Skip to content

chore(deps): update terraform aws to v6.25.0 #353

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
red-hat-konflux wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update terraform aws to v6.25.0 #353

red-hat-konflux wants to merge 1 commit into from

Conversation

@red-hat-konflux
Copy link
Contributor

@red-hat-konflux red-hat-konflux bot commented Dec 5, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
aws (source) required_provider minor 6.22.0 -> 6.25.0

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.25.0

FEATURES:

  • New Resource: aws_cloudwatch_log_transformer (#​44300)
  • New Resource: aws_eks_capability (#​45326)

ENHANCEMENTS:

  • data-source/aws_backup_plan: Add rule.scan_action and scan_setting attributes (#​45392)
  • data-source/aws_cloudwatch_log_group: Add deletion_protection_enabled attribute (#​45298)
  • data-source/aws_ec2_transit_gateway: Add encryption_support attribute (#​45317)
  • data-source/aws_lambda_function: Add durable_config attribute (#​45359)
  • data-source/aws_lb: Add health_check_logs attribute (#​45269)
  • data-source/aws_lb_target_group: Add target_control_port attribute (#​45270)
  • data-source/aws_route53_zone: Add enable_accelerated_recovery attribute (#​45302)
  • data-source/aws_transfer_connector: Add egress_config attribute to expose VPC Lattice connectivity configuration (#​45314)
  • data-source/aws_workspaces_directory: Add tenancy attribute (#​43134)
  • resource/aws_api_gateway_integration: Add integration_target argument (#​45311)
  • resource/aws_api_gateway_integration: Add response_transfer_mode argument (#​45329)
  • resource/aws_athena_workgroup: Add configuration.managed_query_results_configuration block (#​44273)
  • resource/aws_backup_plan: Support malware scanning by adding rule.scan_action and scan_setting configuration blocks (#​45392)
  • resource/aws_bedrockagentcore_gateway: Add interceptor_configuration argument (#​45344)
  • resource/aws_cloudwatch_log_group: Add deletion_protection_enabled argument (#​45298)
  • resource/aws_ec2_transit_gateway: Add encryption_support argument (#​45317)
  • resource/aws_flow_log: Add regional_nat_gateway_id argument (#​45380)
  • resource/aws_kms_ciphertext: Add plaintext_wo and plaintext_wo_version arguments to support write-only input (#​43592)
  • resource/aws_lambda_function: Add durable_config argument (#​45359)
  • resource/aws_lb: Add health_check_logs configuration block (#​45269)
  • resource/aws_lb_target_group: Add target_control_port argument to support the ALB Target Optimizer (#​45270)
  • resource/aws_rolesanywhere_profile: Add accept_role_session_name argument (#​45391)
  • resource/aws_rolesanywhere_profile: Add plan-time validation of managed_policy_arns and role_arns (#​45391)
  • resource/aws_route53_zone: Add enable_accelerated_recovery argument (#​45302)
  • resource/aws_ssm_association: Add calendar_names argument (#​45363)
  • resource/aws_transfer_connector: Add egress_config argument to support VPC Lattice connectivity for SFTP connectors (#​45314)
  • resource/aws_transfer_connector: Make url argument optional to support VPC Lattice connectors (#​45314)
  • resource/aws_workspaces_directory: Add tenancy argument (#​43134)

v6.24.0

FEATURES:

  • New Resource: aws_lambda_capacity_provider (#​45342)
  • New Resource: aws_s3tables_table_bucket_replication (#​45360)
  • New Resource: aws_s3tables_table_replication (#​45360)
  • New Resource: aws_s3vectors_index (#​43393)
  • New Resource: aws_s3vectors_vector_bucket (#​43393)
  • New Resource: aws_s3vectors_vector_bucket_policy (#​43393)

ENHANCEMENTS:

  • data-source/aws_lambda_function: Add capacity_provider_config attribute (#​45342)
  • data-source/aws_vpc_nat_gateway: Support regional NAT Gateways by adding auto_provision_zones, auto_scaling_ips, availability_mode, availability_zone_address, regional_nat_gateway_address, and route_table_id attributes (#​45240)
  • resource/aws_backup_plan: Add target_logically_air_gapped_backup_vault_arn argument to rule block (#​45321)
  • resource/aws_lambda_function: Add capacity_provider_config and publish_to arguments (#​45342)
  • resource/aws_resourceexplorer2_index: Deprecates id. Use arn instead. (#​45345)
  • resource/aws_resourceexplorer2_view: Deprecates id. Use arn instead. (#​45345)
  • resource/aws_vpc_nat_gateway: Make subnet_id argument optional to support regional NAT Gateways (#​45420)
  • resource/aws_vpc_nat_gateway: Support regional NAT Gateways by adding availability_mode, availability_zone_address, and vpc_id arguments, and auto_provision_zones, auto_scaling_ips, regional_nat_gateway_address, and route_table_id attributes. This functionality requires the ec2:DescribeAvailabilityZones IAM permission (#​45240)
  • resource/aws_vpn_connection: Add bgp_log_enabled, bgp_log_group_arn, and bgp_log_stream_arn arguments to tunnel1_log_options.cloudwatch_log_options and tunnel2_log_options.cloudwatch_log_options blocks (#​45271)

v6.23.0

NOTES:

  • resource/aws_s3_bucket: To support ABAC (Attribute Based Access Control) in general purpose buckets, this resource will now attempt to send tags in the create request and use the S3 Control tagging APIs TagResource, UntagResource, and ListTagsForResource for read and update operations. The calling principal must have the corresponding s3:TagResource, s3:UntagResource, and s3:ListTagsForResource IAM permissions. If the principal lacks the appropriate permissions, the provider will fall back to tagging after creation and using the S3 tagging APIs PutBucketTagging, DeleteBucketTagging, and GetBucketTagging instead. With ABAC enabled, tag modifications may fail with the fall back behavior. See the AWS documentation for additional details on enabling ABAC in general purpose buckets. (#​45251)

FEATURES:

  • New Resource: aws_ecs_express_gateway_service (#​45235)
  • New Resource: aws_s3_bucket_abac (#​45251)
  • New Resource: aws_vpc_encryption_control (#​45263)
  • New Resource: aws_vpn_concentrator (#​45175)

ENHANCEMENTS:

  • action/aws_lambda_invoke: Add tenant_id argument (#​45170)
  • data-source/aws_eks_cluster: Add control_plane_scaling_config attribute (#​45258)
  • data-source/aws_lambda_function: Add tenancy_config attribute (#​45170)
  • data-source/aws_lambda_invocation: Add tenant_id argument (#​45170)
  • data-source/aws_vpn_connection: Add vpn_concentrator_id attribute (#​45175)
  • resoource/aws_ecs_capacity_provider: Add managed_instances_provider.infrastructure_optimization argument (#​45142)
  • resource/aws_docdb_cluster: Add network_type argument (#​45140)
  • resource/aws_docdb_subnet_group: Add supported_network_types attribute (#​45140)
  • resource/aws_eks_cluster: Add control_plane_scaling_config configuration block to support EKS Provisioned Control Plane (#​45258)
  • resource/aws_lambda_function: Add tenancy_config argument (#​45170)
  • resource/aws_lambda_invocation: Add tenant_id argument (#​45170)
  • resource/aws_s3_bucket: Tag on creation when the s3:TagResource permission is present (#​45251)
  • resource/aws_s3_bucket: Use the S3 Control tagging APIs when the s3:TagResource, s3:UntagResource, and s3:ListTagsForResource permissions are present (#​45251)
  • resource/aws_vpn_connection: Add vpn_concentrator_id argument to support Site-to-Site VPN Concentrator (#​45175)

v6.22.1

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#​45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#​45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#​45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#​45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#​45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#​45205)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux
chore(deps): update terraform aws to v6.25.0
6eee7f2 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/all-minor-patch-terraform branch from 50964de to 6eee7f2 Compare December 6, 2025 00:19
@red-hat-konflux red-hat-konflux bot changed the title chore(deps): update terraform aws to v6.24.0 chore(deps): update terraform aws to v6.25.0 Dec 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant