feat(deps): Update Terraform Google Provider to v5 (major) - autoclosed #149
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
>= 3.53, < 5.0
->>= 3.53, < 5.4
5.4.0
>= 3.35, < 5.0
->>= 3.35, < 5.4
5.4.0
Release Notes
hashicorp/terraform-provider-google (google)
v5.3.0
Compare Source
DEPRECATIONS:
time_partitioning.require_partition_filter
in favor of new top level fieldrequire_partition_filter
in resourcegoogle_bigquery_table
(#16238)FEATURES:
google_cloud_run_v2_job
(#16260)google_cloud_run_v2_service
(#16290)google_compute_networks
(#16240)google_org_policy_custom_constraint
(#16220)IMPROVEMENTS:
additional_group_keys
attribute togoogle_cloud_identity_group
resource (#16250)config.0.workloads_config.0.triggerer
to GA in resourcegoogle_composer_environment
(#16218)internal_ipv6_range
togoogle_compute_network
data source andinternal_ipv6_prefix
field togoogle_compute_subnetwork
data source (#16267)security_posture_config.vulnerability_mode
valueVULNERABILITY_ENTERPRISE
ingoogle_container_cluster
(#16283)ssh_authentication_config
andservice_account
togoogle_dataform_repository
resource (#16205)min_num_instances
field togoogle_dataproc_cluster
resource (#16249)google_gkeonprem_bare_metal_admin_cluster
,google_gkeonprem_bare_metal_cluster
, andgoogle_gkeonprem_bare_metal_node_pool
resources to GA (#16237)google_gkeonprem_vmware_cluster
andgoogle_gkeonprem_vmware_node_pool
resources to GA (#16237)custom_writer_identity
field togoogle_logging_project_sink
(#16216)ttl
field mutable ingoogle_secret_manager_secret
(#16285)terminal_storage_class
to theautoclass
field ingoogle_storage_bucket
resource (#16282)BUG FIXES:
google_bigquery_data_transfer_config
related to incorrect update masks (#16269)google_compute_global_network_endpoint
(#16286)google_compute_backend_service
whencache_mode
is set toUSE_ORIGIN_HEADERS
(#16245)autoscaling
block would crash the provider forgoogle_container_node_pool
(#16212)labels
has changes for batchgoogle_dataflow_job
andgoogle_dataflow_flex_template_job
(#16248)google_dialogflow_cx_version
; updates will no longer time out. (#16214)edition
field to agoogle_sql_database_instance
resource that already existed and used ENTERPRISE edition resulted in a permant diff in plans (#16215)google_sql_source_representation_instance
resource (#16235)v5.2.0
Compare Source
FEATURES:
google_secret_manager_secrets
(#16182)google_alloydb_user
(#16141)google_firestore_backup_schedule
(#16186)google_redis_cluster
(#16203)IMPROVEMENTS:
cluster_type
andsecondary_config
fields to support secondary clusters ingoogle_alloydb_cluster
resource. (#16197)recreate_closed_psc
flag to support recreating the PSC Consumer forwarding rule if thepsc_connection_status
is closed ongoogle_compute_forwarding_rule
. (#16188)INTERNET_IP_PORT
,INTERNET_FQDN_PORT
,SERVERLESS
, andPRIVATE_SERVICE_CONNECT
as acceptable values for thenetwork_endpoint_type
field for theresource_compute_network_endpoint_group
resource (#16194)SEV_LIVE_MIGRATABLE_V2
toguest_os_features
enum ongoogle_compute_image
resource. (#16187)allow_subnet_cidr_routes_overlap
field togoogle_compute_subnetwork
resource (#16116)labels
,effective_labels
,terraform_labels
, andlabel_fingerprint
fields ingoogle_compute_address
to GA (#16120)internal_ip
andexternal_ip
fields in resourcesgoogle_compute_instance_group_manager
andgoogle_compute_region_instance_group_manager
to GA (#16140)internal_ip
andexternal_ip
fields in resourcesgoogle_compute_per_instance_config
andgoogle_compute_region_per_instance_config
to GA (#16140)oidc.jwks_json
in resourcegoogle_iam_workforce_pool
to GA (#16199)BUG FIXES:
client_connection_config
field togoogle_alloydb_instance
resource (#16202)view
,materialized_view
, andschema
for thegoogle_bigquery_table
resource (#16193)certificate_manager_certificates
field togoogle_compute_target_https_proxy
resource (#16179)google_compute_global_address
can't be created whennetwork_tier
ingoogle_compute_project_default_network_tier
is set toSTANDARD
(#16144)ip_address
when it is set to ipv6 ongoogle_compute_forwarding_rule
(#16115)v5.1.0
Compare Source
FEATURES:
google_database_migration_service_private_connection
(#16104)google_edgecontainer_cluster
(#16055)google_edgecontainer_node_pool
(#16055)google_edgecontainer_vpn_connection
(#16055)google_firebase_hosting_custom_domain
(#16062)google_gke_hub_fleet
(#16072)IMPROVEMENTS:
device_name
field toscratch_disk
block ofgoogle_compute_instance
resource (#16049)node_config.linux_node_config.cgroup_mode
field togoogle_container_node_pool
(#16103)oracle
profiles togoogle_database_migration_service_connection_profile
(#16087)api_scope
field togoogle_firestore_index
resource (#16085)location
field togoogle_gke_hub_membership_iam_*
resources (#16105)location
field togoogle_gke_hub_membership
resource (#16105)vcenter
fields ingoogle_gkeonprem_vmware_cluster
(#16073)sms_region_config
to the resourcegoogle_identity_platform_config
(#16044)BUG FIXES:
google_dns_record_set
(#16042)terraform_labels
field even if no fields were updated (#16111)v5.0.0
Compare Source
KNOWN ISSUES:
5.1.0
, see https://github.com/hashicorp/terraform-provider-google/issues/16091 for details.Terraform Google Provider 5.0.0 Upgrade Guide
NOTES:
LABELS REWORK:
default_labels
field are now supported. The default labels configured on the provider will be applied to all of the resources with standardlabels
field.labels
field.labels
field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-onlyterraform_labels
field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-onlyeffective_labels
field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.annotations
field. Theannotations
field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-onlyeffective_annotations
field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.labels
,terraform_labels
, andeffective_labels
are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent toeffective_labels
on the resource.annotations
andeffective_annotations
are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent toeffective_annotations
on the resource.BREAKING CHANGES:
credentials
,access_token
,impersonate_service_account
,project
,billing_project
,region
,zone
(#15968)google_bigquery_table
schema (#15338)routine_type
required forgoogle_bigquery_routine
(#15517)location
required ongoogle_cloudfunctions2_function
(#15830)google_cloudiot_registry_iam_policy
(#15739)google_cloudiot_device
(#15739)google_cloudiot_registry
(#15739)google_cloudiot_registry_iam_*
(#15739)liveness_probe.tcp_socket
fromgoogle_cloud_run_v2_service
resource. (#15430)startup_probe
andliveness_probe
fromgoogle_cloud_run_v2_job
resource. (#15430)volumes.cloud_sql_instance.instances
to SET from ARRAY forgoogle_cloud_run_v2_service
(#15831)google_compute_node_group
require one ofinitial_size
orautoscaling_policy
fields configured upon resource creation (#16006)size
ingoogle_compute_node_group
an output only field. (#16006)rule.rate_limit_options.encorce_on_key
on resourcegoogle_compute_security_policy
(#15681)consumer_accept_lists
to a SET from an ARRAY type forgoogle_compute_service_attachment
(#15985)deletion_protection
togoogle_container_cluster
which is enabled totrue
by default. When enabled, this field prevents Terraform from deleting the resource. (#16013)management.auto_repair
andmanagement.auto_upgrade
defaults to true ingoogle_container_node_pool
(#15931)networking_mode
default toVPC_NATIVE
for newly createdgoogle_container_cluster
resources (#6402)enable_binary_authorization
ingoogle_container_cluster
(#15868)logging_variant
ingoogle_container_node_pool
(#15931)network_policy.provider
ingoogle_container_cluster
(#15920)google_container_cluster
will delete the cluster if it's created in an error state. Instead, it will mark the cluster as tainted, allowing manual inspection and intervention. To proceed with deletion, run anotherterraform apply
. (#15887)taint
field ingoogle_container_cluster
andgoogle_container_node_pool
to only manage a subset of taint keys based on those already in state. Most existing resources are unaffected, unless they usesandbox_config
- see upgrade guide for details. (#15959)data_profile_result
anddata_quality_result
fromgoogle_dataplex_scan
(#15505)deletion_policy
default toDELETE
forgoogle_firebase_web_app
. (#15406)google_firebase_project_location
(#15764)gameservices
(#15558)unique_writer_identity
fromfalse
totrue
ingoogle_logging_project_sink
. (#15743)growth_factor
,num_finite_buckets
, andscale
required forgoogle_logging_metric
(#15680)LOOKER_MODELER
as a possible value ingoogle_looker_instance.platform_edition
(#15956)google_monitoring_dashboard.dashboard_json
by suppressing values returned by the API that are not in configuration (#16014)labels
immutable ingoogle_monitoring_metric_descriptor
(#15988)config_values
,pem_certificates
fromgoogle_privateca_certificate
(#15537)automatic
field ingoogle_secret_manager_secret
resource (#15859)google_service_networking_connection
(#15761)deleteConnection
method to delete the resourcegoogle_service_networking_connection
(#15934)FEATURES:
google_scc_folder_custom_module
(#15979)google_scc_organization_custom_module
(#16012)IMPROVEMENTS:
google_alloydb_instance
andgoogle_alloydb_backup
(#15973)google_artifact_registry_repository
(#15973)google_bare_metal_admin_cluster
to better align with actual behavior (#16010)state
output attribute togoogle_bigtable_instance
clusters (#15961)google_compute_node_group
mutable (#16006)effective_taints
attribute togoogle_container_cluster
andgoogle_container_node_pool
, outputting all known taint values (#15959)addons_config.gcs_fuse_csi_driver_config
ongoogle_container_cluster
withenable_autopilot: true
. (#15996)binary_authorization
togoogle_container_aws_cluster
(#15989)update_settings
togoogle_container_aws_node_pool
(#15989)week_day_of_month.day_offset
field to thegoogle_os_config_patch_deployment
resource (#15997)rotation.rotation_period
field ingoogle_secret_manager_secret
resource (#15952)preferred_zone
field togoogle_sql_database_instance
resource (#15971)event_stream
field togoogle_storage_transfer_job
resource (#16004)BUG FIXES:
external_data_configuration.connection_id
ingoogle_bigquery_table
(#15983)google_bigquery_table
(#15442)google_bigtable_instance
when cluster is still updating and storage type changed (#15961)google_bigtable_instance
(#15940)reconcile_connections
in resourcegoogle_compute_service_attachment
, the field will now default to a value returned by the API when not set in configuration (#15919)enable_endpoint_independent_mapping
with APIs default in resourcegoogle_compute_router_nat
(#15478)google_container_node_pool
where emptylinux_node_config.sysctls
would crash the provider (#15941)google_dataflow_flex_template_job
(#15976)google_dataflow_flex_template_job
(#15976)google_dataflow_flex_template_job
(#15976)sign_in
ingoogle_identity_platform_config
resource (#15907)google_firebase_rules.release
immutable (#15989)metadata
was not able to be updated ingoogle_monitoring_metric_descriptor
(#16014)google_monitoring_notification_channel
failed when no default project was supplied in provider configuration or through environment variables (#15929)google_secretmanager_secret
where replacingreplication.automatic
withreplication.auto
would destroy and recreate the resource (#15922)database_flags
ingoogle_sql_database_instance
(#15678)google_tags_tag_binding
(#16005)contents_delta_uri
a required field ingoogle_vertex_ai_index
as omitting it would result in an error (#15992)hashicorp/terraform-provider-google-beta (google-beta)
v5.3.0
Compare Source
DEPRECATIONS:
time_partitioning.require_partition_filter
in favor of new top level fieldrequire_partition_filter
in resourcegoogle_bigquery_table
(#6496)FEATURES:
google_cloud_run_v2_job
(#6508)google_cloud_run_v2_service
(#6527)google_compute_networks
(#6498)IMPROVEMENTS:
additional_group_keys
attribute togoogle_cloud_identity_group
resource (#6504)enable_confidential_compute
field underboot_disk.0.initialize_params
ingoogle_compute_instance
(#6528)internal_ipv6_range
togoogle_compute_network
data source andinternal_ipv6_prefix
field todata.google_compute_subnetwork
data source (#6514)security_posture_config.vulnerability_mode
valueVULNERABILITY_ENTERPRISE
ingoogle_container_cluster
(#6520)ssh_authentication_config
andservice_account
togoogle_dataform_repository
resource (#6480)min_num_instances
field togoogle_dataproc_cluster
resource (#6503)custom_writer_identity
field togoogle_logging_project_sink
(#6486)ttl
field mutable ingoogle_secret_manager_secret
(#6521)terminal_storage_class
to theautoclass
field ingoogle_storage_bucket
resource (#6519)BUG FIXES:
google_bigquery_data_transfer_config
related to incorrect update masks (#6516)google_cloud_run_v2_service.custom_audiences
could not be set or updated properly (#6482)google_compute_global_network_endpoint
(#6523)google_compute_backend_service
whencache_mode
is set toUSE_ORIGIN_HEADERS
(#6499)autoscaling
block would crash the provider forgoogle_container_node_pool
(#6483)labels
