3.90.1 (November 02, 2021)

DEPRECATIONS:

container: fixed an overly-broad deprecation on master_auth, constraining it to master_auth.username and master_auth.password

3.90.0 (October 26, 2021)

DEPRECATIONS:

container: deprecated workload_identity_config.0.identity_namespace and it will be removed in a future major release as it has been deprecated in the API. Use workload_identity_config.0.workload_pool instead. Switching your configuration from one value to the other will trigger a diff at plan time, and a spurious update. (#3733)
container: deprecated the following google_container_cluster fields: instance_group_urls and master_auth (#3746)

IMPROVEMENTS:

composer: added field environment_size to resource google_composer_environment (#3730)
container: added node_config.0.guest_accelerator.0.gpu_partition_size field to google_container_node_pool (#3739)
container: added workload_identity_config.0.workload_pool to google_container_cluster (#3733)
container: made dns_cache_config conflict with GKE Autopilot mode (#3725)
container_cluster: Updated monitoring_config to accept WORKLOAD (#3732)
provider: Added links to nested types documentation for manually generated pages (#3736)

BUG FIXES:

cloudrun: fixed a permadiff on the field template.spec.containers.ports.name of the google_cloud_run_service resource (#3740)
composer: removed config.node_config.zone requirement on google_composer_environment (#3745)
compute: fixed permadiff for failover_policy on google_compute_region_backend_service (#3728)
compute: fixed to make description updatable without recreation on google_compute_instance_group_manager (#3735)
container: fixed a permadiff on google_container_node_pool.workload_metadata_config.mode (#3726)
iam: fixed request batching bug where failed requests would show unnecessary backslash escaping to the user. (#3723)
securitycenter: fixed bug where google_scc_notification_config.streaming_config.filter was not updating. (#3727)

3.89.0 (October 18, 2021)

BUG FIXES:

compute: fixed bug where google_compute_router_peer could not set an advertised route priority of 0, causing permadiff. (#3718)
container: fixed a crash on monitoring_config of google_container_cluster (#3717)
iam: fixed request batching bug where failed requests would show unnecessary backslash escaping to the user. (#3723)
storage: fixed a bug to better handle eventual consistency among google_storage_bucket resources. (#3715)

3.88.0 (October 11, 2021)

NOTES:

reorganized documentation to group all Compute Engine and Monitoring (Stackdriver) resources together. (#3686)

DEPRECATIONS:

container: deprecated workload_metadata_configuration.node_metadata in favor of workload_metadata_configuration.mode in google_container_cluster (#3694)
dataproc: deprecated the google_dataproc_workflow_template.version field, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#3675) BREAKING CHANGES:
gke_hub: made the config_membership field in google_gke_hub_feature required, disallowing invalid configurations (#3681)
gke_hub: made the configmanagement, feature, location, membership fields in google_gke_hub_feature_membership required, disallowing invalid configurations (#3681)

FEATURES:

New Data Source: google_service_networking_peered_dns_domain (#3690)
New Data Source: google_sourcerepo_repository (#3684)
New Data Source: google_storage_bucket (#3678)
New Resource: google_pubsub_lite_reservation (#3708)
New Resource: google_service_networking_peered_dns_domain (#3690)

IMPROVEMENTS:

composer: added field enable_privately_used_public_ips to resource google_composer_environment (beta) (#3697)
composer: added field enable_ip_masq_agent to resource google_composer_environment (beta) (#3705)
composer: added support for composer v2 fields workloads_config and cloud_composer_network_ipv4_cidr_block to composer_environment (#3709)
compute: added NetLB support for Connection Tracking as connectionTrackingPolicy in RegionBackendService(beta) (#3698)
compute: added external IPv6 support on google_compute_subnetwork and google_compute_instance.network_interfaces (#3677)
container: added support for workload_metadata_configuration.mode in google_container_cluster (#3694)
eventarc: added support for uid output field, cloud_function destination to google_eventarc_trigger (#3681)
gke_hub: added support for gcp_service_account_email when configuring Git sync in google_gke_hub_feature_membership (#3681)
gke_hub: added support for resource_state, state outputs to google_gke_hub_feature (#3681)
pubsub: added support for references to google_pubsub_lite_reservation to google_pubsub_lite_topic. (#3708)

BUG FIXES:

monitoring: fixed typo in google_monitoring_uptime_check_config where NOT_MATCHES_REGEX could not be specified. (#3700)
servicedirectory: marked service on google_service_directory_endpoint as ForceNew to trigger recreates on changes (#3683)

3.87.0 (October 04, 2021)

DEPRECATIONS:

dataproc: deprecated the google_dataproc_workflow_template.version field, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#3675)

FEATURES:

New Resource: google_monitoring_monitored_project (#3658)
New Resource: google_org_policy_policy (#3637)

IMPROVEMENTS:

cloudbuild: added field service_account to google_cloudbuild_trigger (#3661)
composer: added field scheduler_count to google_composer_environment (#3660)
compute: Disabled recreation of GCE instances when updating resource_policies property (#3668)
container: added support for logging_config and monitoring_config to google_container_cluster (#3641)
kms: added support for import_only to google_kms_crypto_key (#3659)
networkservices: boosted the default timeout for google_network_services_edge_cache_origin from 30m to 60m (#3674)

BUG FIXES:

container: fixed an issue where a node pool created with error (eg. GKE_STOCKOUT) would not be captured in state (#3646)
filestore: Allowed updating reserved_ip_range on google_filestore_instance via recreation of the instance (#3651)
serviceusage: Made the service api retry failed operation calls in anticipation of transient errors that occur when first enabling the service. (#3666)

3.86.0 (September 27, 2021)

BUG FIXES:

dns: fixed an issue in google_dns_record_set where rrdatas could not be updated (#3625)
dns: fixed an issue in google_dns_record_set where creating the resource would result in an 409 error (#3625)
platform: fixed a bug in wrongly writing to state when creation failed on google_organization_policy (#3624)

3.85.0 (September 20, 2021)

DEPRECATIONS:

compute: deprecated interface field on google_compute_disk and google_compute_region_disk (#3611)

IMPROVEMENTS:

bigtable: enabled support for user_project_override in google_bigtable_instance and google_bigtable_table (#3614)
compute: added iap fields to google_compute_region_backend_service (#3605)
compute: allowed passing an IP address to the nextHopIlb field of google_compute_route resource (#3609)
container: added field dns_config to resource google_container_cluster (#3606)
iam: added disabled field to google_service_account resource (#3603)
provider: added links to nested types documentation within a resource (#3615)
storage: added field path to google_storage_transfer_job (#3608)

BUG FIXES:

appengine: fixed bug where deployment.container.image would update to an old version even if in ignore_changes (#3613)
bigquery: fixed a bug where destination_encryption_config.kms_key_name stored the version rather than the key name. (#3616)
redis: extended the default timeouts on google_redis_instance (#3604)
serviceusage: fixed an issue in google_project_service where users could not reenable services that were disabled outside of Terraform. (#3607)

3.84.0 (September 13, 2021)

DEPRECATIONS:

compute: deprecated interface field on google_compute_disk and google_compute_region_disk (#3611)

FEATURES:

New Data Source: google_secret_manager_secret (#3588)

IMPROVEMENTS:

compute: added update support to google_compute_service_attachment (#3587)
filestore: added connect_mode to networks field in google_filestore_instance (#3595)

BUG FIXES:

container: fixed a bug in failing to remove maintenance_exclusion on google_container_cluster (#3600)
compute: fixed advanced_machine_features error messages in google_compute_instance (#3598)
eventarc: fixed bug where resources deleted outside of Terraform would cause errors (#3590)
functions: fixed an error message on google_cloudfunctions_function (#3591)
logging: fixed the data type for bucket_options.linear_buckets.width on google_logging_metric (#3589)
osconfig: fixed import on google_os_config_guest_policies (#3594)
storage: fixed an undetected change on days_since_noncurrent_time of google_storage_bucket (#3599)

3.83.0 (September 09, 2021)

FEATURES:

New Resource: google_privateca_certificate_template (#3561)

IMPROVEMENTS:

privateca: added certificate_template to google_privateca_certificate. (#3567)
compute: allowed setting ip_address field of google_compute_router_peer (#3565)
dataproc: added field metastore_config to google_dataproc_cluster (#3577)
kms: added support for destroy_scheduled_duration to google_kms_crypto_key (#3563)

BUG FIXES:

endpoints: fixed a timezone discrepancy in config_id on google_endpoints_service (#3564)
cloudbuild: marked google_cloudbuild_trigger as requiring one of branch_name/tag_name/commit_sha within build.source.repo_source (#3582)
compute: fixed a crash on enable field of google_compute_router_peer (#3579)
compute: fixed a permanent diff for next_hop_instance_zone on google_compute_route when next_hop_instance was set to a self link (#3571)
compute: fixed an issue in google_compute_router_nat where removing log_config resulted in a perma-diff (#3581)
privateca: fixed a permadiff bug for publishing_options on google_privateca_ca_pool when both attributes set false (#3570)
spanner: fixed instance updates to processing units (#3575)
storage: added support for timeouts on google_storage_bucket_object (#3578)

3.82.0 (August 30, 2021)

FEATURES:

New Resource: google_privateca_certificate_template (#3561)
New Resource: google_compute_firewall_policy (#3556)
New Resource: google_compute_firewall_policy_association (#3556)
New Resource: google_compute_firewall_policy_rule (#3556)

IMPROVEMENTS:

notebooks: added support for nic_type, reservation_affinity to google_notebooks_instance (#3554)
sql: added field collation to google_sql_database_instance (#3557)

BUG FIXES:

apigateway: fixed import functionality for all apigateway resources (#3549)
compute: fixed a bug when a source_machine_image from a different project is used on google_compute_instance_from_machine_image (#3541)
dns: fixed not-exists error message on data source google_dns_managed_zone (#3559)
healthcare: fixed bug where changes to google_healthcare_hl7_v2_store.parser_config subfields would error with "...parser_config.version field is immutable..." (#3560)
os_config: fixed imports for google_os_config_guest_policies (#3550)
pubsub: added polling to google_pubsub_schema to deal with eventually consistent deletes (#3544)
secretmanager: fixed an issue where replication fields would not update in google_secret_manager_secret (#3558)
service_usage: fixed imports on google_service_usage_consumer_quota_override (#3552)
sql: fixed a permadiff bug for type when BUILT_IN on google_sql_user (#3545)
sql: fixed bug in google_sql_user with CLOUD_IAM_USERs on POSTGRES. (#3542)

3.81.0 (August 23, 2021)

IMPROVEMENTS:

compute: Added enable attribute to google_compute_router_peer (#3507)
compute: added support for L3_DEFAULT as ip_protocol for google_compute_forwarding_rule and UNSPECIFIED as protocol for google_compute_region_backend_service to support network load balancers that forward all protocols and ports. (#3516)
compute: added support for security_settings to google_compute_backend_service (#3515)
gkehub: added google_gke_hub_membership support for both //container.googleapis.com/${google_container_cluster.my-cluster.id} and google_container_cluster.my-cluster.id in endpoint.0.gke_cluster.0.resource_link (#3502)
provider: Added provider support for request_reason (#3513)
provider: added support for billing_project across all resources. If user_project_override is set to true and a billing_project is set, the X-Goog-User-Project header will be sent for all resources. (#3539)

BUG FIXES:

assuredworkloads: enhanced resource deletion so google_assured_workloads_workload can delete what it creates (#3533)
bigquery: fixed the permadiff bug on location of the google_bigquery_dataset (#3524)
composer: fixed environment version regexp to explicitly require . (dot) instead of any character after 'preview' (example: composer-2.0.0-preview.0-airflow-2.1.1) (#3520)
compute: changed wait_for_instances in google_compute_instance_group_manager and google_compute_region_instance_group_manager to no longer block plan / refresh, waiting on managed instance statuses during apply instead (#3531)
compute: fixed a bug where negative_caching_policy cannot be set always revalidate on google_compute_backend_service (#3529)
compute: fixed instances where compute resource calls would have their urls appended with a redundant /projects after the host (#3532)
firestore: removed diff for server generated field __name__ on google_firestore_index (#3528)
privateca: Fixed null for ignore_active_certificates_on_deletion on the imported google_privateca_certificate_authority (#3511)
privateca: fixed the creation of subordinate google_privateca_certificate_authority with max_issuer_path_length = 0. (#3540)

3.80.0 (August 16, 2021)

FEATURES:

New Resource: google_dialogflow_cx_environment (#3488)

IMPROVEMENTS:

gkehub: added support for both //container.googleapis.com/${google_container_cluster.my-cluster.id} and google_container_cluster.my-cluster.id references in google_gke_hub_membership.endpoint.0.gke_cluster.0.resource_link (#3502)
kms: added name field to google_kms_crypto_key_version datasource (#3500)

BUG FIXES:

apigee: fixed update behavior on google_apigee_envgroup (#3489)
artifact_registry: transitioned the field format to be case insensitive in aligning with backend behavior on google_artifact_registry_repository (#3491)
privateca: fixed a failure to create google_privateca_certificate_authority of type SUBORDINATE due to an invalid attempt to activate it on creation. (#3499)

3.79.0 (August 09, 2021)

NOTES:

spanner: The num_nodes field on google_spanner_instance will have its default removed in a future major release, and either num_nodes or processing_units will be required. (#3479)

FEATURES:

New Resource: google_dialogflow_cx_entity_type (#3480)
New Resource: google_dialogflow_cx_page (#3461)

IMPROVEMENTS:

container: added network_config block to google_container_node_pool resource (#3472)
spanner: added processing_units to google_spanner_instance. (#3479)
storage: added support for customer_encryption on resource_storage_bucket_object (#3469)

3.78.0 (August 02, 2021)

IMPROVEMENTS:

composer: added validation for max_pods_per_node field. (#3445)
servicenetworking: added support for user_project_override and billing_project to google_service_networking_connection (#3455)

BUG FIXES:

storagetransfer: fixed a crash on azure_blob_storage_data_source for google_storage_transfer_job (#3447)
sql: fixed bug that wouldn't insert the google_sql_user in state for iam users. (#3442)
storage: fixed a crash when azure_credentials was defined in google_storage_transfer_job (#3457)

3.77.0 (July 26, 2021)

FEATURES:

New Resource: google_scc_notification_config (#3431)

IMPROVEMENTS:

composer: added field maintenance_window to resource google_composer_environment (#3435)
compute: fixed a permadiff bug in log_config field of google_compute_region_backend_service (#3427)
dlp: added crypto_replace_ffx_fpe_config and crypto_replace_ffx_fpe_config as primitive transformation types to google_data_loss_prevention_deidentify_template (#3429)

BUG FIXES:

bigquerydatatransfer: fixed a bug where destination_dataset_id was required, it is now optional. (#3438)
billing: Fixed ordering of budget_filter. projects on google_billing_budget (#3436)
compute: removed default value of 0.8 from google_backend_service.backend.max_utilization and it will now default from API. All max_connections_xxx and max_rate_xxx will also default from API as these are all conditional on balancing mode. (#3432)
sql: fixed bug where the provider would retry on an error if the database instance name couldn't be reused. (#3434)

3.76.0 (July 19, 2021)

FEATURES:

New Resource: google_assured_workloads_workload (#3410)
New Resource: google_dialogflow_cx_flow (#3422)
New Resource: google_dialogflow_cx_intent (#3415)
New Resource: google_dialogflow_cx_version (#3423)
New Resource: google_network_services_edge_cache_keyset (#3417)
New Resource: google_network_services_edge_cache_origin (#3417)
New Resource: google_network_services_edge_cache_service (#3417)
New Resource: google_vertex_ai_featurestore_entitytype (#3416)
New Resource: google_vertex_ai_featurestore (#3416)

IMPROVEMENTS:

apigee: Added SLASH_22 support for peering_cidr_range on google_apigee_instance (#3424)
cloudbuild: Added pubsub_config and webhook_config parameter to google_cloudbuild_trigger. (#3418)

BUG FIXES:

pubsub: fixed pubsublite update issues (#3421)

3.75.0 (July 12, 2021)

BREAKING CHANGES:

privateca: existing beta resources will no longer function (#3397)

FEATURES:

New Resource: google_privateca_ca_pool (#3397)
New Resource: google_privateca_certificate (#3397)
New Resource: google_privateca_certificate_authority (#3397)

IMPROVEMENTS:

bigquery: added kms_key_version as an output on bigquery_table.encryption_configuration and the destination_encryption_configuration blocks of bigquery_job.query, bigquery_job.load, and bigquery_copy. (#3406)
compute: added advanced_machine_features to google_compute_instance (#3392)
dlp: Added replace_with_info_type_config to dlp_deidentify_template. (#3384)
storage: added temporary_hold and event_based_hold attributes to google_storage_bucket_object (#3399)

BUG FIXES:

bigquery: Fixed permadiff due to lowercase mode/type in google_bigquery_table.schema (#3405)
billing: made all_updates_rule.* fields updatable on google_billing_budget (#3394)
billing: made amount.specified_amount.units updatable on google_billing_budget (#3391)
compute: fixed perma-diff in google_compute_instance (#3389)
storage: fixed handling of object paths that contain slashes for google_storage_object_access_control (#3407)

3.74.0 (June 28, 2021)

FEATURES:

New Resource: google_app_engine_service_network_settings (#3371)
New Resource: google_vertex_ai_dataset (#3369)
New Resource: google_cloudbuild_worker_pool (#3372)

IMPROVEMENTS:

bigtable: added cluster.kms_key_name field to google_bigtable_instance (#3354)
composer: added field max_pods_per_node to resource google_composer_environment (beta) (#3376)
secretmanager: added ttl, expire_time, topics and rotation fields to google_secret_manager_secret (#3360)

BUG FIXES:

container: allowed setting node_config.service_account at the same time as enable_autopilot = true for google_container_cluster (#3361)
container: fixed issue where creating a node pool with a name that already exists would import that resource. google_container_node_pool (#3378)
dataproc: fixed crash when creating google_dataproc_workflow_template with secondary_worker_config empty except for num_instances = 0 (#3347)
filestore: fixed an issue in google_filestore_instance where creating two instances simultaneously resulted in an error. (#3358)
iam: fixed an issue in google_iam_workload_identity_pool_provider where aws and oidc were not updatable. (#3350)
sql: added support for binary_logging on replica instances for googe_sql_database_instance (#3379)

3.73.0 (June 21, 2021)

FEATURES:

New Resource: google_compute_service_attachment (#3328)
New Resource: google_dialogflow_cx_agent (#3324)
New Resource: google_gkehub_feature (#3330)
New Resource: google_gkehub_feature_membership (#3330)

IMPROVEMENTS:

provider: added support for mtls authentication (#3348)
compute: added field adaptive_protection_config to google_compute_security_policy (#3322)
compute: added advanced_machine_features fields to google_compute_instance_template (#3337)
compute: added a network_performance_config block to each of resource_compute_instance, resource_compute_instance_from_template, and resource_compute_instance_template (#3341)
redis: allowed redis_version to be upgraded on google_redis_instance (#3344)

BUG FIXES:

apigee: added SLASH_23 support for peering_cidr_range on google_apigee_instance (#3327)
cloudrun: fixed a bug where plan would should a diff on google_cloud_run_service if the order of the template.spec.containers.env list was re-ordered outside of terraform. (#3326)
container: added user_project_override support to the ContainerOperationWaiter used by google_container_cluster (#3345)

3.72.0 (June 14, 2021)

IMPROVEMENTS:

container: Allowed specifying a cluster id field for google_container_node_pool.cluster to ensure that a node pool is recreated if the associated cluster is recreated. (#3314)
storagetransfer: added support for azure_blob_storage_data_source to google_storage_transfer_job (#3316)

BUG FIXES:

bigquery: Fixed google_bigquery_table.schema handling of policyTags (#3307)
bigtable: fixed bug that would error if creating multiple bigtable gc policies at the same time (#3311)
compute: fixed bug where encryption showed a perma-diff on resources created prior to the feature being released. (#3309)
dataflow: fixed handling of failed google_dataflow_flex_template_job updates (#3318)
dataflow: made google_dataflow_flex_template_job updates fail fast if the job is in the process of cancelling or draining(#3317)

3.71.0 (June 07, 2021)

FEATURES:

New Resource: google_dialogflow_fulfillment (#3286)

IMPROVEMENTS:

compute: added reservation_affinity to google_compute_instance and google_compute_instance_template (#3288)
compute: added support for wait_for_instances_status on google_compute_instance_group_manager and google_compute_region_instance_group_manager (#3283)
compute: added support for output-only status field on google_compute_instance_group_manager and google_compute_region_instance_group_manager (#3283)
compute: set the default value for log_config.enable on google_compute_region_health_check to avoid permanent diff on plan/apply. (#3291)

BUG FIXES:

composer: fixed a check that did not allow for preview versions in google_composer_environment (#3287)
storage: fixed error when matches_storage_class is set empty on google_storage_bucket (#3282)
vpcaccess: fixed permadiff when max_throughput is not set on google_vpc_access_connector (#3294)

3.70.0 (June 01, 2021)

IMPROVEMENTS:

compute: added provisioned_iops to google_compute_disk (#3269)
sql: added field disk_autoresize_limit to sql_database_instance (#3273)

BUG FIXES:

cloudrun: fixed a bug where resources would return successfully due to responses based on a previous version of the resource (#3277)
compute: fixed issue where google_compute_region_disk and google_compute_disk would force recreation due to the addition of interface property (#3272)
compute: fixed missing values for negative_caching and serve_while_stale on google_compute_backend_service (#3278)
storage: fixed error when matches_storage_class is set empty on google_storage_bucket (#3282)

3.69.0 (May 24, 2021)

IMPROVEMENTS:

apigateway: allowed field apiconfig to change on resource google_apigateway_gateway (#3248)
compute: added "description" field to "google_compute_resource_policy" resource (#3263)
compute: added "instance_schedule_policy" field to "google_compute_resource_policy" resource (#3263)
compute: added support for IPsec-encrypted Interconnect in the form of new fields on google_compute_router, google_compute_ha_vpn_gateway, google_compute_interconnect_attachment and google_compute_address (#3256)
dataflow: enabled updates for google_dataflow_flex_template_job (#3246)

BUG FIXES:

cloudidentity: fixed recreation on the initial_group_config of google_cloud_identity_group (#3252)
compute: added mutex in google_compute_metadata_item to reduce retries + quota errors (#3262)
container: fixed bug where enable_shielded_nodes could not be false on resource google_container_cluster (#3247)

3.68.0 (May 18, 2021)

FEATURES:

New Resource: google_pubsub_schema (#3243)

IMPROVEMENTS:

compute: added initial_size in resource google_compute_node_group to account for scenarios where size may change under the hood (#3228)
compute: added support for setting kms_key_name on google_compute_machine_image (#3241)
dataflow: enabled updates for google_dataflow_flex_template_job (#3246)

BUG FIXES:

compute: Fixed permadiff for cdn_policy.serve_while_stale and cdn_policy.*_ttl in google_compute_region_backend_service (beta) (#3230)
compute: fixed bug where, when an organization security policy association was removed outside of terraform, the next plan/apply would fail. (#3234)
container: added validation to check that both node_version and remove_default_node_pool cannot be set on google_container_cluster (#3237)
dns: suppressed spurious diffs due to case changes in DS records (#3236)

3.67.0 (May 10, 2021)

NOTES:

all: changed default HTTP request timeout from 30 seconds to 120 seconds (#3181) BREAKING CHANGES:
bigquery: updating dataset_id or project_id in google_bigquery_dataset will now recreate the resource (#3185)

IMPROVEMENTS:

accesscontextmanager: added support for require_verified_chrome_os in basic access levels. (#3223)
billingbudget: added support for import of google_billing_budget (#3194)
cloud_identity: added support for initial_group_config to the google_cloud_identity_group resource (#3211)
cloudrun: added support to bind secrets from Secret Manager to environment variables or files to google_cloud_run_service (#3225)
compute: added initial_size to account for scenarios where size may change under the hood in resource google_compute_node_group (#3228)
compute: added interface field to google_compute_region_disk (#3193)
healthcare: added support for stream_configs in google_healthcare_dicom_store (#3190)
secretmanager: added support for setting a CMEK on google_secret_manager_secret (#3212)
spanner: added force_destroy to google_spanner_instance to delete instances that have backups enabled. (#3227)
spanner: added support for setting a CMEK on google_spanner_database (#3181)
workflows: marked source_contents and service_account as updatable on google_workflows_workflow (#3205)

BUG FIXES:

bigquery: fixed dataset_id to force new resource if name is changed. (#3185)
cloudrun: fixed permadiff on google_cloud_run_domain_mapping.metadata.labels (#3183)
composer: changed google_composer_environment.master_ipv4_cidr_block to draw default from the API (#3204)
compute: fixed the failure when min_required_replicas is set to 0 on google_compute_autoscaler or google_compute_region_autoscaler (#3203)
container: fixed container node pool not removed from the state when received 404 error on delete call for the resource google_container_node_pool (#3210)
dns: fixed empty rrdatas list on google_dns_record_set for AAAA records (#3207)
kms: fixed indirectly force replacement via skip_initial_version_creation on google_kms_crypto_key (#3192)
logging: fixed metric_descriptor.labels can't be updated on 'google_logging_metric' (#3217)
pubsub: fixed diff for minimum_backoff & maximum_backoff on google_pubsub_subscription (#3214)
resourcemanager: fixed broken handling of IAM conditions for google_organization_iam_member, google_organization_iam_binding, and google_organization_iam_policy (#3213)
serviceusage: added google_project_service.service validation to reject invalid service domains that don't contain a period (#3191)
storage: fixed bug where role_entity user wouldn't update if the role changed. (#3199)

3.66.1 (April 29, 2021)

BUG FIXES:

compute: fixed bug where terraform would crash if updating from no service_account.scopes to more. (#3208)

3.66.0 (April 28, 2021)

NOTES:

all: changed default HTTP request timeout from 30 seconds to 120 seconds (#3181)

BREAKING CHANGES:

datacatalog: updating parent in google_data_catalog_tag will now recreate the resource (#3179)

FEATURES:

New Data Source: google_compute_ha_vpn_gateway (#3173)
New Resource: google_dataproc_workflow_template (#3178)

IMPROVEMENTS:

bigquery: Added BigTable source format in BigQuery table (#3165)
cloudfunctions: removed bounds on the supported memory range in google_cloudfunctions_function.available_memory_mb (#3171)
compute: marked scheduling.0.node_affinities as updatable in google_compute_instance (#3166)
dataproc: added shielded_instance_config fields to google_dataproc_cluster (#3157)
spanner: added support for setting a CMEK on google_spanner_database (#3181)

BUG FIXES:

compute: fixed error when creating empty scopes on google_compute_instance (#3174)
container: fixed a bug that allowed specifying node_config on google_container_cluster when autopilot is used (#3155)
datacatalog: fixed an issue where parent in google_data_catalog_tag attempted to update the resource when change instead of recreating it (#3179)
datacatalog: set default false for force_delete on google_data_catalog_tag_template (#3164)
dns: added missing record types to google_dns_record_set resource (#3160)
sql: set clone.point_in_time optional for google_sql_database_instance (#3180)

3.65.0 (April 20, 2021)

FEATURES:

New Data Source: google_kms_secret_asymmetric (#3141)

IMPROVEMENTS:

compute: added the ability to specify google_compute_forwarding_rule.ip_address by a reference in addition to raw IP address (#3140)
compute: enabled fields advertiseMode, advertisedGroups, peerAsn, and peerIpAddress to be updatable on resource google_compute_router_peer (#3134)
eventarc: added transport.pubsub.topic to google_eventarc_trigger (#3149)

BUG FIXES:

cloud_identity: fixed google_cloud_identity_group_membership import/update (#3136)
compute: removed minimum for scopes field on google_compute_instance resource (#3147)
iam: fixed issue with principle and principleSet members not retaining their casing (#3133)
workflows: fixed a bug in google_workflows_workflow that could cause inconsistent final plan errors when using the name field in other resources (#3138)

3.64.0 (April 12, 2021)

FEATURES:

New Resource: google_tags_tag_binding (#3121)
New Resource: google_tags_tag_key_iam_binding (#3124)
New Resource: google_tags_tag_key_iam_member (#3124)
New Resource: google_tags_tag_key_iam_policy (#3124)
New Resource: google_tags_tag_value_iam_binding (#3124)
New Resource: google_tags_tag_value_iam_member (#3124)
New Resource: google_tags_tag_value_iam_policy (#3124)
New Resource: google_apigee_envgroup_attachment (#3129)

IMPROVEMENTS:

bigquery: added require_partition_filter field to google_bigquery_table when provisioning hive_partitioning_options (#3106)
cloudbuild: added new machine types for google_cloudbuild_trigger (#3115)
compute: added field maintenance_window.start_time to google_compute_node_group (#3125)
compute: added gVNIC support for google_compute_instance_template (#3123)
datacatalog: added description field to google_data_catalog_tag_template resource (#3128)
iam: added support for third party identities via the principle and principleSet IAM members (#3133)

BUG FIXES:

compute: reverted datatype change for mtu in google_compute_interconnect_attachment as it was incompatible with existing state representation (#3112)
iam: fixed issue with principle and principleSet members not retaining their casing (#3133)
storage: fixed intermittent Provider produced inconsistent result after apply error when creating (#3107)

3.63.0 (April 5, 2021)

FEATURES:

New Data Source: google_monitoring_istio_canonical_service (#3092)
New Resource: google_apigee_instance_attachment (#3093)
New Resource: google_gke_hub_membership (#3079)
New Resource: google_tags_tag_value (#3097)

IMPROVEMENTS:

added support for Apple silicon chip (updated to go 1.16) (#3057)
container:
- added support for GKE Autopilot in google_container_cluster(#3101)
- added enable_l4_ilb_subsetting (beta) and private_ipv6_google_access fields to google_container_cluster (#3095)
sql: changed the default timeout of google_sql_database_instance to 30m from 20m (#3099)

BUG FIXES:

bigquery: fixed issue where you couldn't extend an existing schema with additional columns in google_bigquery_table (#3100)
cloudidentity: modified google_cloud_identity_groups and google_cloud_identity_group_memberships to respect the user_project_override and billing_project configurations and send the appropriate headers to establish a quota project (#3081)
compute: added minimum for scopes field to google_compute_instance resource (#3098)
notebooks: fixed permadiff on labels for google_notebook_instance (#3096)
secretmanager: set required on secrest_data in google_secret_manager_secret_version (#3094)

3.62.0 (March 27, 2021)

FEATURES:

New Data Source: google_compute_health_check (#3066)
New Data Source: google_kms_secret_asymmetric (#3076)
New Resource: google_gke_hub_membership (#3079)
New Resource: google_tags_tag_key (#3062)
New Resource: google_data_catalog_tag_template_iam_* (#3071)

IMPROVEMENTS:

accesscontextmanager: added support for ingress and egress policies to google_access_context_manager_service_perimeter (#3064)
artifactregistry: relaxed field validations for field format on google_artifact_registry_repository (#3068)
compute: added proxy_bind to google_compute_target_tcp_proxy, google_compute_target_http_proxy and google_compute_target_https_proxy (#3061)

BUG FIXES:

compute: fixed an issue where exceeding the operation rate limit would fail without retrying (#3077)
compute: corrected underlying type to integer for field mtu in google_compute_interconnect_attachment (#3075

3.61.0 (March 23, 2021)

IMPROVEMENTS:

provider: The provider now supports Workload Identity Federation. The federated json credentials must be loaded through the GOOGLE_APPLICATION_CREDENTIALS environment variable. (#3054)
compute: added proxy_bind to google_compute_target_tcp_proxy, google_compute_target_http_proxy and google_compute_target_https_proxy (#3061)
compute: changed google_compute_subnetwork to accept more values in the purpose field (#3043)
dataflow: added enable_streaming_engine argument (#3049)
vpcaccess: added subnet, machine_type beta fields to google_vpc_access_connector (#3042)

BUG FIXES:

bigtable: fixed bug where gc_policy would attempt to recreate the resource when switching from deprecated attribute but maintaining the same value underlying value (#3037)
binaryauthorization: fixed permadiff in google_binary_authorization_attestor (#3035)
container: Fixed updates on export_custom_routes and import_custom_routes in google_compute_network_peering (#3045)

3.60.0 (March 15, 2021)

FEATURES:

New Resource: google_workflows_workflow (#2989)
New Resource: google_apigee_envgroup (#3039)
New Resource: google_apigee_environment (#3020)
New Resource: google_apigee_instance (#2986)

IMPROVEMENTS:

cloudrun: suppressed metadata.labels["cloud.googleapis.com/location"] value in google_cloud_run_service (#3005)
compute: added mtu field to google_compute_interconnect_attachment (#3006)
compute: added autoscaling_policy.cpu_utilization.predictive_method field to google_compute_autoscaler and google_compute_region_autoscaler (#2987)
compute: added support for nic_type to google_compute_instance (GA only) (#2998)
container: added field ephemeral_storage_config to resource google_container_node_pool and google_container_cluster (beta) (#3023)
datafusion: added support for the DEVELOPER instance type to google_data_fusion_instance (#3015)
monitoring: added windows based availability sli to the resource google_monitoring_slo (#3013)
sql: added settings.0.backup_configuration.transaction_log_retention_days and settings.0.backup_configuration.transaction_log_retention_days fields to google_sql_database_instance (#3010)
storage: added kms_key_name to google_storage_bucket_object resource (#3026)

BUG FIXES:

bigquery: fixed materialized view to be recreated when query changes (#3032)
bigtable: fixed bug where gc_policy would attempt to recreate the resource when switching from deprecated attribute but maintaining the same underlying value (#3037)
bigtable: required resource recreation if any fields change on resource_bigtable_gc_policy (#2991)
binaryauthorization: fixed permadiff in google_binary_authorization_attestor (#3035)
cloudfunction: added retry logic for google_cloudfunctions_function updates (#2992)
cloudidentity: fixed a bug where google_cloud_identity_group would periodically fail with a 403 (#3012)
compute: fixed a perma-diff for nat_ips that were specified as short forms in google_compute_router_nat (#3007)
compute: fixed perma-diff for cos-family disk images (#3024)
compute: Fixed service account scope alias to be updated. (#3021)
container: fixed container cluster not removed from the state when received 404 error on delete call for the resource google_container_cluster (#3018)
container: Fixed failure in deleting maintenance_exclusion for google_container_cluster (#3014)
container: fixed an issue where release channel UNSPECIFIED could not be set (#3019)
essentialcontacts: made language_tag required for google_essential_contacts_contact (#2994)
serviceusage: fixed an issue in google_service_usage_consumer_quota_override where setting the override_value to 0 would result in a permanent diff (#2985)
serviceusage: fixed an issue in google_service_usage_consumer_quota_override where setting the override_value to 0 would result in a permanent diff (#3025)

3.59.0 (March 08, 2021)

FEATURES:

New Resource: google_dataproc_metastore_service (#2977)
New Resource: google_workflows_workflow (#2989)
New Resource: google_apigee_instance (#2986)
New Resource: google_eventarc_trigger (#2972)

IMPROVEMENTS:

composer: added encryption_config to google_composer_environment resource (#2967)
compute: Added graceful termination to google_container_node_pool create calls so that partially created node pools will resume the original operation if the Terraform process is killed mid create. (#2969)
redis : marked auth_string on the resource_redis_instance resource as sensitive (#2974)

BUG FIXES:

apigee: fixed IDs when importing google_apigee_organization resource (#2966)
artifactregistry: fixed issue where updating google_artifact_registry_repository always failed (#2968)
compute : fixed a bug where guest_flush could not be set to false for the resource google_compute_resource_policy (#2975)
compute: fixed a panic on empty target_size in google_compute_region_instance_group_manager (#2979)
redis: fixed invalid value error on auth_string in google_redis_instance (#2970)

3.58.0 (February 23, 2021)

NOTES:

google_bigquery_table resources now cannot be destroyed unless deletion_protection = false is set in state for the resource. (#2954)

FEATURES:

New Data Source: google_runtimeconfig_variable (#2945)
New Data Source: google_iap_client (#2951)

IMPROVEMENTS:

bigquery: added deletion_protection field to google_bigquery_table to make deleting them require an explicit intent. (#2954)
cloudrun: updated retry logic to attempt to retry 409 errors from the Cloud Run API, which may be returned intermittently on create. (#2948)
compute: removed max items limit from google_compute_target_ssl_proxy. The API currently allows upto 15 Certificates. (#2964)
compute: added support for Private Services Connect for Google APIs in google_compute_global_address and google_compute_global_forwarding_rule (#2956)
iam: added a retry condition that retries editing iam_binding and iam_member resources on policies that have frequently deleted service accounts (#2963)
redis: added transit encryption mode support for google_redis_instance (#2955)
secretmanager: changed endpoint to use v1 instead of v1beta1 as it is more up-to-date (#2946)
sql: added insights_config block to google_sql_database_instance resource (#2944)

BUG FIXES:

compute: fixed an issue where the provider could return an error on a successful delete operation (#2958)
datacatalog: fixed import issue for google_data_catalog_taxonomy (#2961)
dataproc : fixed max_failure_per_hour not sent in API request for the resource google_dataproc_job (#2949)
dlp : modified google_data_loss_prevention_stored_info_type regex.group_indexes field to trigger resource recreation on update (#2947)
sql: fixed diffs based on case for charset in google_sql_database (#2957)

3.57.0 (February 16, 2021)

DEPRECATIONS:

compute: deprecated source_disk_url field in google_compute_snapshot. (#2939)
kms: deprecated self_link field in google_kms_keyring and google_kms_cryptokey resource as it is identical value to id field. (#2939)
pubsub: deprecated path field in google_pubsub_subscription resource as it is identical value to id field. (#2939)

FEATURES:

New Resource: google_essential_contacts_contact (#2943)
New Resource: google_privateca_certificate (#2924)

IMPROVEMENTS:

bigquery: added status field to google_bigquery_job (#2926)
compute: added disk.resource_policies field to resource google_compute_instance_template (#2929)
compute: added nic_type field to google_compute_instance_template resource to support gVNIC (#2941)
compute: added nic_type field to google_compute_instance resource to support gVNIC (#2941)
pubsub: marked kms_key_name field in google_pubsub_topic as updatable (#2942)

BUG FIXES:

appengine: added retry for P4SA propagation delay (#2938)
compute: fixed overly-aggressive detection of changes to google_compute_security_policy rules (#2940)

3.56.0 (February 8, 2021)

FEATURES:

New Resource: google_privateca_certificate (#2924)

IMPROVEMENTS:

all: added plan time validations for fields that expect base64 values. (#2906)
compute: added disk.resource_policies field to resource google_compute_instance_template (#2929)
sql: added support for point-in-time-recovery to google_sql_database_instance (#2923)
monitoring : added availability sli metric support for the resource google_monitoring_slo (#2908)

BUG FIXES:

bigquery: fixed bug where you could not reorder columns on schema for resource google_bigquery_table (#2913)
cloudrun: suppressed run.googleapis.com/ingress-status annotation in google_cloud_run_service (#2920)
serviceaccount: loosened restrictions on account_id for datasource google_service_account (#2917)

3.55.0 (February 1, 2021)

BREAKING CHANGES:

Reverted * bigquery: made incompatible changes to the google_bigquery_table.schema field to cause the resource to be recreated ([#8232](https://github.com/hashicorp/terraform-provider-google/pull/8232)) due to unintended interactions with a bug introduced in an earlier version of the resource.

FEATURES:

New Data Source: google_runtimeconfig_config (#8268)

IMPROVEMENTS:

compute: added distribution_policy_target_shape field to google_compute_region_instance_group_manager resource (#8277)
container: promoted master_global_access_config, tpu_ipv4_cidr_block, default_snat_status and datapath_provider fields of google_container_cluster to GA. (#8303)
dataproc: Added field temp_bucket to google_dataproc_cluster cluster config. (#8131)
notebooks: added tags, service_account_scopes,shielded_instance_config to google_notebooks_instance (#8289)
provider: added plan time validations for fields that expect base64 values. (#8304)

BUG FIXES:

bigquery: fixed permadiff on expiration_ms for google_bigquery_table (#8298)
billing: fixed perma-diff on currency_code in google_billing_budget (#8266)
compute: changed private_ipv6_google_access in google_compute_subnetwork to correctly send a fingerprint (#8290)
healthcare: add retry logic on healthcare dataset not initialized error (#8256)

3.54.0 (January 25, 2021)

KNOWN ISSUES: New google_bigquery_table behaviour introduced in this version had unintended consequences, and may incorrectly flag tables for recreation. We expect to revert this for 3.55.0.

FEATURES:

New Data Source: google_cloud_run_locations (#2864)
New Resource: google_privateca_certificate_authority (#2877)
New Resource: google_privateca_certificate_authority_iam_binding (#2883)
New Resource: google_privateca_certificate_authority_iam_member (#2883)
New Resource: google_privateca_certificate_authority_iam_policy (#2883)

IMPROVEMENTS:

bigquery: made incompatible changes to the google_bigquery_table.schema field cause the resource to be recreated (#2876)
bigtable: fixed an issue where the google_bigtable_instance resource was not inferring the zone from the provider. (#2873)
cloudscheduler: fixed unnecessary recreate for google_cloud_scheduler_job (#2882)
compute: added scaling_schedules fields to google_compute_autoscaler and google_compute_region_autoscaler (beta) (#2879)
compute: fixed an issue where google_compute_region_per_instance_config, google_compute_per_instance_config, google_compute_region_instance_group_manager resources were not inferring the region/zone from the provider. (#2874)
memcache: fixed an issue where google_memcached_instance resource was not inferring the region from the provider. (#2863)
tpu: fixed an issue where google_tpu_node resource was not inferring the zone from the provider. (#2863)
vpcaccess: fixed an issue where google_vpc_access_connector resource was not inferring the region from the provider. (#2863)

BUG FIXES:

bigquery: fixed an issue in bigquery_dataset_iam_member where deleted members were not handled correctly (#2875)
compute: fixed a perma-diff on google_compute_health_check when log_config.enable is set to false (#2866)
notebooks: fixed permadiff on noRemoveDataDisk for google_notebooks_instance (#2880)
resourcemanager: fixed an inconsistent result when IAM conditions are specified with google_folder_iam_* (#2878)
healthcare: added retry logic on healthcare dataset not initialized error (#2885)

3.53.0 (January 19, 2021)

FEATURES:

New Data Source: google_compute_instance_template (#2842)
New Resource: google_apigee_organization (#2856)

IMPROVEMENTS:

accesscontextmanager: added support for google_access_context_manager_gcp_user_access_binding (#2851)
memcached: fixed an issue where google_memcached_instance resource was not inferring the region from the provider. (More info)
serviceaccount: added a keepers field to google_service_account_key that recreates the field when it is modified (#2860)
sql: added restore from backup support to google_sql_database_instance (#2843)
sql: added support for MYSQL_8_0 on resource google_sql_source_representation_instance (#2841)
tpu: fixed an issue where google_tpu_node resource was not inferring the zone from the provider. (More info)
vpcaccess: fixed an issue where google_vpc_access_connector resource was not inferring the region from the provider. (More info)

BUG FIXES:

bigquery: enhanced diff suppress to ignore certain api divergences on resource table (#2840)
container: fixed crash due to nil exclusions object when updating an existent cluster with maintenance_policy but without exclusions (#2839)
project: fixed a bug in google_project_access_approval_settings where the default project was used rather than project_id (#2852)

3.52.0 (January 11, 2021)

BREAKING CHANGES:

billing: removed import support for google_billing_budget as it never functioned correctly (#2789)

FEATURES:

New Data Source: google_sql_backup_run (#2824)
New Data Source: google_storage_bucket_object_content (#2785)
New Resource: google_billing_subaccount (#2788)
New Resource: google_pubsub_lite_subscription (#2781)
New Resource: google_pubsub_lite_topic (#2781)

IMPROVEMENTS:

bigtable: added support for specifying duration for bigtable_gc_policy to allow durations shorter than a day (#2815)
compute: Added support for Google Virtual Network Interface (gVNIC) for google_compute_image (#2779)
compute: added SHARED_LOADBALANCER_VIP as a valid option for google_compute_address.purpose (#2773)
compute: added field multiwriter to resource disk (beta) (#2822)
compute: added support for enable_independent_endpoint_mapping to google_compute_router_nat resource (#2805)
compute: added support for filter.direction to google_compute_packet_mirroring (#2825)
compute: promoted confidential_instance_config field in google_compute_instance and google_compute_instance_template to GA (#2818)
dataflow: Added optional kms_key_name field for google_dataflow_job (#2829)
dataflow: added documentation about using parameters for custom service account and other pipeline options to google_dataflow_flex_template_job (#2776)
redis: added auth_string output to google_redis_instance when auth_enabled is true (#2819)
sql: added support for setting the type field on google_sql_user to support IAM authentication (#2802)

BUG FIXES:

bigquery: fixed a bug in google_bigquery_connection that caused the resource to function incorrectly when connection_id was unset (#2792)
compute: removed requirement for google_compute_region_url_map default_service, as it should be a choice of default_service or default_url_redirect (#2810)
cloud_tasks: fixed permadiff on retry_config.max_retry_duration for google_cloud_tasks_queue when the 0s is supplied (#2812)
cloudfunctions: fixed a bug where google_cloudfunctions_function would sometimes fail to update after being imported from gcloud (#2780)
cloudrun: fixed a permanent diff on google_cloud_run_domain_mapping spec.force_override field (#2791)
container: added plan time validation to ensure enable_private_nodes is true if master_ipv4_cidr_block is set on resource cluster (#2811)
container: fixed an issue where setting google_container_cluster.private_cluster_config[0].master_global_access_config.enabled to false caused a permadiff. (#2816)
container: fixed setting kubelet_config to disable cpu_cfs_quota does not seem to work (#2820)
dataproc: updated jobs to no longer wait for job completion during create (#2809)
filestore: updated retry logic to fail fast on quota error which cannot succeed on retry. (#2814)
logging: fixed updating on disabled in google_logging_project_sink (#2821)
scheduler: Fixed syntax error in the Cloud Scheduler HTTP target example. (#2777)
sql: fixed a bug in google_sql_database_instance that caused a permadiff on settings.replication_type (#2778)
storage: updated IAM resources to refresh etag sooner on an IAM conflict error, which will make applications of multiple IAM resources much faster. (#2814)

3.51.1 (January 07, 2021)

BUG FIXES:

all: fixed a bug that would occur in various resources due to comparison of large integers (#2826)

3.51.0 (December 14, 2020)

FEATURES:

New Resource: google_firestore_document (#2759)

IMPROVEMENTS:

compute: added CDN features to google_compute_region_backend_service. (#2762)
compute: added Flexible Cache Control features to google_compute_backend_service. (#2762)
compute: added replacement_method field to update_policy block of google_compute_instance_group_manager (#2756)
compute: added replacement_method field to update_policy block of google_compute_region_instance_group_manager (#2756)
logging: added plan time validation for unique_writer_identity on google_logging_project_sink (#2767)
storage: added more lifecycle conditions to google_storage_bucket resource (#2761)

BUG FIXES:

all: bump default request timeout to avoid conflicts if creating a resource takes longer than expected (#2769)
project: fixed a bug where google_project_default_service_accounts would delete all IAM bindings on a project when run with action = "DEPRIVILEGE" (#2771)
spanner: fixed an issue in google_spanner_database where multi-statement updates were not formatted correctly (#2766)
sql: fixed a bug in google_sql_database_instance that caused a permadiff on settings.replication_type (#2778)

3.50.0 (December 7, 2020)

FEATURES:

New Data Source: google_composer_environment (#2745)
New Data Source: google_monitoring_cluster_istio_service (#2730)
New Data Source: google_monitoring_mesh_istio_service (#2730)

IMPROVEMENTS:

compute: added replacement_method field to update_policy block of google_compute_instance_group_manager (#2756)
compute: added replacement_method field to update_policy block of google_compute_region_instance_group_manager (#2756)
compute: added more fields to cdn_policy block of google_compute_backend_bucket (#2741)
compute: updated google_compute_url_map's fields referring to backend services to be able to refer to backend buckets. (#2754)
container: added cluster state check in resource_container_node_pool (#2740)
google: added support for more import formats to google_project_iam_custom_role (#2735)
project: added new restore_policy REVERT_AND_IGNORE_FAILURE to google_project_default_service_accounts (#2750)
serviceusage: Allowed use of field force with updates to google_service_usage_consumer_quota_override (#2747)

BUG FIXES:

bigqueryconnection: fixed failure to import a resource if it has a non-default project or location. (#2746)
datacatalog: fixed permadiff on import for tags with a taxonomy set in config. (#2744)
iam: fixed iam conflict handling so that optimistic-locking retries will succeed more often. (#2753)
storage: fixed an issue in google_storage_bucket where cors could not be removed (#2732)

3.49.0 (November 24, 2020)

FEATURES:

New Resource: google_healthcare_consent_store (#2713)
New Resource: google_healthcare_consent_store_iam_binding (#2713)
New Resource: google_healthcare_consent_store_iam_member (#2713)
New Resource: google_healthcare_consent_store_iam_policy (#2713)

IMPROVEMENTS:

bigquery: added ORC as a valid option to source_format field of google_bigquery_table resource (#2714)
compute: added custom_response_headers field to google_compute_backend_service resource (#2722)
container: added maintenance_exclusions_window to google_container_cluster (#2724)
logging: added description and disabled to logging sinks (#2718)
runtimeconfig: marked value and text fields in google_runtimeconfig_variable resource as sensitive (#2717)
sql: added deletion_policy field to google_sql_user to enable abandoning users rather than deleting them (#2719)

BUG FIXES:

bigtable: added ignore_warnings flag to create call for google_bigtable_app_profile (#2716)

3.48.0 (November 16, 2020)

FEATURES:

New Data Source: google_iam_workload_identity_pool_provider (#2688)

IMPROVEMENTS:

apigateway: added api_config_id_prefix field to google_api_gateway_api_config resoure (#2692)
cloudfunctions: fixed a bug with google_cloudfunction_function that blocked updates when Organization Policies are enabled. (#2681)
compute: added autoscaling_policy.0.scale_in_control fields to google_compute_autoscaler (#2703)
compute: added autoscaling_policy.0.scale_in_control fields to google_compute_region_autoscaler (#2703)
compute: added update support for google_compute_interconnect_attachment bandwidth field (#2698)
dataproc: added "FLINK", "DOCKER", "HBASE" as valid options for field cluster_config.0.software_config.0.optional_components of google_dataproc_cluster resource (#2683)

BUG FIXES:

cloudrun: added diff suppress function for google_cloud_run_domain_mapping metadata.annotations to ignore API-set fields (#2700)
compute: fixed an issue in google_compute_packet_mirroring where updates would fail due to network not being updatable (#2704)
datacatalog: fixed an issue in google_data_catalog_taxonomy and google_data_catalog_policy_tag where importing would fail (#2694)
spanner: marked google_spanner_instance.config as ForceNew as is not updatable (#2699)

3.47.0 (November 09, 2020)

FEATURES:

New Data Source: google_iam_workload_identity_pool (#2663)
New Resource: google_iam_workload_identity_pool_provider (#2670)
New Resource: google_project_default_service_accounts (#2668)

IMPROVEMENTS:

cloudfunctions: fixed a bug with google_cloudfunction_function that blocked updates when Organization Policies are enabled. (#2681)
functions: added 4096 as a valid value for available_memory_mb field of google_cloudfunction_function (#2666)
cloudrun: patched google_cloud_run_service to suppress Google generated annotations (#2679)

BUG FIXES:

dataflow: removed required validation for zone for google_data_flow_job when region is given in the config (#2662)
monitoring: Fixed type of google_monitoring_slo's range values - some range values are doubles, others are integers. (#2655)
pubsub: Fixed permadiff on push_config.attributes. (#2672)
storage: fixed an issue in google_storage_bucket where lifecycle_rules were always included in update requests (#2684)

3.46.0 (November 02, 2020)

NOTES:

compute: updated google_compute_machine_image resource to complete once the Image is ready. (#2637)

FEATURES:

New Resource: google_api_gateway_api_config_iam_binding (#2636)
New Resource: google_api_gateway_api_config_iam_member (#2636)
New Resource: google_api_gateway_api_config_iam_policy (#2636)
New Resource: google_api_gateway_api_config (#2636)
New Resource: google_api_gateway_api_iam_binding (#2636)
New Resource: google_api_gateway_api_iam_member (#2636)
New Resource: google_api_gateway_api_iam_policy (#2636)
New Resource: google_api_gateway_api (#2636)
New Resource: google_api_gateway_gateway_iam_binding (#2636)
New Resource: google_api_gateway_gateway_iam_member (#2636)
New Resource: google_api_gateway_gateway_iam_policy (#2636)
New Resource: google_api_gateway_gateway (#2636)
New Resource: google_compute_instance_from_machine_image (#2637)
New Resource: google_compute_machine_image_iam_binding (#2637)
New Resource: google_compute_machine_image_iam_member (#2637)
New Resource: google_compute_machine_image_iam_policy (#2637)
New Resource: google_iap_tunnel_iam_binding (#2642)
New Resource: google_iap_tunnel_iam_member (#2642)
New Resource: google_iap_tunnel_iam_policy (#2642)

IMPROVEMENTS:

asset: added conditions to Cloud Asset Feeds (#2640)
bigquery: added email_preferences field to google_bigquery_data_transfer_config resource (#2652)
bigquery: added schedule_options field to google_bigquery_data_transfer_config resource (#2641)
compute: added private_ipv6_google_access field to google_compute_subnetwork (#2649)
compute: added storage_locations & cmek fields to google_compute_machine_image resource (#2637)
compute: added support for non-destructive updates to export_custom_routes and import_custom_routes for google_compute_network_peering (#2633)
compute: relaxed load_balancing_scheme validation of google_compute_region_backend_service to support external network load-balancers (#2628)
container: added confidential_nodes field to google_container_cluster resource (#2632)
datacatalog: added taxonomy and policy_tag google_data_catalog (#2626)
dlp: added custom_info_types to google_dlp_inspect_template (#2648)
functions: added build_environment_variables field to google_cloudfunction_function (#2629)
kms: added skip_initial_version_creation to google_kms_crypto_key (#2645)
monitoring: added Monitoring Query Language based alerting for google_monitoring_alert_policy (#2651)

BUG FIXES:

compute: fixed an issue where google_compute_health_check port values caused a diff when port_specification was unset or set to "" (#2635)
monitoring: added more retries for potential failed monitoring operations (#2639)
osconfig: fixed an issue where the rollout.disruption_budget.percentage field in google_os_config_patch_deployment did not correspond to a field in the API (#2644)
sql: fixed a case in google_sql_database_instance where we inadvertently required the projects.get permission for a service networking precheck introduced in v3.44.0 (#2634)

3.45.0 (October 28, 2020)

BREAKING CHANGES:

pubsub: changing the value of google_pubsub_subscription.enable_message_ordering will now recreate the resource. Previously, an error was returned. (#2624)
spanner: google_spanner_database resources now cannot be destroyed unless deletion_protection = false is set in state for the resource. (#2612)

NOTES:

compute: added a warning to google_compute_vpn_gateway (#2607)

FEATURES:

New Data Source: google_spanner_instance (#2602)
New Resource: google_notebooks_instance_iam_binding (#2605)
New Resource: google_notebooks_instance_iam_member (#2605)
New Resource: google_notebooks_instance_iam_policy (#2605)
New Resource: access_context_manager_access_level_condition (#2595)
New Resource: google_bigquery_routine (#2622)
New Resource: google_iam_workload_identity_pool (#2623)
New Resource: google_data_catalog_taxonomy (#2626)
New Resource: google_data_catalog_policy_tag (#2626)
New Resource: google_data_catalog_taxonomy_iam_binding (#2626)
New Resource: google_data_catalog_taxonomy_iam_member (#2626)
New Resource: google_data_catalog_taxonomy_iam_policy (#2626)
New Resource: google_data_catalog_policy_tag_iam_binding (#2626)
New Resource: google_data_catalog_policy_tag_iam_member (#2626)
New Resource: google_data_catalog_policy_tag_iam_policy (#2626)

IMPROVEMENTS:

billing_budget: added disable_default_iam_recipients field to google_billing_budget to allow disable sending email notifications to default recipients. (#2606)
compute: added interface attribute to google_compute_disk (#2609)
compute: added mtu field to google_compute_network resource (#2617)
compute: added support for updating network_interface.[d].network_ip on google_compute_instance when changing network or subnetwork (#2590)
compute: promoted HA VPN fields in google_compute_vpn_tunnel to GA (#2607)
compute: promoted google_compute_external_vpn_gateway to GA (#2607)
compute: promoted google_compute_ha_vpn_gateway to GA (#2607)
provider: added support for service account impersonation. (#2604)
spanner: added deletion_protection field to google_spanner_database to make deleting them require an explicit intent. (#2612)

BUG FIXES:

all: fixed misleading "empty non-retryable error" message that was appearing in debug logs (#2618)
compute: fixed incorrect import format for google_compute_global_network_endpoint (#2594)
compute: fixed issue where google_compute_[region_]backend_service.backend.max_utilization could not be updated (#2620)
iap: fixed an eventual consistency bug causing creates for google_iap_brand to fail (#2592)
provider: fixed an issue where the request headers would grow proportionally to the number of resources in a given terraform apply (#2621)
serviceusage: fixed bug where concurrent activations/deactivations of project services would fail, now they retry (#2591)

3.44.0 (October 19, 2020)

BREAKING CHANGE:

Added deletion_protection to google_sql_database_instance, which defaults to true. SQL instances can no longer be destroyed without setting deletion_protection = false. (#2579)

FEATURES:

New Data Source: google_app_engine_default_service_account (#2568)
New Data Source: google_pubsub_topic (#2556)

IMPROVEMENTS:

bigquery: added ability for google_bigquery_dataset_access to retry quota errors since quota refreshes quickly. (#2584)
bigquery: added MONTH and YEAR as allowed values in google_bigquery_table.time_partitioning.type (#2562)
cloud_tasks: added stackdriver_logging_config field to cloud_tasks_queue resource (#2572)
compute: added support for updating network_interface.[d].network_ip on google_compute_instance when changing network or subnetwork (#2590)
compute: added maintenance_policy field to google_compute_node_group (#2586)
compute: added filter field to google_compute_image datasource (#2573)
dataproc: Added graceful_decomissioning_timeout field to dataproc_cluster resource (#2571)
iam: fixed google_service_account_id_token datasource to work with User ADCs and Impersonated Credentials (#2560)
logging: Added support for exclusions options for google_logging_project_sink (#2569)
logging: added bucket creation based on custom-id given for the resource google_logging_project_bucket_config (#2575)
oslogin: added ability to set a project on google_os_login_ssh_public_key (#2583)
redis: Added auth_enabled field to google_redis_instance (#2570)
resourcemanager: added a precheck that the serviceusage API is enabled to google_project when auto_create_network is false, as configuring the GCE API is required in that circumstance (#2566)
sql: added a check to google_sql_database_instance to catch failures early by seeing if Service Networking Connections already exists for the private network of the instance. (#2579)

BUG FIXES:

accessapproval: fixed issue where, due to a recent API change, google_*_access_approval.enrolled_services.cloud_product entries specified as a URL would result in a permadiff (#2565)
compute: fixed ability to clear description field on google_compute_health_check and google_compute_region_health_check (#2580)
monitoring: fixed bug where deleting a google_monitoring_dashboard would give an "unsupported protocol scheme" error (#2558)

3.43.0 (October 12, 2020)

FEATURES:

New Data Source: google_pubsub_topic (#2556)
New Data Source: google_compute_global_forwarding_rule (#2548)
New Data Source: google_cloud_run_service (#2539)
New Resource: google_bigtable_table_iam_member (#2536)
New Resource: google_bigtable_table_iam_binding (#2536)
New Resource: google_bigtable_table_iam_policy (#2536)

IMPROVEMENTS:

appengine: added ability to manage pre-firestore appengine applications. (#2533)
bigquery: added support for google_bigquery_table materialized_view field (#2532)
cloudbuild: Added COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY support to google_cloudbuild_trigger.github.pull_request.comment_control field (#2552)
compute: added additional fields to the google_compute_forwarding_rule datasource. (#2550)
dns: added forwarding_path field to google_dns_policy resource (#2540)
netblock: changed google_netblock_ip_ranges to read from cloud.json file rather than DNS record (#2543)

BUG FIXES:

accessapproval: fixed issue where, due to a recent API change, google_*_access_approval.enrolled_services.cloud_product entries specified as a URL would result in a permadiff
artifactregistry: fixed an issue where google_artifact_registry_repository would import an empty state (#2546)
bigquery: fixed an issue in google_bigquery_job where non-US locations could not be read (#2542)
cloudrun: fixed an issue in google_cloud_run_domain_mapping where labels provided by Google would cause a diff (#2531)
compute: Fixed an issue where google_compute_region_backend_service required healthChecks for a serverless network endpoint group. (#2547)
container: fixed node_config.image_type perma-diff when specified in lower case. (#2538)
datacatalog: fixed an error in google_data_catalog_tag when trying to set boolean field to false (#2534)
monitoring: fixed bug where deleting a google_monitoring_dashboard would give an "unsupported protocol scheme" error

3.42.0 (October 05, 2020)

FEATURES:

New Resource: google_data_loss_prevention_deidentify_template (#2524)

IMPROVEMENTS:

compute: added support for updating network_interface.[d].network and network_interface.[d].subnetwork properties on google_compute_instance. (#2517)
container: added notification_config to google_container_cluster (#2521)
dataflow: added region field to google_dataflow_flex_template_job resource (#2520)
healthcare: added field parser_config.version to google_healthcare_hl7_v2_store (#2516)

BUG FIXES:

bigquery: fixed an issue where google_bigquery_table would crash while reading an empty schema (#2518)
compute: fixed an issue where google_compute_instance_template would throw an error for unspecified disk_size_gb values while upgrading the provider. (#2515)
resourcemanager: fixed an issue in retrieving google_active_folder data source when the display name included whitespace (#2528)

3.41.0 (September 28, 2020)

IMPROVEMENTS:

container: Added support for datapath_provider to google_container_cluster (#2492)
cloudfunctions: added the ALLOW_INTERNAL_AND_GCLB option to ingress_settings of google_cloudfunctions_function resource. (#2493)
composer: allowed in-place updates to webserver and database machine type (#2491)
compute: added SEV_CAPABLE option to guestOsFeatures in google_compute_image resource. (#2503)
tpu: added use_service_networking to google_tpu_node which enables Shared VPC Support. (#2497)

BUG FIXES:

cloudidentity: Fixed upstream breakage of google_identity_group. (#2507)

3.40.0 (September 22, 2020)

DEPRECATIONS:

bigtable: deprecated instance_type for google_bigtable_instance - it is now recommended to leave field unspecified. (#2477)

FEATURES:

New Data Source: google_compute_region_ssl_certificate (#2476)
New Resource: google_compute_target_grpc_proxy (#2488)

IMPROVEMENTS:

cloudlbuild: added options and artifacts properties to google_cloudbuild_trigger (#2490)
compute: added GRPC as a valid value for google_compute_backend_service.protocol (and regional equivalent) (#2478)
compute: added 'all' option for google_compute_firewall (#2465)
container: added support for load_balancer_type to google_container_cluster Cloud Run config addon. (#2487)
dataflow: added transformnameMapping to google_dataflow_job (#2480)
serviceusage: added ability to pass google.project.id to google_project_service.project (#2479)
spanner: added schema update/update ddl support for google_spanner_database (#2489)

BUG FIXES:

bigtable: fixed the update behaviour of the single_cluster_routing sub-fields in google_bigtable_app_profile (#2482)
dataproc: fixed issues where updating google_dataproc_cluster.cluster_config.autoscaling_policy would do nothing, and where there was no way to remove a policy. (#2483)
osconfig: fixed a potential crash in google_os_config_patch_deployment due to an unchecked nil value in recurring_schedule (#2481)
serviceusage: fixed intermittent failure when a service is already being modified - added retries (#2469)
serviceusage: fixed an issue where bigquery.googleapis.com was getting enabled as the bigquery-json.googleapis.com alias instead, incorrectly. This had no user impact yet, but the alias may go away in the future. (#2469)

3.39.0 (September 15, 2020)

IMPROVEMENTS:

compute: added network field to compute_target_instance (#2456)
compute: added storage_locations field to google_compute_snapshot (#2461)
compute: added kms_key_service_account, kms_key_self_link fields to snapshot_encryption_key field in google_compute_snapshot (#2461)
compute: added source_disk_encryption_key.kms_key_service_account field to google_compute_snapshot (#2461)
container: Added self_link to google_container_cluster (#2457)

BUG FIXES:

bigquery: fixed a bug when a BigQuery table schema didn't have name in the schema. Previously it would panic; now it logs an error. (#2462)
bigquery: fixed bug where updating clustering would force a new resource rather than update. (#2459)
bigquerydatatransfer: fixed params.secret_access_key perma-diff for AWS S3 data transfer config types by adding a sensitive_params block with the secret_access_key attribute. (#2451)
compute: fixed bug where delete_default_routes_on_create=true was not actually deleting the default routes on create. (#2460

3.38.0 (September 08, 2020)

DEPRECATIONS:

storage: deprecated bucket_policy_only field in google_storage_bucket in favour of uniform_bucket_level_access (#2442)

FEATURES:

New Resource: google_compute_disk_iam_binding (#2424)
New Resource: google_compute_disk_iam_member (#2424)
New Resource: google_compute_disk_iam_policy (#2424)
New Resource: google_compute_region_disk_iam_binding (#2424)
New Resource: google_compute_region_disk_iam_member (#2424)
New Resource: google_compute_region_disk_iam_policy (#2424)
New Resource: google_data_loss_prevention_inspect_template (#2433)
New Resource: google_data_loss_prevention_job_trigger (#2433)
New Resource: google_data_loss_prevention_stored_info_type (#2444)
New Resource: google_project_service_identity (#2430)

IMPROVEMENTS:

compute: Added graceful termination to google_compute_instance_group_manager create calls so that partially created instance group managers will resume the original operation if the Terraform process is killed mid create. (#2446)
container: added project override support to google_container_cluster and google_container_nodepool (#2428)
notebooks: added PD_BALANCED as a possible disk type for google_notebooks_instance (#2438)
osconfig: added rollout field to google_os_config_patch_deployment (#2449)
provider: added a new field billing_project to the provider that's associated as a billing/quota project with most requests when user_project_override is true (#2427)
resourcemanager: added additional fields to google_projects datasource (#2440)
serviceusage: added project override support to google_project_service (#2428)

BUG FIXES:

bigquerydatatransfer: fixed params.secret_access_key perma-diff for AWS S3 data transfer config types by adding a sensitive_params block with the secret_access_key attribute. (#2451)
compute: Fixed bug with google_netblock_ip_ranges data source failing to read from the correct URL (#2448)
compute: fixed updating google_compute_instance.shielded_instance_config by adding it to the allow_stopping_for_update list (#2436)
notebooks: fixed broken google_notebooks_instance.instance_owners field by making it a list instead of a string (#2438)

3.37.0 (August 31, 2020)

NOTES:

Drop recommendation to use -provider= on import in documentation (#2417)

FEATURES:

New Resource: google_compute_image_iam_binding (#2410)
New Resource: google_compute_image_iam_member (#2410)
New Resource: google_compute_image_iam_policy (#2410)
New Resource: google_compute_disk_iam_binding (#2424)
New Resource: google_compute_disk_iam_member (#2424)
New Resource: google_compute_disk_iam_policy (#2424)
New Resource: google_compute_region_disk_iam_binding (#2424)
New Resource: google_compute_region_disk_iam_member (#2424)
New Resource: google_compute_region_disk_iam_policy (#2424)

IMPROVEMENTS:

appengine: added vpc_access_connector field to google_app_engine_standard_app_version resource (#2405)
bigquery: added notification_pubsub_topic field to google_bigquery_data_transfer_config resource (#2411)
composer: added database_config and web_server_config to google_composer_environment resource (#2419)
compute: Added custom metadata fields and filter expressions to google_compute_subnetwork flow log configuration (#2416)
compute: Added support to google_compute_backend_service for setting a serverless regional network endpoint group as backend.group (#2408)
compute: added support for pd-balanced disk type for google_compute_instance (#2421)
container: added support for kubelet_config and linux_node_config to GKE node pools (#2279, #2403)
container: added support for pd-balanced disk type for google_container_node_pool (#2421)
memcached: added discovery_endpoint to resource_memcached_instance (#2414)
pubsub: added retry_policy to google_pubsub_subscription resource (#2412)

BUG FIXES:

compute: fixed an issue where google_compute_url_map path_matcher.default_route_action would conflict with default_url_redirect (#2406)
kms: updated data_source_secret_manager_secret_version to have consistent id value (#2415)

3.36.0 (August 24, 2020)

FEATURES:

New Resource: google_active_directory_domain_trust (#2401)
New Resource: google_access_context_manager_service_perimeters (#2382)
New Resource: google_access_context_manager_access_levels (#2382)
New Resource: google_folder_access_approval_settings (#2373)
New Resource: google_organization_access_approval_settings (#2373)
New Resource: google_project_access_approval_settings (#2373)
New Resource: google_bigquery_table_iam_policy (#2392)
New Resource: google_bigquery_table_iam_binding (#2392)
New Resource: google_bigquery_table_iam_member (#2392)

IMPROVEMENTS:

billing: added last_period_amount field to google_billing_budget to allow setting budget amount automatically to the last billing period's spend. (#2378)
compute: added confidential_instance_config block to google_compute_instance (#2369)
compute: added confidential_instance_config block to google_compute_instance_template (#2369)
compute: added grpc_health_check block to compute_health_check (#2389)
compute: added grpc_health_check block to compute_region_health_check (#2389)
pubsub: added enable_message_ordering support to google_pubsub_subscription (#2390)
sql: added project field to google_sql_database_instance datasource. (#2370)
storage: added ARCHIVE as an accepted class for google_storage_bucket and google_storage_bucket_object (#2385)

BUG FIXES:

all: updated base urls for compute, dns, storage, and bigquery APIs to their recommended endpoints (#2396)
bigquery: fixed a bug where dataset_access.iam_member would produce inconsistent results after apply. (#2397)
bigquery: fixed an issue with use_legacy_sql not being set to false. (#2375)
cloudidentity: fixed a bug with importing google_cloud_identity_group and google_cloud_identity_group_membership (#2379)
cloudidentity: fixed cloud identity datasources to handle pagination (#2387)
compute: set the default value for log_config.enable on google_compute_health_check to avoid permanent diff on plan/apply. (#2399)
dns: fixed an issue where google_dns_managed_zone would not remove private_visibility_config on updates (#2380)
sql: fixed an issue where google_sql_database_instance would throw an error when removing private_network. Removing private_network now recreates the resource. (#2400)

3.35.0 (August 17, 2020)

NOTES:

all: Updated lists of enums to display the enum options in the documentation pages. (#2340)

FEATURES:

New Resource: google_compute_region_network_endpoint_group (supports serverless NEGs) (#2348)

IMPROVEMENTS:

appengine: converted google_app_engine_standard_app_version's inbound_services to an enum array, which enhances docs and provides some client-side validation. (#2344)
billing_budget: Added support for monitoring_notification_channels to allow sending budget notifications to Cloud Monitoring email notification channels. (#2366)
cloudbuild: added tags, source, queue_ttl, logs_bucket, substitutions, and secrets to google_cloudbuild_trigger (#2335)
cloudfunctions: Updated the google_cloudfunctions_function datasource to include new fields available in the API. (#2334)
compute: added source_image and source_snapshot to google_compute_image (#2356)
compute: added confidential_instance_config block to google_compute_instance (#2369)
compute: added confidential_instance_config block to google_compute_instance_template (#2369)
iam: Added public_key_type field to google_service_account_key (#2368)
memcached: added memcacheVersion input and memcacheNodes output field to google_memcache_instance (#2336)
pubsub: added filter field to google_pubsub_subscription resource (#2367)
resource-manager: updated documentation for folder_iam_* and organization_iam_* resources. (#2365)
sql: added support for point_in_time_recovery for google_sql_database_instance (#2338)

BUG FIXES:

appengine: Set iap to computed in google_app_engine_application (#2342)
artifactrepository: Fixed import failure of google_artifact_registry_repository. (#2345)
compute: fixed shielded instance config, which had been failing to apply due to a field rename on the GCP side. (#2337)
monitoring: fixed validation rules for google_monitoring_slo windows_based_sli.metric_sum_in_range.max field (#2354)
osconfig: fixed google_os_config_patch_deployment windows_update.classifications field to work correctly, accepting multiple values. (#2340)

3.34.0 (August 11, 2020)

NOTES:

redis: explicitly noted in google_redis_instance documentation that "REDIS_5_0" is supported (#2323)
all: fix markdown formatting while showing enum values in documentation (#2327)

FEATURES:

New Resource: google_compute_compute_organization_security_policy_association (#2333)
New Resource: google_compute_compute_organization_security_policy_rule (#2333)
New Resource: google_compute_compute_organization_security_policy (#2333)

IMPROVEMENTS:

bigtable: added support for labels in google_bigtable_instance (#2325)
cloudfunctions: updated the google_cloudfunctions_function datasource to include new fields available in the API. (#2334)
compute: masked automatically applied GKE Sandbox node labels and taints on node pools (#2320)
redis: added persistence_iam_identity output field to google_redis_instance (#2323)
storage: added output-only media_link to google_storage_bucket_object (#2331)

BUG FIXES:

compute: fixed issue where the project field in data.google_compute_network_endpoint_group was returning an error when specified (#2324)
notebook: fixed bug where not setting data_disk_type or disk_encryption would cause a diff on the next plan (#2332)
sourcerepo: fixed perma-diff in google_sourcerepo_repository (#2316)
all: fixed crash due to nil context when loading credentials (#2321)

3.33.0 (August 04, 2020)

DEPRECATIONS:

compute: deprecated enable_logging on google_compute_firewall, define log_config.metadata to enable logging instead. (#2310)

FEATURES:

New Resource: google_active_directory_domain (#2309)
New Resource: google_dataflow_flex_template_job (#2303)

IMPROVEMENTS:

cloudrun: added ports field to google_cloud_run_service templates.spec.containers (#2311)
compute: added log_config.metadata to google_compute_firewall, defining this will enable logging. (#2310)

BUG FIXES:

container: Fixed a crash in google_container_cluster when "" was specified for resource_usage_export_config.bigquery_destination.dataset_id. (#2296)
endpoints: Fixed a crash when google_endpoints_service is used on a machine without timezone data (#2302)
resourcemanager: bumped google_project timeout defaults to 10 minutes (from 4) (#2306

3.32.0 (July 27, 2020)

FEATURES:

New Data Source: google_sql_database_instance #2841 (#2273)
New Resource: google_cloud_asset_folder_feed (#2284)
New Resource: google_cloud_asset_organization_feed (#2284)
New Resource: google_cloud_asset_project_feed (#2284)
New Resource: google_monitoring_metric_descriptor (#2290)
New Resource: google_os_config_guest_policies (#2276)

IMPROVEMENTS:

cluster: Added default_snat_status field for google_container_cluster resource. (#2283)
filestore: Added nfs_export_options field on google_filestore_instance.file_shares. (#2289)
filestore: Added support for filestore high scale tier. (#2289)
resourcemanager: Added folder_id as computed attribute to google_folder resource and datasource. (#2287)
compute: Added support to google_compute_backend_service for setting a network endpoint group as backend.group. (#2304)

BUG FIXES:

container: Fixed google_container_cluster.pod_security_policy_config not being set when disabled.
container: Fixed a crash in google_container_cluster when "" was specified for resource_usage_export_config.bigquery_destination.dataset_id. (#2296)
bigquery: Fixed bug where a permadiff would show up when adding a column to the middle of a bigquery_table.schema (#2275)
notebook: Fixed bug where many fields were being written as empty to state, causing a diff on the next plan (#2288)
notebook: Fixed bug where setting network or subnet to a full URL would succeed, but cause a diff on the next plan (#2288)
notebook: Fixed bug where updating certain fields would result in a no-op update call instead of a create/destroy. Now, the only field that is updatable in place is labels (#2288)

3.31.0 (July 20, 2020)

FEATURES:

New Data Source: google_service_account_id_token (#2269)
New Resource: google_cloudiot_device (#2266)

IMPROVEMENTS:

bigquery: added support for BigQuery custom schemas for external data using CSV / NDJSON (#2264)
datafusion: changed version field to be settable in google_data_fusion_instance resource (#2268)

BUG FIXES:

container: fixed a bug where useIpAlias was not defaulting to true inside the ip_allocation_policy block (#2260)
memcache: fixed field memcache_parameters to work correctly on google_memcache_instance (#2261)

3.30.0 (July 13, 2020)

FEATURES:

New Data Source: google_game_services_game_server_deployment_rollout (#2258)
New Resource: google_os_config_patch_deployment (#2253)

IMPROVEMENTS:

artifactregistry: Added field kms_key_name to google_artifact_registry_repository (#2254)

BUG FIXES:

container: added the ability to update database_encryption without recreating the cluster. (#2259)
container: fixed a bug where useIpAlias was not defaulting to true inside the ip_allocation_policy block (#2260)
endpoints: fixed google_endpoints_service to allow dependent resources to plan based on the config_id value. (#2248)
runtimeconfig: fixed Requested entity was not found. error when config was deleted outside of terraform. (#2257)

3.29.0 (July 06, 2020)

NOTES:

added the https://www.googleapis.com/auth/cloud-identity scope to the provider by default (#2224)
google_app_engine_*_version's service field is required; previously it would have passed validation but failed on apply if it were absent. (#6720)

FEATURES:

New Data Source: google_cloud_identity_group_memberships (#2240)
New Data Source: google_cloud_identity_groups (#2240)
New Resource: google_cloud_identity_group_membership (#2224)
New Resource: google_cloud_identity_group (#2224)
New Resource: google_kms_key_ring_import_job (#2225)
New Resource: google_folder_iam_audit_config (#2237)

IMPROVEMENTS:

bigquery: Added "HOUR" option for google_bigquery_table time partitioning (type) (#2235)
compute: Added mode to google_compute_region_autoscaler autoscaling_policy (#2226)
compute: Added scale_down_control to google_compute_region_autoscaler autoscaling_policy (#2226)
container: added networking_mode to google_container_cluster (#2243)
endpoints: enable google_endpoints_service-dependent resources to plan based on the config_id value. (#2248)
monitoring: added request_method, content_type, and body fields within the http_check object to google_monitoring_uptime_check_config resource (#2233)

BUG FIXES:

compute: Fixed an issue in google_compute_managed_ssl_certificate where multiple fully qualified domain names would cause a permadiff (#2241)
compute: fixed an issue in compute_url_map where path_matcher sub-fields would conflict with default_service (#2247)
container: fixed an issue in google_container_cluster where workload_metadata_config would cause a permadiff (#2242)

3.28.0 (June 29, 2020)

FEATURES:

New Data Source: google_redis_instance (#2209)
New Resource: google_notebook_environment (#2199)
New Resource: google_notebook_instance (#2199)

IMPROVEMENTS:

appengine: Enabled provisioning Firestore on a new project by adding the option to specify database_type in google_app_engine_application (#2193)
compute: Added mode to google_compute_autoscaler autoscaling_policy (#2214)
compute: Added remove_instance_state_on_destroy to google_compute_per_instance_config to control deletion of underlying instance state. (#2187)
compute: Added remove_instance_state_on_destroy to google_compute_region_per_instance_config to control deletion of underlying instance state. (#2187)
compute: Added scale_down_control for google_compute_autoscaler autoscaling_policy (#2214)
compute: Added SHARED_LOADBALANCER_VIP as an option for google_compute_address.purpose (#2204)
dns: enabled google_dns_policy to accept network id (#2189)

BUG FIXES:

appengine: Added polling to google_app_engine_firewall_rule to prevent issues with eventually consistent creation (#2197)
compute: Allowed updating google_compute_network_peering_routes_config import_custom_routes and export_custom_routes to false (#2190)
netblock: fixed the google netblock ranges returned by the google_netblock_ip_ranges by targeting json on gstatic domain instead of reading SPF dns records (solution provided by network team) (#2210)

3.27.0 (June 23, 2020)

IMPROVEMENTS:

accesscontextmanager: Added custom config to google_access_context_manager_access_level (#2180)
cloudbuild: Added invert_regex flag in Github PullRequestFilter and PushFilter in triggerTemplate (#2171)
cloudrun: Added template.spec.timeout_seconds to google_cloud_run_service (#2164)
compute: Added cpu_over_commit_type to google_compute_node_template (#2176)
compute: Added min_node_cpus to the scheduling blocks on compute_instance and compute_instance_template (#2169)
compute: Added export_subnet_routes_with_public_ip and import_subnet_routes_with_public_ip to google_compute_network_peering (#2170)
compute: Added remove_instance_state_on_destroy to google_compute_per_instance_config to control deletion of underlying instance state. (#2187)
container: Added support for private_cluster_config.master_global_access_config to google_container_cluster (#2157)
compute: Added support for google_compute_instance_group instances to accept instance id field as well as self_link (#2161)
dns: Added support for google_dns_policy network to accept google_compute_network.id (#2189)
redis: Added validation for name attribute in redis_instance (#2167)

BUG FIXES:

bigquery: Fixed range_partitioning.range.start so that the value 0 is sent in google_bigquery_table (#2153)
container: Fixed a regression in google_container_cluster where the location was not inferred when using a subnetwork shortname value like name (#2160)
datastore: Added retries to google_datastore_index requests when under contention. (#2154)
kms: Fixed the id value in the google_kms_crypto_key_version datasource to include a /v1 part following //cloudkms.googleapis.com/, making it useful for interpolation into Binary Authorization. (#2165)

3.26.0 (June 15, 2020)

FEATURES:

New Resource: google_data_catalog_tag (#2144)
New Resource: google_bigquery_dataset_iam_binding (#2147)
New Resource: google_bigquery_dataset_iam_member (#2147)
New Resource: google_bigquery_dataset_iam_policy (#2147)
New Resource: google_memcache_instance (#2142)
New Resource: google_network_management_connectivity_test (#2138)

IMPROVEMENTS:

compute: added default_route_action to compute_url_map and compute_url_map.path_matchers (#2143)
container : Added cluster_telemetry attribute to google_container_cluster (#2149)
dialogflow: Changed google_dialogflow_agent.time_zone to be updatable (#2133)
dns: enabled google_dns_managed_zone to accept network id for two attributes (#2139)
healthcare: Added support for streaming_configs to google_healthcare_fhir_store (#2145)
monitoring: added matcher attribute to content_matchers block for google_monitoring_uptime_check_config (#2150)

BUG FIXES:

compute: fixed issue where trying to update the region of google_compute_subnetwork would fail instead of destroying/recreating the subnetwork (#2134)
dataflow: added retries in google_dataflow_job for common retryable API errors when waiting for job to update (#2146)
dataflow: changed the update logic for google_dataflow_job to wait for the replacement job to start successfully before modifying the resource ID to point to the replacement job (#2140)

3.25.0 (June 08, 2020)

BREAKING CHANGES:

bigquery: Add ability to manage credentials to google_bigquery_connection. This field is required as the resource is not useful without them. (#2111)

FEATURES:

New Resource: google_data_catalog_tag_template (#2120)
New Resource: google_container_analysis_occurence (#2114)

IMPROVEMENTS:

appengine: added inbound_services to StandardAppVersion resource (#2131)
bigquery: Added support for google_bigquery_table hive_partitioning_options (#2121)
container_analysis: Added top-level generic note fields to google_container_analysis_note (#2114)

BUG FIXES:

bigquery: Fixed an issue where google_bigquery_job would return "was present, but now absent" error after job creation (#2122)
container: Changed retry logic for google_container_node_pool deletion to use timeouts and retry errors more specifically when cluster is updating. (#2115)
dataflow: fixed an issue where google_dataflow_job would try to update max_workers (#2110)
dataflow: fixed an issue where updating on_delete in google_dataflow_job would cause the job to be replaced (#2110)
compute: fixed issue where removing all target pools from google_compute_instance_group_manager or google_compute_region_instance_group_manager had no effect (#2124)
functions: Added retry to google_cloudfunctions_function creation when API returns error while pulling source from GCS (#2116)
provider: Removed credentials from output error when provider cannot parse given credentials (#2113)

3.24.0 (June 01, 2020)

BREAKING CHANGES:

bigquery: Add ability to manage credentials to google_bigquery_connection. This field is required as the resource is not useful without them. (#2111)

FEATURES:

New Resource: google_compute_machine_image (#2109)
New Resources: google_data_catalog_entry_group_iam_* (#2098)
New Resource: google_data_catalog_entry_group (#2098)
New Resource: google_data_catalog_entry (#2100)

IMPROVEMENTS:

appengine: added handlers to google_flexible_app_version (#2105)
bigquery: suppressed diffs between fully qualified URLs and relative paths that reference the same table or dataset in google_bigquery_job (#2107)
container: Added update support for node_config.workload_metadata_config to google_container_node_pool (#2091)

BUG FIXES:

appengine: added ability to fully sync StandardAppVersion resources (#2096)
bigquery: Fixed an issue with google_bigquery_dataset_access failing for primitive role roles/bigquery.dataViewer (#2092)
dataflow: fixed an issue where google_dataflow_job would try to update max_workers (#2110)
dataflow: fixed an issue where updating on_delete in google_dataflow_job would cause the job to be replaced (#2110)
os_login: Fixed google_os_login_ssh_public_key key field attempting to update in-place (#2094)

3.23.0 (May 25, 2020)

BREAKING CHANGES:

The base url for the monitoring endpoint no longer includes the API version (previously "v3/"). If you use a monitoring_custom_endpoint, remove the trailing "v3/". (#2088)

FEATURES:

New Data Source: google_iam_testable_permissions (#2071)
New Resource: google_monitoring_dashboard (#2088)

IMPROVEMENTS:

bigquery: Added ability for various table_id fields (and one dataset_id field) in google_bigquery_job to specify a relative path instead of just the table id (#2079)
composer: Added support for google_composer_environment config.private_environment_config.cloud_sql_ipv4_cidr_block (#2075)
composer: Added support for google_composer_environment config.private_environment_config.web_server_ipv4_cidr_block (#2075)
composer: Added support for google_composer_environment web_server_network_access_control for private environments (#2075)
container: Added update support for node_config.workload_metadata_config to google_container_node_pool (#2091)
container: Added min_cpu_platform to google_container_cluster.cluster_autoscaling.auto_provisioning_defaults (#2086)
container: Added release_channel_default_version to data.google_container_engine_versions, allowing you to find the default version for a release channel (#2068)
container: Added the ability to unspecify google_container_cluster's min_master_version field (#2068)
container: Added update support to google_container_cluster's release_channel field (#2068)
container: Added config_connector_config google_container_cluster (#2064)
monitoring: Added window-based SLI to google_monitoring_slo (#2070)

BUG FIXES:

compute: Fixed an issue where google_compute_route creation failed while VPC peering was in progress. (#2082)
Fixed an issue where data source google_organization would ignore exact domain matches if multiple domains were found (#2085)
compute: Fixed google_compute_interconnect_attachment edge_availability_domain diff when the field is unspecified (#2084)
compute: Fixed error where plan would error if google_compute_region_disk_resource_policy_attachment had been deleted outside of terraform. (#2065)
compute: Raise limit on number of src_ip_ranges values in google_compute_security_policy to supported 10 (#2076)
iam: Fixed an issue where google_service_account shows an error after creating the resource (#2074)

3.22.0 (May 18, 2020)

BREAKING CHANGE:

google_bigtable_instance resources now cannot be destroyed unless deletion_protection = false is set in state for the resource. (#2061)

FEATURES:

New Resource: google_compute_region_per_instance_config (#2046)
New Resource: google_dialogflow_entity_type (#2052)

IMPROVEMENTS:

bigtable: added deletion_protection field to google_bigtable_instance to make deleting them require an explicit intent. (#2061)
compute: Added google_compute_region_backend_service portName parameter (#2048)
dataproc: Updated google_dataproc_cluster.software_config.optional_components to include new options. (#2049)
monitoring: Added request_based SLI support to google_monitoring_slo (#2058)
storage: added google_storage_bucket bucket name to the error message when the bucket can't be deleted because it's not empty (#2059)

BUG FIXES:

bigquery: Fixed error where google_bigquery_dataset_access resources could not be found post-creation if role was set to a predefined IAM role with an equivalent primative role (e.g. roles/bigquery.dataOwner and OWNER) (#2039)
compute: Fixed permadiff in google_compute_instance_template's network_tier. (#2054)
compute: Removed permadiff or errors on update for google_compute_backend_service and google_compute_region_backend_service when consistent_hash values were previously set on backend service but are not supported by updated value of locality_lb_policy (#2044)
sql: Fixed occasional failure to delete google_sql_database_instance and google_sql_user. (#2045)

3.21.0 (May 11, 2020)

FEATURES:

New Resource: google_compute_per_instance_config (#2029)
New Resource: google_logging_billing_account_bucket_config (#2008)
New Resource: google_logging_folder_bucket_config (#2008)
New Resource: google_logging_organization_bucket_config (#2008)
New Resource: google_logging_project_bucket_config (#2008)

IMPROVEMENTS:

all: add configurable timeouts to several resources that did not previously have them (#2007)
bigquery: added service_account_name field to google_bigquery_data_transfer_config resource (#2004)
cloudfunctions: Added validation to label keys for google_cloudfunctions_function as API errors aren't useful. (#2009)
compute: Added support for stateful_disk to both google_compute_instance_group_manager and google_compute_region_instance_group_manager. (#2006)
container: added kalm_config addon to google_container_cluster (#2027)
dataflow: Added drift detection for google_dataflow_job template_gcs_path and temp_gcs_location fields (#2021)
dataflow: Added support for update-by-replacement to google_dataflow_job (#2021)
dataflow: added additional_experiments field to google_dataflow_job (#2005)
dataproc: added component gateway support to google_dataproc_cluster (#2035)
storage: Added retries for google_storage_bucket_iam_* on 412 (precondition not met) errors for eventually consistent bucket creation. (#2011)

BUG FIXES:

all: fixed bug where timeouts specified in units other than minutes were getting incorrectly rounded. Also fixed several instances of timeout values being used from the wrong method. (#2002)
accesscontextmanager: Fixed setting require_screen_lock to true for google_access_context_manager_access_level (#2010)
appengine: Changed google_app_engine_application to respect updates in iap (#2000)
bigquery: Fixed error where google_bigquery_dataset_access resources could not be found post-creation if role was set to a predefined IAM role with an equivalent primative role (e.g. roles/bigquery.dataOwner and OWNER) (#2039)
bigquery: Fixed the google_sheets_options at least one of logic. (#2030)
cloudscheduler: Fixed permadiff for google_cloud_scheduler_job.retry_config.* block when API provides default values (#2028)
compute: Added lock to prevent google_compute_route from changing while peering operations are happening on its network (#2016)
compute: Stopped force-recreation of google_compute_backend_service and google_compute_backend_service on updating locality_lb_policy (#2012)
compute: fixed issue where the default value for the attribute advertise_mode on google_compte_router_peer was not populated on import (#2024)
container: Fixed occasional error with container_node_pool partially-successful creations not being recorded if an error occurs on the GCP side. (#2038)
container: fixed issue where terraform would error if a gke instance group was deleted out-of-band (#2015)
storage: Fixed setting/reading google_storage_bucket_object metadata on API object (#2025)
storage: Marked the credentials field in google_storage_object_signed_url as sensitive so it doesn't expose private credentials. (#2026)

3.20.0 (May 04, 2020)

New Resource: google_artifact_registry_repository (#1981)
New Resource: google_artifact_registry_repository_iam_policy (#1981)
New Resource: google_artifact_registry_repository_iam_binding (#1981)
New Resource: google_artifact_registry_repository_iam_member (#1981)
New Resource: google_bigquery_connection (#2014)

IMPROVEMENTS:

appengine: Added automatic_scaling, basic_scaling, and manual_scaling to google_app_engine_standard_app_version (#1984)
bigquery: added service_account_name field to google_bigquery_data_transfer_config resource (#2004)
bigtable: added ability to add/remove column families in google_bigtable_table (#1988)
cloudfunctions: Added validation to label keys for google_cloudfunctions_function as API errors aren't useful. (#2009)
compute: Added support for stateful_disk to both google_compute_instance_group_manager and google_compute_region_instance_group_manager. (#2006)
compute: Added support for default URL redirects to google_compute_url_map and google_compute_region_url_map (#1998)
dataflow: Added additional_experiments field to google_dataflow_job (#2005)
dns: Added service_directory_config field togoogle_dns_managed_zone (#1976)
compute: Added update of google_compute_backend_service and google_compute_backend_service field `locality_lb_policy (#2012)

BUG FIXES:

accesscontextmanager: Fixed setting require_screen_lock to true for google_access_context_manager_access_level (#2010)
appengine: Changed google_app_engine_application to respect updates in iap (#2000)
storage: Added retries for google_storage_bucket_iam_* on 412 (precondition not met) errors for eventually consistent bucket creation. (#2011)

3.19.0 (April 27, 2020)

FEATURES:

New Resource: google_bigquery_job (#1959)
New Resource: google_monitoring_slo (#1953)
New Resource: google_service_directory_endpoint (#1964)
New Resource: google_service_directory_namespace (#1964)
New Resource: google_service_directory_service (#1964)

IMPROVEMENTS:

bigtable: Reduced the minimum number of nodes for the bigtable_instace resource from 3 to 1. (#1968)
container: Added support for google_container_cluster Compute Engine persistent disk CSI driver (#1969)
compute: Added support for google_compute_instance resource_policies field (#1957)
compute: Added support for google_compute_resource_policy group placement policies (#1957)
healthcare: Added schema field to google_healthcare_hl7_v2_store (#1962)

BUG FIXES:

dataproc: Fixed diff when google_dataproc_cluster preemptible_worker_config.0.num_instances is sized to 0 and other preemptible_worker_config subfields are set (#1954)
resourcemanager: added a wait to google_project so that projects are more likely to be ready before the resource finishes creation (#1970)
sql: Allowed binary_log_enabled to be disabled. (#1973)
sql: Fixed behaviour in google_sql_database when the parent instance is deleted, removing it from state (#1972)

3.18.0 (April 20, 2020)

FEATURES:

New Data Source: google_firebase_web_app_config (#1950)
New Data Source: google_firebase_web_app (#1950)
New Data Source: google_monitoring_app_engine_service (#1944)
New Resource: google_firebase_web_app (#1950)
New Resource: google_monitoring_custom_service (#1944)
New Resource: google_compute_global_network_endpoint (#1948)
New Resource: google_compute_global_network_endpoint_group (#1948)
New Resource: google_monitoring_slo (#1953)

IMPROVEMENTS:

appengine: Added iap.enabled field to google_app_engine_application resource (#1943)
iam: Added name field to google_organization_iam_custom_role (#1951)
iam: Added name field to google_project_iam_custom_role (#1951)

BUG FIXES:

container: Fixed importing/reading google_container_node_pool resources in non-RUNNING states (#1952)
container: Made addons_config.cloudrun_config able to be updated without recreating and destroying. (#1942)
container: Made addons_config.dns_cache_config able to be updated without recreating and destroying. (#1942)
monitoring: Made display_name optional on google_monitoring_notification_channel (#1947)

3.17.0 (April 13, 2020)

FEATURES:

New Resource: google_bigquery_dataset_access (#1924)
New Resource: google_dialogflow_intent (#1936)
New Resource: google_os_login_ssh_public_key (#1922)

IMPROVEMENTS:

accesscontextmanager: added spec and use_explicit_dry_run_spec to google_access_context_manager_service_perimeter to test perimeter configurations in dry-run mode. (#1940)
compute: Added update support for google_compute_interconnect_attachment admin_enabled (#1931)
compute: Added field log_config to google_compute_health_check and google_compute_region_health_check to enable health check logging. (#1934)
compute: Added more import formats for google_compute_instance (#1933)
sourcerepo: allowed google_sourcerepo_repo pubsub_configs.topic to accept short topic names in addition to full references. (#1938)

