservation: fixed bug of incorrect resource recreation when capacity_commitment_id is unspecified in resource google_bigquery_capacity_commitment (#​6548)
• cloudrunv2: made annotations field on the google_cloud_run_v2_job data source include all annotations present on the resource in GCP (#​6532)
• cloudrunv2: made annotations field on the google_cloud_run_v2_service data source include all annotations present on the resource in GCP (#​6532)
• cloudrunv2: made labels and terraform labels fields on the google_cloud_run_v2_job data source include all annotations present on the resource in GCP (#​6532)
• cloudrunv2: made labels and terraform labels fields on the google_cloud_run_v2_service data source include all annotations present on the resource in GCP (#​6532)
• edgecontainer: fixed an issue where the update endpoint for google_edgecontainer_cluster was incorrect. (#​6560)
• redis: allow replica_count to be set to zero in the google_redis_cluster resource (#​6534)

v5.3.0

Compare Source

DEPRECATIONS:

• bigquery: deprecated time_partitioning.require_partition_filter in favor of new top level field require_partition_filter in resource google_bigquery_table (#​6496)

FEATURES:

• New Data Source: google_cloud_run_v2_job (#​6508)
• New Data Source: google_cloud_run_v2_service (#​6527)
• New Data Source: google_compute_networks (#​6498)

IMPROVEMENTS:

• cloudidentity: added additional_group_keys attribute to google_cloud_identity_group resource (#​6504)
• compute: added enable_confidential_compute field under boot_disk.0.initialize_params in google_compute_instance (#​6528)
• compute: added internal_ipv6_range to google_compute_network data source and internal_ipv6_prefix field to data.google_compute_subnetwork data source (#​6514)
• container: added support for security_posture_config.vulnerability_mode value VULNERABILITY_ENTERPRISE in google_container_cluster (#​6520)
• dataform: added ssh_authentication_config and service_account to google_dataform_repository resource (#​6480)
• dataproc: added min_num_instances field to google_dataproc_cluster resource (#​6503)
• logging: added custom_writer_identity field to google_logging_project_sink (#​6486)
• secretmanager: made ttl field mutable in google_secret_manager_secret (#​6521)
• storage: added terminal_storage_class to the autoclass field in google_storage_bucket resource (#​6519)

BUG FIXES:

• bigquerydatatransfer: fixed an error when updating google_bigquery_data_transfer_config related to incorrect update masks (#​6516)
• cloudrunv2: fixed a bug where google_cloud_run_v2_service.custom_audiences could not be set or updated properly (#​6482)
• compute: fixed an error during the deletion when post was set to 0 on google_compute_global_network_endpoint (#​6523)
• compute: fixed an issue with TTLs being sent for google_compute_backend_service when cache_mode is set to USE_ORIGIN_HEADERS (#​6499)
• container: fixed an issue where empty autoscaling block would crash the provider for google_container_node_pool (#​6483)
• dataflow: fixed a bug where resource updates returns an error if only labels has changes for batch google_dataflow_job and google_dataflow_flex_template_job (#​6502)
• dialogflowcx: fixed updating google_dialogflow_cx_version; updates will no longer time out. (#​6484)
• sql: fixed a bug where adding the edition field to a google_sql_database_instance resource that already existed and used ENTERPRISE edition resulted in a permant diff in plans (#​6485)
• sql: removed host validation to support IP address and DNS address in host in google_sql_source_representation_instance resource (#​6493)

v5.2.0

Compare Source

FEATURES:

• New Data Source: google_secret_manager_secrets (#​6463)
• New Resource: google_alloydb_user (#​6454)
• New Resource: google_firestore_backup_schedule (#​6465)

IMPROVEMENTS:

• alloydb: added cluster_type and secondary_config fields to support secondary clusters in google_alloydb_cluster resource. (#​6474)
• compute: added recreate_closed_psc flag to support recreating the PSC Consumer forwarding rule if the psc_connection_status is closed on google_compute_forwarding_rule. (#​6468)
• compute: added INTERNET_IP_PORT, INTERNET_FQDN_PORT, SERVERLESS, and PRIVATE_SERVICE_CONNECT as acceptable values for the network_endpoint_type field for the resource_compute_network_endpoint_group resource (#​6472)
• compute: added SEV_LIVE_MIGRATABLE_V2 to guest_os_features enum on google_compute_image resource. (#​6466)
• compute: added allow_subnet_cidr_routes_overlap field to google_compute_subnetwork resource (#​6445)
• dataform: added ssh_authentication_config and service_account to google_dataform_repository resource (#​6480)

BUG FIXES:

• alloydb: added client_connection_config field to google_alloydb_instance resource (#​6478)
• bigquery: removed mutual exclusivity checks for view, materialized_view, and schema for the google_bigquery_table resource (#​6471)
• compute: added certificate_manager_certificates field to google_compute_target_https_proxy resource (#​6460)
• compute: added validation to prevent setting empty rule.action.source_nat_active_ranges to google_compute_router_nat resource (#​6467)
• compute: fixed an issue where external google_compute_global_address can't be created when network_tier in google_compute_project_default_network_tier is set to STANDARD (#​6456)
• compute: fixed a false permadiff on ip_address when it is set to ipv6 on google_compute_forwarding_rule (#​6444)
• provider: fixed a bug where an update request was sent to services when updateMask is empty (#​6443)
• securitypolicy: fixed a bug where setting advanced_options_config.user_ip_request_headers field with empty value was not cleaning the list (#​6470)

v5.1.0

Compare Source

FEATURES:

• New Resource: google_database_migration_service_private_connection (#​6436)))
• New Resource: google_edgecontainer_cluster (#​6406)
• New Resource: google_edgecontainer_node_pool (#​6406)
• New Resource: google_edgecontainer_vpn_connection (#​6406)
• New Resource: google_firebase_hosting_custom_domain (#​6409)
• New Resource: google_gke_hub_fleet (#​6417)

IMPROVEMENTS:

• compute: added device_name field to scratch_disk block of google_compute_instance resource (#​6401)
• container: added node_config.linux_node_config.cgroup_mode field to google_container_node_pool (#​6435)
• databasemigrationservice: added support for oracle profiles to google_database_migration_service_connection_profile (#​6426)
• firestore: added api_scope field to google_firestore_index resource (#​6424)
• gkehub: added location field to google_gke_hub_membership_iam_* resources (#​6437)
• gkehub: added location field to google_gke_hub_membership resource (#​6437)
• gkeonprem: added update-in-place support for vcenter fields in google_gkeonprem_vmware_cluster (#​6418)
• identityplatform: added sms_region_config to the resource google_identity_platform_config (#​6398)

BUG FIXES:

• dns: fixed record set configuration parsing in google_dns_record_set (#​6397)
• provider: fixed an issue where the plugin-framework implementation of the provider handled default region values that were self-links differently to the SDK implementation. This issue is not believed to have affected users because of downstream functions that turn self links into region names. (#​6432)
• provider: fixed a bug that caused update requests to be sent for resources with a terraform_labels field even if no fields were updated (#​6443)

v5.0.0

Compare Source

KNOWN ISSUES:

• Updating some resources post-upgrade results in an error like "The update_mask in the Update{{Resource}}Request must be set". This should be resolved in 5.1.0, see https://github.com/hashicorp/terraform-provider-google/issues/16091 for details.

Terraform Google Provider 5.0.0 Upgrade Guide

NOTES:

• provider: some provider default values are now shown at plan-time (#​6188)

LABELS REWORK:

• provider: default labels configured on the provider through the new default_labels field are now supported. The default labels configured on the provider will be applied to all of the resources with standard labels field.
• provider: resources with labels - three label-related fields are now in all of the resources with standard labels field. labels field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-only terraform_labels field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-only effective_labels field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.
• provider: resources with annotations - two annotation-related fields are now in all of the resources with standard annotations field. The annotations field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-only effective_annotations field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.
• provider: datasources with labels - three fields labels, terraform_labels, and effective_labels are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent to effective_labels on the resource.
• provider: datasources with annotations - both annotations and effective_annotations are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent to effective_annotations on the resource.

BREAKING CHANGES:

• provider: added provider-level validation so these fields are not set as empty strings in a user's config: credentials, access_token, impersonate_service_account, project, billing_project, region, zone (#​6358)
• provider: fixed many import functions throughout the provider that matched a subset of the provided input when possible. Now, the GCP resource id supplied to "terraform import" must match exactly. (#​6364)
• provider: made data sources return errors on 404s when applicable instead of silently failing (#​6241)
• provider: made empty strings in the provider configuration block no longer be ignored when configuring the provider (#​6358)
• accesscontextmanager: changed multiple array fields to sets where appropriate to prevent duplicates and fix diffs caused by server side reordering. (#​6217)
• bigquery: added more input validations for google_bigquery_table sch

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.

[dpebot]

/gcbrun