has changes for batchgoogle_dataflow_job
andgoogle_dataflow_flex_template_job
(#6502)google_dialogflow_cx_version
; updates will no longer time out. (#6484)edition
field to agoogle_sql_database_instance
resource that already existed and used ENTERPRISE edition resulted in a permant diff in plans (#6485)google_sql_source_representation_instance
resource (#6493)v5.2.0
Compare Source
FEATURES:
google_secret_manager_secrets
(#6463)google_alloydb_user
(#6454)google_firestore_backup_schedule
(#6465)IMPROVEMENTS:
cluster_type
andsecondary_config
fields to support secondary clusters ingoogle_alloydb_cluster
resource. (#6474)recreate_closed_psc
flag to support recreating the PSC Consumer forwarding rule if thepsc_connection_status
is closed ongoogle_compute_forwarding_rule
. (#6468)INTERNET_IP_PORT
,INTERNET_FQDN_PORT
,SERVERLESS
, andPRIVATE_SERVICE_CONNECT
as acceptable values for thenetwork_endpoint_type
field for theresource_compute_network_endpoint_group
resource (#6472)SEV_LIVE_MIGRATABLE_V2
toguest_os_features
enum ongoogle_compute_image
resource. (#6466)allow_subnet_cidr_routes_overlap
field togoogle_compute_subnetwork
resource (#6445)ssh_authentication_config
andservice_account
togoogle_dataform_repository
resource (#6480)BUG FIXES:
client_connection_config
field togoogle_alloydb_instance
resource (#6478)view
,materialized_view
, andschema
for thegoogle_bigquery_table
resource (#6471)certificate_manager_certificates
field togoogle_compute_target_https_proxy
resource (#6460)rule.action.source_nat_active_ranges
togoogle_compute_router_nat
resource (#6467)google_compute_global_address
can't be created whennetwork_tier
ingoogle_compute_project_default_network_tier
is set toSTANDARD
(#6456)ip_address
when it is set to ipv6 ongoogle_compute_forwarding_rule
(#6444)advanced_options_config.user_ip_request_headers
field with empty value was not cleaning the list (#6470)v5.1.0
Compare Source
FEATURES:
google_database_migration_service_private_connection
(#6436)))google_edgecontainer_cluster
(#6406)google_edgecontainer_node_pool
(#6406)google_edgecontainer_vpn_connection
(#6406)google_firebase_hosting_custom_domain
(#6409)google_gke_hub_fleet
(#6417)IMPROVEMENTS:
device_name
field toscratch_disk
block ofgoogle_compute_instance
resource (#6401)node_config.linux_node_config.cgroup_mode
field togoogle_container_node_pool
(#6435)oracle
profiles togoogle_database_migration_service_connection_profile
(#6426)api_scope
field togoogle_firestore_index
resource (#6424)location
field togoogle_gke_hub_membership_iam_*
resources (#6437)location
field togoogle_gke_hub_membership
resource (#6437)vcenter
fields ingoogle_gkeonprem_vmware_cluster
(#6418)sms_region_config
to the resourcegoogle_identity_platform_config
(#6398)BUG FIXES:
google_dns_record_set
(#6397)terraform_labels
field even if no fields were updated (#6443)v5.0.0
Compare Source
KNOWN ISSUES:
5.1.0
, see https://github.com/hashicorp/terraform-provider-google/issues/16091 for details.Terraform Google Provider 5.0.0 Upgrade Guide
NOTES:
LABELS REWORK:
default_labels
field are now supported. The default labels configured on the provider will be applied to all of the resources with standardlabels
field.labels
field.labels
field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-onlyterraform_labels
field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-onlyeffective_labels
field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.annotations
field. Theannotations
field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-onlyeffective_annotations
field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.labels
,terraform_labels
, andeffective_labels
are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent toeffective_labels
on the resource.annotations
andeffective_annotations
are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent toeffective_annotations
on the resource.BREAKING CHANGES:
credentials
,access_token
,impersonate_service_account
,project
,billing_project
,region
,zone
(#6358)google_bigquery_table
schema (#5975)routine_type
required forgoogle_bigquery_routine
(#6080)location
required ongoogle_cloudfunctions2_function
(#6260)google_cloudiot_registry_iam_policy
(#6206)google_cloudiot_device
(#6206)google_cloudiot_registry
(#6206)google_cloudiot_registry_iam_*
(#6206)liveness_probe.tcp_socket
fromgoogle_cloud_run_v2_service
