chore(deps): Update Terraform Providers to v6#169
Conversation
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: red-hat-konflux[bot] The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository YAML (base), Central YAML (inherited) Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (2)
WalkthroughThe Terraform AWS provider minimum version is raised to ChangesAWS provider constraint update
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Possibly related PRs
Suggested labels
Suggested reviewers
🚥 Pre-merge checks | ✅ 5 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
|
Hi @red-hat-konflux[bot]. Thanks for your PR. I'm waiting for a terraform-redhat member to verify that this patch is reasonable to test. If it is, they should reply with Regular contributors should join the org to skip this step. Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Signed-off-by: terraform-redhat-bot <126015336+red-hat-[bot]@users.noreply.github.com>
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
|
@coderabbitai why this module had set a so outdated version 4.67.0 ? Any specific reason? I'm concerned about this big bump here. |
|
Tip For best results, initiate chat on the files or code changes. 🧩 Analysis chain🏁 Script executed: #!/bin/bash
fd versions.tf
echo "---"
git log --follow -p -- versions.tf | grep -n "aws" -A2 -B2 | head -100
echo "---log---"
git log --follow --oneline -- versions.tf | head -50Length of output: 3431 🤖 web_search executed:
Length of output: 20918
The Your concern about the size of this jump is legitimate, though. A few things worth flagging:
Given this module is a Terraform provider dependency declaration (not pinning a specific resolved version), the real risk is at
Happy to review the diff against the resources actually declared in this module if you want a more targeted breaking-change check. |
|
DNM Checking. |
|
/hold |
This PR contains the following updates:
>= 4.67.0→>= 6.51.06.52.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
hashicorp/terraform-provider-aws (aws)
v6.51.0Compare Source
NOTES:
managed_certificate_request, managed certificate issuance uses a fixed 3-hour timeout regardless of the configured resource timeout. This behavior will be updated in a future major version. (#47839)kms_key_arnattribute has been deprecated. All configurations usingkms_key_arnshould be updated to use theserver_side_encryption_kms_key_idattribute instead. (#48441)outpost_config, the changes are best effort and we ask for community help in testing (#48367)FEATURES:
aws_acm_certificate(#48283)aws_bedrockagentcore_evaluator(#47964)aws_sagemaker_hub_content_reference(#48379)aws_bedrockagentcore_evaluator(#47964)aws_sagemaker_hub_content_reference(#48379)ENHANCEMENTS:
outpost_config.control_plane_placement.spread_level,outpost_config.etcd_instance_type, andoutpost_config.etcd_placementattributes (#48367)origin.custom_origin_config.origin_mtls_configargument (#46421)origin.custom_origin_config.origin_mtls_configargument (#46421)outpost_config.control_plane_placement.spread_level,outpost_config.etcd_instance_type, andoutpost_config.etcd_placementarguments (#48367)outpost_config.control_plane_placement.group_nameto Optional (#48367)durabilityargument (#48254)network_typeargument (#48371)destination_metrics_configurationandsource_metrics_configurationblocks (#48303)vector_options.serverless_vector_accelerationargument (#47018)BUG FIXES:
subject_alternative_namesfor Imported certificates (#48362)kms_key_arnis set but not returned by the API for S3 engine endpoints. (#48441)log_delivery_configurationwithlog_type = "slow-log"while simultaneously upgrading the engine from Redis 5 to Redis 6 or Valkey 7 (#46526)InvalidArgumentExceptionerrors when creating or updatingextended_s3_configurationin AWS partitions that report unsupportedcustom_time_zoneandfile_extensionattributes in a combined error message (#48369)principalblock required (#48416)runtime error: index out of range [0] with length 0panic when importing a replicator with no replication configurations (#48338)v6.50.0Compare Source
NOTES:
private_endpoint, it is best effort and we ask for community help in testing (#47602)FEATURES:
aws_bedrockagentcore_policy(#47971)aws_cloudwatch_log_s3_table_integration_source(#48190)aws_ecs_daemon(#47562)aws_ecs_daemon_task_definition(#47562)aws_bedrockagentcore_policy(#47971)aws_cloudwatch_log_s3_table_integration_source(#48190)aws_ecs_daemon(#47562)aws_ecs_daemon_task_definition(#47562)aws_observabilityadmin_s3_table_integration(#48190)ENHANCEMENTS:
AGUIas a valid value forprotocol_configuration.server_protocol(#47906)policy_engine_configurationconfiguration block (#47818)listing_modeargument to thetarget_configuration.mcp.mcp_serverconfiguration block (#48225)private_endpointargument to support private connectivity to VPC-hosted MCP servers via Amazon VPC Lattice (#47602)indexed_keyandstream_delivery_resourcesarguments (#48240)BUG FIXES:
couldn't find resourceerrors when reading a version immediately after creation (#48318)ValidationException: Make sure you have given CloudWatch Logs permission to assume the provided roleIAM eventual consistency errors on Create and Update (#48255)route.gateway_idwhenroute.odb_network_arnis configured (#48239)network_configuration[0].security_groupswhen usingnetwork_configuration.ec2:DescribeSecurityGroupsIAM permission is newly required. (#47944)Resource Already Existserror when recreating a service after deletion (#48098)InvalidArgumentExceptionerrors when creating or updatingextended_s3_configurationin AWS partitions that do not support thecustom_time_zoneandfile_extensionattributes (#48284)gateway_idwhenodb_network_arnis configured (#48239)route.gateway_idwhenroute.odb_network_arnis configured (#48239)Provider produced inconsistent final planerrors whensecret_stringorsecret_string_wo_versionreferences a resource being created or replaced in the same apply (#48318)version_stagesbeing empty in state (#48318)secret_stringandsecret_string_wo(or vice versa) without changing the secret value (#48318)v6.49.0Compare Source
ENHANCEMENTS:
advanced_security_options.jwt_options.jwks_urlattribute (#48146)generationattribute (#48125)protocol_configuration.mcp.session_configurationblock (#48179)protocol_configuration.mcp.streaming_configurationblock (#48179)tagsandtags_allarguments (#47916)advanced_security_options.jwt_options.jwks_urlargument (#48146)generationargument (#48125)BUG FIXES:
runtime error: slice bounds out of range [1:0]panics when refreshing state. This fixes a regression introduced in v6.48.0 (#48215)v6.48.0Compare Source
NOTES:
FEATURES:
aws_ec2_hosts(#47986)aws_cleanrooms_membership(#48166)aws_pinpointsmsvoicev2_event_destination(#48034)aws_ec2_local_gateway_route_table(#48013)aws_ec2_local_gateway_route_table_virtual_interface_group_association(#48014)aws_pinpointsmsvoicev2_event_destination(#48034)ENHANCEMENTS:
state,allocation_time,release_time,host_maintenance,host_reservation_id,availability_zone_id,allows_multiple_instance_types,member_of_service_linked_resource_group,instances, andavailable_capacityattributes (#47991)warm_throughputattribute (#48152)enable_prefix_for_ipv6_source_natattribute (#40431)ec2_placement_group_idsattribute. (#47317)protocol_typeas Optional. Omit it to create a gateway that routes traffic directly to HTTP targets (e.g. AgentCore Runtime) (#47897)credential_provider_configuration.caller_iam_credentialsandcredential_provider_configuration.jwt_passthrougharguments (#47780)credential_provider_configuration.gateway_iam_role.serviceandcredential_provider_configuration.gateway_iam_role.regionarguments to enable SigV4 signing of upstream requests formcp_servertargets pointing at AWS-hosted endpoints (#47626)target_configuration.httpargument (#47897)global_parametersargument (#44857)warm_throughput_mib_psargument. This functionality requires thekinesis:UpdateStreamWarmThroughputIAM permission (#48152)shard_level_metrics(#48152)enable_prefix_for_ipv6_source_natargument (#40431)ruleschema to cover the full SDK shape, includingall_regions,allow_field_updates,regions,scope,selection_criteria,telemetry_source_types, and the fulldestination_configurationtree (cloudtrail_parameters,elb_load_balancer_logging_parameters,log_delivery_parameters,msk_monitoring_parameters,vpc_flow_log_parameters,waf_logging_parameters) (#48072)ruleschema to cover the full SDK shape, includingall_regions,allow_field_updates,regions,scope,selection_criteria,telemetry_source_types, and the fulldestination_configurationtree (cloudtrail_parameters,elb_load_balancer_logging_parameters,log_delivery_parameters,msk_monitoring_parameters,vpc_flow_log_parameters,waf_logging_parameters) (#48072)ec2_placement_group_idsattribute. (#47317)BUG FIXES:
x-amazon-apigateway-policyupdates being overwritten by prior policy state (#48118)ValidationException: Gateway with ID: ... has targets associated with it. Delete all targets before deleting the gatewayerrors on delete (#47626)FAILEDandSYNCHRONIZINGas pending states while a target is deleting (#47626)InvalidDBInstanceState: Cannot create a snapshot because the database instance ... is not currently in the available stateerrors on delete (#46687)CacheClusterNotFoundwhen enabling snapshots after the primary cache cluster has been changed away from-001, andInvalidParameterCombinationwhen enabling snapshots on cluster mode enabled groups (#46326)ValidationException: Unknown parameter: ExtendedS3DestinationConfiguration.CustomTimeZoneerrors in AWS partitions which do not yet support selecting a time zone for bucket prefixes (#48186)function_version(#48116)InvalidParameterValueException: Alias with weights can not be used with Provisioned Concurrencyerror when updating provisioned concurrency simultaneously with alias version change (#48116)versioning_configuration.mfa_deletewhenstatusisDisabled(#48161)v6.47.0Compare Source
FEATURES:
aws_bedrockagentcore_online_evaluation_config(#47209)aws_bedrockagentcore_policy_engine(#47108)aws_bedrockagentcore_resource_policy(#46844)aws_s3control_multi_region_access_point(#48081)aws_s3control_multi_region_access_point_routes(#48081)aws_bedrockagentcore_online_evaluation_config(#47209)aws_bedrockagentcore_policy_engine(#47108)aws_bedrockagentcore_resource_policy(#46844)aws_s3control_multi_region_access_point_routes(#47994)ENHANCEMENTS:
idin favor ofarn(#48036)id(#48036)id(#48036)idin favor ofpartition(#48036)idin favor ofregion(#48036)id(#48036)odb_network_arnattribute (#48027)routes.odb_network_arnattribute (#48027)arnin favor ofsecret_arn. (#48011)arnin favor ofsecret_arn. (#48033)namein favor ofsecret_name. (#48033)idin favor ofreverse_dns_name(#48036)ip_address_typeattribute (#48039)private_key_wowrite-only argument andprivate_key_wo_versionargument (#44414)step.rds_promote_read_replica_config,step.rds_create_cross_region_read_replica_config, andreport_configurationarguments (#46965)remote_node_networksfield inremote_network_configoptional (#47988)outpost_configandremote_network_config(#47988)log_deliveryconfiguration block (#48054)parameters.athena.role_arnargument to allow override an account-wide role for a specific Athena data source (#44666)odb_network_arnargument (#48027)core_network_arn(#48027)route.odb_network_arnargument (#48027)route.core_network_arn(#48027)arnin favor ofsecret_arn. (#48011)s3_destination.destination_data_sharingargument (#21996)ip_address_typeargument (#48039)BUG FIXES:
versions.*.last_accessed_date. (#48033)lifecycle.ignore_changesfor individualtagselements being bypassed when another tag in the same map is updated to an empty string, to avoid overwriting any out-of-band changes the lifecycle block was meant to preserve. (#48008)securityGroupIdslogic inflattenVPCConfigResponse()for Outpost clusters (#47988)lifecycle.ignore_changesfor individualtagselements being bypassed when another tag in the same map is updated to an empty string, to avoid overwriting any out-of-band changes the lifecycle block was meant to preserve. (#48008)Provider produced inconsistent final planerrors and force resource recreation for Network Load Balancers when no security groups were initially configured and updated security groups are unknown at plan-time (#46695)replication_info_list.consumer_group_replication.consumer_groups_to_excludeas Computed (#48054)replication_info_list.topic_replication.topics_to_excludeas Computed (#48054)v6.46.0Compare Source
NOTES:
policy_namenow force resource recreation. Technically this is a breaking change but the resource did not function correctly previously; updatingpolicy_namewould leave an orphaned policy with the old name in AWS (#47948)FEATURES:
aws_bedrockagentcore_harness(#47725)aws_iam_access_key(#47966)aws_observabilityadmin_telemetry_rule_for_organization(#47920)aws_route53_vpc_association_authorization(#47905)aws_route53_zone_association(#47950)aws_securityhub_automation_rule_v2(#47677)aws_bedrockagentcore_harness(#47725)aws_observabilityadmin_telemetry_rule_for_organization(#47920)aws_securityhub_automation_rule_v2(#47677)aws_xray_indexing_rule(#47975)aws_xray_trace_segment_destination(#47961)ENHANCEMENTS:
outpost_lag_idandlocal_gateway_virtual_interface_group_idattributes (#47974)jwt_optionsblock to fix "Invalid address to set" error (#47874)idle_session_ttl_in_secondsfrom3600to5400to match the AWS API limit (#47890)filesystem_configurationargument for mounting session storage, Amazon S3 Files access points, or Amazon EFS access points into the agent runtime (#47810)cache_tag_configconfiguration block (#47872)resource_config_dns_resolutionargument (#47879)BUG FIXES:
acceleration_status,acl,cors_rule,grant,lifecycle_rule,logging,object_lock_configuration,policy,replication_configuration,request_payer,server_side_encryption_configuration,versioning,website) when the attribute is not set in configuration, preventing similar fights between the bucket resource and its standalone counterparts (#47962)InvalidRequest: SourceSelectionCriteria cannot be emptyerrors on unrelated updates (e.g.tags) when replication is managed by the dedicatedaws_s3_bucket_replication_configurationresource usingreplica_modifications(#47962)Provider returned invalid result object after applyerrors on Update (#47948)policy_nameas asForceNew(#47948)v6.45.0Compare Source
FEATURES:
aws_observabilityadmin_telemetry_rule(#47857)aws_securityhub_connector_v2(#47678)aws_observabilityadmin_telemetry_evaluation(#47799)aws_observabilityadmin_telemetry_evaluation_for_organization(#47808)aws_observabilityadmin_telemetry_rule(#47857)aws_securityhub_aggregator_v2(#47651)aws_securityhub_connector_v2(#47678)ENHANCEMENTS:
ruby4.0as aruntimevalue (#47841)ruby4.0as acompatible_runtimesvalue (#47841)secret_stringtosecret_string_wowithout re-creating the resource. (#47815)maintenance_scheduleconfiguration block (#47853)BUG FIXES:
engine_versionreturning full patch version instead of minor version for Valkey engine (#46109)engine,engine_version, andparameter_group_namechanges being ignored after disassociating from a global replication group (#46109)network_access_controlregression causingValidationExceptionwhen only one ofvpce_idsorprefix_list_idsis set (#47646)v6.44.0Compare Source
NOTES:
FEATURES:
aws_glue_catalog(#43583)aws_alb_target_group_attachment(#47724)aws_appautoscaling_policy(#47718)aws_arczonalshift_zonal_autoshift_configuration(#46114)aws_dynamodb_global_secondary_index(#47785)aws_dynamodb_table(#47518)aws_ecr_repository_policy(#47763)aws_glue_catalog(#43583)aws_lb_target_group_attachment(#47724)aws_s3_bucket_logging(#47766)aws_securityhub_standards_control(#47702)aws_vpc_endpoint_route_table_association(#47751)aws_arczonalshift_zonal_autoshift_configuration(#46114)aws_glue_catalog(#43583)aws_outposts_capacity_task(#47681)aws_redshift_namespace_registration(#43583)ENHANCEMENTS:
authentication_configurationattribute (#43583)transit_gateway_configurationblock (#47635)file_system_type_version(#47703)self_managed_active_directory.password_woandself_managed_active_directory.password_wo_versionarguments (#47752)authentication_configurationargument (#43583)maintenance_scheduleconfiguration block (#47354)BUG FIXES:
Deleteto use the file system prefix when resetting the synchronization configuration (#47760)waiting for Security Hub Configuration Policy Association (...) success: timeout while waiting for state to become 'SUCCESS' (last state: 'PENDING', timeout: 5m0s)errors on Create. This fixes a regression introduced in v6.34.0 (#47783)db_parameter_group_identifier(#47052)v6.43.0Compare Source
FEATURES:
aws_securityhub_enabled_standards(#43947)aws_securityhub_security_controls(#43947)aws_db_subnet_group(#47637)aws_ec2_network_insights_access_scope(#47582)aws_iam_group_policy_attachment(#47667)aws_lambda_event_source_mapping(#47686)aws_securityhub_insight(#47622)aws_arczonalshift_autoshift_observer_notification_status(#46343)aws_ec2_network_insights_access_scope(#47582)aws_securityhub_account_v2(#47356)ENHANCEMENTS:
EPISODICas a valid value fortype(#47589)current_deployment. (#47694)SELF_MANAGED_SECURITY_HUBas apolicy_idvalue (#47078)arnattribute (#47543)arnattribute (#47543)terraform destroywhen they block subnet deletion (#46953)terraform destroywhen they block VPC deletion (#46953)BUG FIXES:
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.
Summary by CodeRabbit
>= 6.51.0.