v3.29.0

NOTES:

• added the https://www.googleapis.com/auth/cloud-identity scope to the provider by default (#2224)
• google_app_engine_*_version's service field is required; previously it would have passed validation but failed on apply if it were absent. (#6720)

FEATURES:

• New Data Source: google_cloud_identity_group_memberships (#2240)
• New Data Source: google_cloud_identity_groups (#2240)
• New Resource: google_cloud_identity_group_membership (#2224)
• New Resource: google_cloud_identity_group (#2224)
• New Resource: google_kms_key_ring_import_job (#2225)
• New Resource: google_folder_iam_audit_config (#2237)

IMPROVEMENTS:

• bigquery: Added "HOUR" option for google_bigquery_table time partitioning (type) (#2235)
• compute: Added mode to google_compute_region_autoscaler autoscaling_policy (#2226)
• compute: Added scale_down_control to google_compute_region_autoscaler autoscaling_policy (#2226)
• container: added networking_mode to google_container_cluster (#2243)
• endpoints: enable google_endpoints_service-dependent resources to plan based on the config_id value. (#2248)
• monitoring: added request_method, content_type, and body fields within the http_check object to google_monitoring_uptime_check_config resource (#2233)

BUG FIXES:

• compute: Fixed an issue in google_compute_managed_ssl_certificate where multiple fully qualified domain names would cause a permadiff (#2241)
• compute: fixed an issue in compute_url_map where path_matcher sub-fields would conflict with default_service (#2247)
• container: fixed an issue in google_container_cluster where workload_metadata_config would cause a permadiff (#2242)

v3.28.0

3.28.0 (June 29, 2020)

FEATURES:

• New Data Source: google_redis_instance (#2209)
• New Resource: google_notebook_environment (#2199)
• New Resource: google_notebook_instance (#2199)

IMPROVEMENTS:

• appengine: Enabled provisioning Firestore on a new project by adding the option to specify database_type in google_app_engine_application (#2193)
• compute: Added mode to google_compute_autoscaler autoscaling_policy (#2214)
• compute: Added remove_instance_state_on_destroy to google_compute_per_instance_config to control deletion of underlying instance state. (#2187)
• compute: Added remove_instance_state_on_destroy to google_compute_region_per_instance_config to control deletion of underlying instance state. (#2187)
• compute: Added scale_down_control for google_compute_autoscaler autoscaling_policy (#2214)
• compute: Added SHARED_LOADBALANCER_VIP as an option for google_compute_address.purpose (#2204)
• dns: enabled google_dns_policy to accept network id (#2189)

BUG FIXES:

• appengine: Added polling to google_app_engine_firewall_rule to prevent issues with eventually consistent creation (#2197)
• compute: Allowed updating google_compute_network_peering_routes_config import_custom_routes and export_custom_routes to false (#2190)
• netblock: fixed the google netblock ranges returned by the google_netblock_ip_ranges by targeting json on gstatic domain instead of reading SPF dns records (solution provided by network team) (#2210)

3.27.0

3.27.0 (June 23, 2020)

IMPROVEMENTS:

• accesscontextmanager: Added custom config to google_access_context_manager_access_level (#2180)
• cloudbuild: Added invert_regex flag in Github PullRequestFilter and PushFilter in triggerTemplate (#2171)
• cloudrun: Added template.spec.timeout_seconds to google_cloud_run_service (#2164)
• compute: Added cpu_over_commit_type to google_compute_node_template (#2176)
• compute: Added min_node_cpus to the scheduling blocks on compute_instance and compute_instance_template (#2169)
• compute: Added export_subnet_routes_with_public_ip and import_subnet_routes_with_public_ip to google_compute_network_peering (#2170)
• compute: Added remove_instance_state_on_destroy to google_compute_per_instance_config to control deletion of underlying instance state. (#2187)
• container: Added support for private_cluster_config.master_global_access_config to google_container_cluster (#2157)
• compute: Added support for google_compute_instance_group instances to accept instance id field as well as self_link (#2161)
• dns: Added support for google_dns_policy network to accept google_compute_network.id (#2189)
• redis: Added validation for name attribute in redis_instance (#2167)

BUG FIXES:

• bigquery: Fixed range_partitioning.range.start so that the value 0 is sent in google_bigquery_table (#2153)
• container: Fixed a regression in google_container_cluster where the location was not inferred when using a subnetwork shortname value like name (#2160)
• datastore: Added retries to google_datastore_index requests when under contention. (#2154)
• kms: Fixed the id value in the google_kms_crypto_key_version datasource to include a /v1 part following //cloudkms.googleapis.com/, making it useful for interpolation into Binary Authorization. (#2165)

v3.26.0

FEATURES:

• New Resource: google_data_catalog_tag (#2144)
• New Resource: google_bigquery_dataset_iam_binding (#2147)
• New Resource: google_bigquery_dataset_iam_member (#2147)
• New Resource: google_bigquery_dataset_iam_policy (#2147)
• New Resource: google_memcache_instance (#2142)
• New Resource: google_network_management_connectivity_test (#2138)

IMPROVEMENTS:

• compute: added default_route_action to compute_url_map and compute_url_map.path_matchers (#2143)
• container : Added cluster_telemetry attribute to google_container_cluster (#2149)
• dialogflow: Changed google_dialogflow_agent.time_zone to be updatable (#2133)
• dns: enabled google_dns_managed_zone to accept network id for two attributes (#2139)
• healthcare: Added support for streaming_configs to google_healthcare_fhir_store (#2145)
• monitoring: added matcher attribute to content_matchers block for google_monitoring_uptime_check_config (#2150)

BUG FIXES:

• compute: fixed issue where trying to update the region of google_compute_subnetwork would fail instead of destroying/recreating the subnetwork (#2134)
• dataflow: added retries in google_dataflow_job for common retryable API errors when waiting for job to update (#2146)
• dataflow: changed the update logic for google_dataflow_job to wait for the replacement job to start successfully before modifying the resource ID to point to the replacement job (#2140)

v3.25.0

BREAKING CHANGES:

• bigquery: Add ability to manage credentials to google_bigquery_connection. This field is required as the resource is not useful without them. (#2111)

FEATURES:

• New Resource: google_data_catalog_tag_template (#2120)
• New Resource: google_container_analysis_occurence (#2114)

IMPROVEMENTS:

• appengine: added inbound_services to StandardAppVersion resource (#2131)
• bigquery: Added support for google_bigquery_table hive_partitioning_options (#2121)
• container_analysis: Added top-level generic note fields to google_container_analysis_note (#2114)

BUG FIXES:

• bigquery: Fixed an issue where google_bigquery_job would return "was present, but now absent" error after job creation (#2122)
• container: Changed retry logic for google_container_node_pool deletion to use timeouts and retry errors more specifically when cluster is updating. (#2115)
• dataflow: fixed an issue where google_dataflow_job would try to update max_workers (#2110)
• dataflow: fixed an issue where updating on_delete in google_dataflow_job would cause the job to be replaced (#2110)
• compute: fixed issue where removing all target pools from google_compute_instance_group_manager or google_compute_region_instance_group_manager had no effect (#2124)
• functions: Added retry to google_cloudfunctions_function creation when API returns error while pulling source from GCS (#2116)
• provider: Removed credentials from output error when provider cannot parse given credentials (#2113)

v3.24.0

BREAKING CHANGES:

• bigquery: Add ability to manage credentials to google_bigquery_connection. This field is required as the resource is not useful without them. (#2111)

FEATURES:

• New Resource: google_compute_machine_image (#2109)
• New Resources: google_data_catalog_entry_group_iam_* (#2098)
• New Resource: google_data_catalog_entry_group (#2098)
• New Resource: google_data_catalog_entry (#2100)

IMPROVEMENTS:

• appengine: added handlers to google_flexible_app_version (#2105)
• bigquery: suppressed diffs between fully qualified URLs and relative paths that reference the same table or dataset in google_bigquery_job (#2107)
• container: Added update support for node_config.workload_metadata_config to google_container_node_pool (#2091)

BUG FIXES:

• appengine: added ability to fully sync StandardAppVersion resources (#2096)
• bigquery: Fixed an issue with google_bigquery_dataset_access failing for primitive role roles/bigquery.dataViewer (#2092)
• dataflow: fixed an issue where google_dataflow_job would try to update max_workers (#2110)
• dataflow: fixed an issue where updating on_delete in google_dataflow_job would cause the job to be replaced (#2110)
• os_login: Fixed google_os_login_ssh_public_key key field attempting to update in-place (#2094)

3.23.0

BREAKING CHANGES:

• The base url for the monitoring endpoint no longer includes the API version (previously "v3/"). If you use a monitoring_custom_endpoint, remove the trailing "v3/". (#2088)

FEATURES:

• New Data Source: google_iam_testable_permissions (#2071)
• New Resource: google_monitoring_dashboard (#2088)

IMPROVEMENTS:

• bigquery: added ability for various table_id fields (and one dataset_id field) in google_bigquery_job to specify a relative path instead of just the table id (#2079)
• composer: Added support for google_composer_environment config.private_environment_config.cloud_sql_ipv4_cidr_block (#2075)
• composer: Added support for google_composer_environment config.private_environment_config.web_server_ipv4_cidr_block (#2075)
• composer: Added support for google_composer_environment web_server_network_access_control for private environments (#2075)
• container: Added update support for node_config.workload_metadata_config to google_container_node_pool (#2091)
• container: added min_cpu_platform to google_container_cluster.cluster_autoscaling.auto_provisioning_defaults (#2086)
• container: added release_channel_default_version to data.google_container_engine_versions, allowing you to find the default version for a release channel (#2068)
• container: added the ability to unspecify google_container_cluster's min_master_version field (#2068)
• container: added update support to google_container_cluster's release_channel field (#2068)
• container: added config_connector_config google_container_cluster (#2064)
• monitoring: Added window-based SLI to google_monitoring_slo (#2070)

BUG FIXES:

• compute: Fixed an issue where google_compute_route creation failed while VPC peering was in progress. (#2082)
• Fixed an issue where data source google_organization would ignore exact domain matches if multiple domains were found (#2085)
• compute: Fixed google_compute_interconnect_attachment edge_availability_domain diff when the field is unspecified (#2084)
• compute: fixed error where plan would error if google_compute_region_disk_resource_policy_attachment had been deleted outside of terraform. (#2065)
• compute: raise limit on number of src_ip_ranges values in google_compute_security_policy to supported 10 (#2076)
• iam: Fixed an issue where google_service_account shows an error after creating the resource (#2074)

v3.22.0

BREAKING CHANGE:

• google_bigtable_instance resources now cannot be destroyed unless deletion_protection = false is set in state for the resource. (#2061)

FEATURES:

• New Resource: google_compute_region_per_instance_config (#2046)
• New Resource: google_dialogflow_entity_type (#2052)

IMPROVEMENTS:

• bigtable: added deletion_protection field to google_bigtable_instance to make deleting them require an explicit intent. (#2061)
• compute: Added google_compute_region_backend_service portName parameter (#2048)
• dataproc: Updated google_dataproc_cluster.software_config.optional_components to include new options. (#2049)
• monitoring: Added request_based SLI support to google_monitoring_slo (#2058)
• storage: added google_storage_bucket bucket name to the error message when the bucket can't be deleted because it's not empty (#2059)

BUG FIXES:

• bigquery: Fixed error where google_bigquery_dataset_access resources could not be found post-creation if role was set to a predefined IAM role with an equivalent primative role (e.g. roles/bigquery.dataOwner and OWNER) (#2039)
• compute: Fixed permadiff in google_compute_instance_template's network_tier. (#2054)
• compute: Removed permadiff or errors on update for google_compute_backend_service and google_compute_region_backend_service when consistent_hash values were previously set on backend service but are not supported by updated value of locality_lb_policy (#2044)
• sql: Fixed occasional failure to delete google_sql_database_instance and google_sql_user. (#2045)

v3.21.0

FEATURES:

• New Resource: google_bigquery_connection (#2014)
• New Resource: google_compute_per_instance_config (#2029)
• New Resource: google_logging_billing_account_bucket_config (#2008)
• New Resource: google_logging_folder_bucket_config (#2008)
• New Resource: google_logging_organization_bucket_config (#2008)
• New Resource: google_logging_project_bucket_config (#2008)

IMPROVEMENTS:

• all: add configurable timeouts to several resources that did not previously have them (#2007)
• bigquery: added service_account_name field to google_bigquery_data_transfer_config resource (#2004)
• cloudfunctions: Added validation to label keys for google_cloudfunctions_function as API errors aren't useful. (#2009)
• compute: Added support for stateful_disk to both google_compute_instance_group_manager and google_compute_region_instance_group_manager. (#2006)
• container: added kalm_config addon to google_container_cluster (#2027)
• dataflow: Added drift detection for google_dataflow_job template_gcs_path and temp_gcs_location fields (#2021)
• dataflow: Added support for update-by-replacement to google_dataflow_job (#2021)
• dataflow: added additional_experiments field to google_dataflow_job (#2005)
• dataproc: added component gateway support to google_dataproc_cluster (#2035)
• storage: Added retries for google_storage_bucket_iam_* on 412 (precondition not met) errors for eventually consistent bucket creation. (#2011)

BUG FIXES:

• all: fixed bug where timeouts specified in units other than minutes were getting incorrectly rounded. Also fixed several instances of timeout values being used from the wrong method. (#2002)
• accesscontextmanager: Fixed setting require_screen_lock to true for google_access_context_manager_access_level (#2010)
• appengine: Changed google_app_engine_application to respect updates in iap (#2000)
• bigquery: Fixed error where google_bigquery_dataset_access resources could not be found post-creation if role was set to a predefined IAM role with an equivalent primative role (e.g. roles/bigquery.dataOwner and OWNER) (#2039)
• bigquery: Fixed the google_sheets_options at least one of logic. (#2030)
• cloudscheduler: Fixed permadiff for google_cloud_scheduler_job.retry_config.* block when API provides default values (#2028)
• compute: Added lock to prevent google_compute_route from changing while peering operations are happening on its network (#2016)
• compute: Stopped force-recreation of google_compute_backend_service and google_compute_backend_service on updating locality_lb_policy (#2012)
• compute: fixed issue where the default value for the attribute advertise_mode on google_compte_router_peer was not populated on import (#2024)
• container: Fixed occasional error with container_node_pool partially-successful creations not being recorded if an error occurs on the GCP side. (#2038)
• container: fixed issue where terraform would error if a gke instance group was deleted out-of-band (#2015)
• storage: Fixed setting/reading google_storage_bucket_object metadata on API object (#2025)
• storage: Marked the credentials field in google_storage_object_signed_url as sensitive so it doesn't expose private credentials. (#2026)

v3.20.0

3.20.0 (May 04, 2020)

• New Resource: google_artifact_registry_repository (#1981)
• New Resource: google_artifact_registry_repository_iam_policy (#1981)
• New Resource: google_artifact_registry_repository_iam_binding (#1981)
• New Resource: google_artifact_registry_repository_iam_member (#1981)
• New Resource: google_bigquery_connection (#2014)
• New Resource: google_logging_billing_account_bucket_config (#2008)
• New Resource: google_logging_folder_bucket_config (#2008)
• New Resource: google_logging_organization_bucket_config (#2008)
• New Resource: google_logging_project_bucket_config (#2008)

IMPROVEMENTS:

• appengine: Added automatic_scaling, basic_scaling, and manual_scaling to google_app_engine_standard_app_version (#1984)
• bigquery: added service_account_name field to google_bigquery_data_transfer_config resource (#2004)
• bigtable: added ability to add/remove column families in google_bigtable_table (#1988)
• cloudfunctions: Added validation to label keys for google_cloudfunctions_function as API errors aren't useful. (#2009)
• compute: Added support for stateful_disk to both google_compute_instance_group_manager and google_compute_region_instance_group_manager. (#2006)
• compute: Added support for default URL redirects to google_compute_url_map and google_compute_region_url_map (#1998)
• dataflow: Added additional_experiments field to google_dataflow_job (#2005)
• dns: Added service_directory_config field togoogle_dns_managed_zone (#1976)
• compute: Added update of google_compute_backend_service and google_compute_backend_service field `locality_lb_policy (#2012)

BUG FIXES:

• accesscontextmanager: Fixed setting require_screen_lock to true for google_access_context_manager_access_level (#2010)
• appengine: Changed google_app_engine_application to respect updates in iap (#2000)
• storage: Added retries for google_storage_bucket_iam_* on 412 (precondition not met) errors for eventually consistent bucket creation. (#2011)