resource. (#6029)startup_probe
andliveness_probe
fromgoogle_cloud_run_v2_job
resource. (#6029)volumes.cloud_sql_instance.instances
to SET from ARRAY forgoogle_cloud_run_v2_service
(#6261)google_compute_node_group
require one ofinitial_size
orautoscaling_policy
fields configured upon resource creation (#6384)size
ingoogle_compute_node_group
an output only field. (#6384)rule.rate_limit_options.encorce_on_key
on resourcegoogle_compute_security_policy
(#6174)consumer_accept_lists
to a SET from an ARRAY type forgoogle_compute_service_attachment
(#6369)deletion_protection
togoogle_container_cluster
which is enabled totrue
by default. When enabled, this field prevents Terraform from deleting the resource. (#6391)management.auto_repair
andmanagement.auto_upgrade
defaults to true ingoogle_container_node_pool
(#6329)networking_mode
default toVPC_NATIVE
for newly createdgoogle_container_cluster
resources (#6402)enable_binary_authorization
ingoogle_container_cluster
(#6285)logging_variant
ingoogle_container_node_pool
(#6329)network_policy.provider
ingoogle_container_cluster
(#6323)google_container_cluster
will delete the cluster if it's created in an error state. Instead, it will mark the cluster as tainted, allowing manual inspection and intervention. To proceed with deletion, run anotherterraform apply
. (#6301)taint
field ingoogle_container_cluster
andgoogle_container_node_pool
to only manage a subset of taint keys based on those already in state. Most existing resources are unaffected, unless they usesandbox_config
- see upgrade guide for details. (#6351)data_profile_result
anddata_quality_result
fromgoogle_dataplex_scan
(#6070)deletion_policy
default toDELETE
forgoogle_firebase_web_app
. (#6018)google_firebase_project_location
(#6223)gameservices
(#6112)unique_writer_identity
fromfalse
totrue
ingoogle_logging_project_sink
. (#6210)growth_factor
,num_finite_buckets
, andscale
required forgoogle_logging_metric
(#6173)LOOKER_MODELER
as a possible value ingoogle_looker_instance.platform_edition
(#6349)google_monitoring_dashboard.dashboard_json
by suppressing values returned by the API that are not in configuration (#6392)labels
immutable ingoogle_monitoring_metric_descriptor
(#6372)config_values
,pem_certificates
fromgoogle_privateca_certificate
(#6097)automatic
field ingoogle_secret_manager_secret
resource (#6279)google_service_networking_connection
(#6222)deleteConnection
method to delete the resourcegoogle_service_networking_connection
(#6332)FEATURES:
google_scc_folder_custom_module
(#6367)google_scc_organization_custom_module
(#6390)IMPROVEMENTS:
google_alloydb_instance
andgoogle_alloydb_backup
(#6363)google_artifact_registry_repository
(#6362)google_bare_metal_admin_cluster
to better align with actual behavior (#6388)state
output attribute togoogle_bigtable_instance
clusters (#6353)google_compute_node_group
mutable (#6384)network_interface.security_policy
field togoogle_compute_instance
resource (#6343)type
field togoogle_compute_router_nat
resource (#6331)rules.action.source_nat_active_ranges
andrules.action.source_nat_drain_ranges
field togoogle_compute_router_nat
resource (#6331)network_attachment
togoogle_compute_instance
(#6331)effective_taints
attribute togoogle_container_cluster
andgoogle_container_node_pool
, outputting all known taint values (#6351)addons_config.gcs_fuse_csi_driver_config
ongoogle_container_cluster
withenable_autopilot: true
. (#6378)binary_authorization
togoogle_container_aws_cluster
(#6373)update_settings
togoogle_container_aws_node_pool
(#6373)week_day_of_month.day_offset
field to thegoogle_os_config_patch_deployment
resource (#6379)rotation.rotation_period
field ingoogle_secret_manager_secret
resource (#6345)preferred_zone
field togoogle_sql_database_instance
resource (#6360)event_stream
field togoogle_storage_transfer_job
resource (#6382)replica_zones
,service_account_scopes
, andenable_audit_agent
togoogle_workstations_workstation_config
(beta) (#6355)BUG FIXES:
external_data_configuration.connection_id
ingoogle_bigquery_table
(#6368)google_bigquery_table
(#6034)google_bigtable_instance
when cluster is still updating and storage type changed (#6353)google_bigtable_instance
(#6338)metric.filter
in the resourcegoogle_compute_autoscaler
(betaConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Mend Renovate. View repository job log here.