BUG FIXES:

compute: Fixed diff on default value for google_compute_interconnect_attachment admin_enabled (#1931)
compute: Fixed perma-diff on google_compute_interconnect_attachment candidate_subnets (#1931)
compute: fixed bug where google_compute_instance_from_template instance defaults were overriding scheduling (#1939)
iap: project can now be unset in iap_web_iam_member and will read from the default project (#1935)
serviceusage: fixed issue where google_project_services attempted to read a project before enabling the API that allows that read (#1937)
sql: fixed error that occurred on google_sql_database_instance when settings.ip_configuration was set but ipv4_enabled was not set to true and private_network was not configured, by defaulting ipv4_enabled to true. (#1926)
storage: fixed bug where deleting a google_storage_bucket that contained non-deletable objects would retry indefinitely (#1929)

3.16.0 (April 06, 2020)

FEATURES:

New Data Source: google_monitoring_uptime_check_ips (#1912)
New Resource: firebase_project_location: finalizes the firebase location. (#1919)

IMPROVEMENTS:

cloudfunctions: Added ingress_settings field to google_cloudfunctions_function (#1898)
cloudfunctions: added support for vpc_connector_egress_settings to google_cloudfunctions_function (#1904)
accesscontextmanager: added status.vpc_accessible_services to google_access_context_manager_service_perimeter to control which services are available from the perimeter's VPC networks to the restricted Google APIs IP address range. (#1910)
cloudrun: added ability to autogenerate revision name (#1900)
compute: added ability to resize google_compute_reservation (#1908)
container: added enable_resource_consumption_metering to resource_usage_export_config in google_container_cluster (#1901)
dns: added ability to update google_dns_managed_zone.dnssec_config (#1914)
pubsub: Added dead_letter_policy support to google_pubsub_subscription (#1913)

BUG FIXES:

compute: Fixed an issue where port could not be removed from health checks (#1906)
storage: fixed an issue where google_storage_bucket_iam_member showed a diff for bucket self links (#1918)

3.15.0 (March 30, 2020)

FEATURES:

New Resource: google_compute_instance_group_named_port (#1869)
New Resource: google_service_usage_consumer_quota_override (#1884)
New Resource: google_firebase_project: enables Firebase for a referenced Google project (#1885)
New Resource: google_iap_brand (#1848)
New Resource: google_iap_client (#1848)
New Resource: google_appengine_flexible_app_version (#1849)

IMPROVEMENTS:

accesscontextmanager: Added regions field to google_access_context_manager_access_level (#1882)
compute: added support for IAM conditions in google_compute_subnet_iam_* IAM resources (#1877)
kms: Added new field "Additional Authenticated Data" for Cloud KMS data source google_kms_secret (#1886)
kms: Added new field "Additional Authenticated Data" for Cloud KMS resource google_kms_secret_ciphertext (#1886)

BUG FIXES:

kms: Fixed an issue in google_kms_crypto_key_version where public_key would return empty after apply (#1879)
logging: Fixed import issue with google_logging_metric in a non-default project. (#1876)
provider: Fixed an error with resources failing to upload large files (e.g. with google_storage_bucket_object) during retried requests (#1894)

3.14.0 (March 23, 2020)

FEATURES:

New Data Source: google_compute_instance_serial_port (#1860)
New Resource: google_compute_region_ssl_certificate (#1863)

IMPROVEMENTS:

compute: Added new attribute reference current_status to the google_compute_instance resource (#1857)
container: Added dns_cache_config field to google_container_cluster resource (#1853)
container: Updated upgrade_settings to read defaults from API for the google_container_node_pool resource (#1859)
provider: Added provider-wide request retries for common temporary GCP error codes and network errors (#1856)
redis: Added connect_mode field to google_redis_instance resource (#1854)

3.13.0 (March 16, 2020)

BREAKING CHANGES:

dialogflow: Changed google_dialogflow_agent.time_zone to ForceNew. Updating this field will require recreation. This is due to a change in API behavior. (#1827)

FEATURES:

New Resource: google_bigquery_reservation (#1833)
New Resource: google_compute_region_disk_resource_policy_attachment (#1836)
New Resource: google_sql_source_representation_instance (#1832)

IMPROVEMENTS:

bigtable: Added support for full-name/id instance_name value in google_bigtable_table and google_bigtable_gc_policy (#1830)
compute: Added autoscaling_policy to google_compute_node_group (#1841)
compute: Added support for full-name/id network_endpoint_group value in google_network_endpoint (#1831)
dialogflow: Changed google_dialogflow_agent to not read tier status (#1829)
monitoring: Added sensitive_labels to google_monitoring_notification_channel so that labels like password and auth_token can be managed separately from the other labels and marked as sensitive. (#1844)

BUG FIXES:

all: fixed issue where nested objects were getting sent as null values to GCP on create instead of being omitted from requests (#1822)
cloudfunctions: fixed vpc_connector to be updated properly in google_cloudfunctions_function (#1825)
compute: fixed google_compute_security_policy from allowing two rules with the same priority. (#1828)
compute: fixed bug where google_compute_instance.scheduling.node_affinities.operator would incorrectly accept NOT rather than NOT_IN. (#1835)
container: Fixed issue where google_container_node_pool resources created in the 2.X series were failing to update after 3.11. (#1846)

3.12.0 (March 09, 2020)

IMPROVEMENTS:

serviceusage: google_project_service no longer attempts to enable a service that is already enabled. (#1814)
bigtable: Added support for full-name/id instance value in google_bigtable_app_profile (#1804)
pubsub: Added polling to ensure correct resource state for negative-cached PubSub resources (#1816)

BUG FIXES:

compute: Fixed a scenario where google_compute_instance_template would cause a crash. (#1812)
storage: Added check for bucket retention policy list being empty. (#1807)
storage: Added locking for operations involving google_storage_*_access_control resources to prevent errors from ACLs being added at the same time. (#1806)
container: Fixed panic when upgrading google_container_cluster with autoscaling block. (#1766)

3.11.0 (March 02, 2020)

FEATURES:

New Data Source: google_compute_backend_bucket (#1778)
New Resource: google_app_engine_service_split_traffic (#1785)
New Resource: google_compute_packet_mirroring (#1791)
New Resource: Added new resource google_game_services_game_server_cluster (#1789)
New Resource: Added new resource google_game_services_game_server_config (#1789)
New Resource: Added new resource google_game_services_game_server_deployment_rollout (#1789)
New Resource: Added new resource google_game_services_game_server_deployment (#1789)
New Resource: Added new resource google_game_services_realm (#1789)

IMPROVEMENTS:

bigquery: Landed support for range-based partitioning in google_bigquery_table (#1782)
compute: added check on google_compute_router for non-empty advertised_groups or advertised_ip_ranges values when advertise_mode is DEFAULT in the bgp block. (#1776)
compute: added the ability to manage the status of google_compute_instance resources with the desired_status field (#1786)
iam: google_project_iam_member and google_project_iam_binding's project field can be specified with an optional projects/ prefix (#1780)
storage: added metadata to google_storage_bucket_object. (#1779)

BUG FIXES:

compute: Updated google_project to check for valid permissions on the parent billing account before creating and tainting the resource. (#1777)
container: Fixed panic when upgrading google_container_cluster with autoscaling block (#1766)

3.10.0 (February 25, 2020)

BREAKING CHANGES:

container: Fully removed use_ip_aliases and create_subnetwork fields to fix misleading diff for removed fields (#1760)

FEATURES:

New Data Source: google_dns_keys (#1768)
New Resource: google_datastore_index (#1755)
New Resource: google_storage_hmac_key (#1765)
New Resource: google_endpoints_service_iam_binding (#1761)
New Resource: google_endpoints_service_iam_member (#1761)
New Resource: google_endpoints_service_iam_policy (#1761)

IMPROVEMENTS:

container: Enabled configuring autoscaling profile in GKE clusters (https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-autoscaler#autoscaling_profiles) (#1756)
container: Allowed import/update/deletion of google_container_cluster in error states (#1759)
container: Changed google_container_node_pool so node pools created in an error state will be marked as tainted on creation. (#1758)
container: Allowed import/update/deletion of google_container_node_pool in error states and updated resource to wait for a stable state after any changes. (#1758)
container: added label_fingerprint to google_container_cluster (#1750)
dataflow: added job_id field to google_dataflow_job (#1754)
dataflow: added computed type field to google_dataflow_job. (#1771)
healthcare: added version field to google_healthcare_fhir_store (#1769)
provider: Added retries for common network errors we've encountered. (#1762)

3.9.0 (February 18, 2020)

FEATURES:

New Resource: google_container_registry (#1725)

IMPROVEMENTS:

all: improve error handling of 404s. (#1728)
bigtable: added update support for display_name and instance_type (#1751)
container: google_container_cluster will wait for a stable state after updates. (#1737)
container: added support for autoscaling_profile to google_container_cluster (#1756)
container: added boot_disk_kms_key to node_config block. (#1736)
dataflow: added job_id field to google_dataflow_job (#1754)
dialogflow: improve error handling by increasing retry count (#1730)
resourcemanager: fixed retry behavior for updates in google_project, added retries for billing metadata requests (#1735)
sql: add encryption_key_name to google_sql_database_instance (#1724)

BUG FIXES:

cloudrun: fixed permadiff caused by new API default values on annotations and limits (#1727)
container: Removed restriction on auto_provisioning_defaults to allow both oauth_scopes and service_account to be set (#1748)
firestore: fixed import of google_firestore_index when database or collection were non-default. (#1741)
iam: Fixed an erroneous error during import of IAM resources when a provider default project/zone/region is not defined. (#1734)
kms: Fixed issue where google_kms_crypto_key_version datasource would throw an Invalid Index error on plan (#1740)

3.8.0 (February 10, 2020)

NOTES:

provider: added documentation for the id field for many resources, including format (#1697) BREAKING CHANGES:
compute: Added conditional requirement of google_compute_**region**_backend_service backend.capacity_scaler to no longer accept the API default if not INTERNAL. Non-INTERNAL backend services must now specify capacity_scaler explicitly and have a total capacity greater than 0. In addition, API default of 1.0 must now be explicitly set and will be treated as nil or zero if not set in config. (#1707)

FEATURES:

New Data Source: secret_manager_secret_version (#1708)
New Resource: google_access_context_manager_service_perimeter_resource (#1712)
New Resource: secret_manager_secret_version (#1708)
New Resource: secret_manager_secret (#1708)
New Resource: google_dialogflow_agent (#1706)

IMPROVEMENTS:

appengine: added support for google_app_engine_application.iap (#1703)
compute: google_compute_security_policy rule.match.expr field is now GA (#1692)
compute: added additional validation to google_cloud_router's bgp.asn field. (#1699)

BUG FIXES:

bigtable: fixed diff for DEVELOPMENT instances that are returned from the API with one node (#1704)
compute: Fixed backend.capacity_scaler to actually set zero (0.0) value. (#1707)
compute: Fixed google_compute_**region**_backend_service so it no longer has a permadiff if backend.capacity_scaler is unset in config by requiring capacity scaler. (#1707)
compute: updated google_compute_project_metadata_item to fail on create if its key is already present in the project metadata. (#1714)
logging: updated bigquery_options so the default value from the api will be set in state. (#1694)
sql: undeprecated settings.ip_configuration.authorized_networks.expiration_time (#1691)

3.7.0 (February 03, 2020)

IMPROVEMENTS:

binaryauthorization: moved from beta API to ga API in anticipation of beta API turndown. (#1689)
dns: google_dns_managed_zone added support for Non-RFC1918 fields for reverse lookup and fowarding paths. (#1685)
monitoring: Added labels and user_labels filters to data source google_monitoring_notification_channel (#1666)

BUG FIXES:

bigtable: fixed diff for DEVELOPMENT instances that are returned from the API with one node (#1704)
compute: google_compute_instance_template added plan time check for any disks marked boot outside of the first disk (#1684)
container: Fixed perma-diff in google_container_cluster's cluster_autoscaling.auto_provisioning_defaults. (#1679)
logging: updated bigquery_options so the default value from the api will be set in state. (#1694)
storage: Stopped project-owner showing up in the diff for google_storage_bucket_acl (#1674)

3.6.0 (January 29, 2020)

KNOWN ISSUES:

bigtable: due to API changes, bigtable DEVELOPMENT instances may show a diff on num_nodes. There will be a fix in the 3.7.0 release of the provider. No known workarounds exist at the moment, but will be tracked in https://github.com/terraform-providers/terraform-provider-google/issues/5492.

FEATURES:

New Data Source: google_monitoring_notification_channel (#1643)
New Resource: google_compute_network_peering_routes_config (#1652)

IMPROVEMENTS:

compute: added waiting logic to google_compute_interconnect_attachment to avoid modifications when the attachment is UNPROVISIONED (#1664)
compute: made the google_compute_network_peering routes fields available in GA (#1650)
datafusion: Added service_account field to google_data_fusion_instance (#1660)
iap: added support for IAM conditions in google_iap_tunnel_instance_iam_* IAM resources (#1654)
resourcemanager: restricted the length of the description field of google_service_account. It is now limited to 256 characters. (#1646)
scheduler: Added attempt_deadline to google_cloud_scheduler_job. (#1639)
storage: added default_event_based_hold to google_storage_bucket (#1626)

BUG FIXES:

compute: Fixed google_compute_instance_from_template with existing boot disks (#1655)
compute: Fixed a bug in google_compute_instance when attempting to update a field that requires stopping and starting an instance with an encrypted disk (#1658)

3.5.0 (January 22, 2020)

DEPRECATIONS:

kms: deprecated data.google_kms_secret_ciphertext as there was no way to make it idempotent. Instead, use the google_kms_secret_ciphertext resource. (#1586)
sql: deprecated first generation-only fields on google_sql_database_instance (#1628)

FEATURES:

New Resource: google_kms_secret_ciphertext (#1586)

IMPROVEMENTS:

bigtable: added the ability to add/remove clusters from google_bigtable_instance (#1589)
compute: added support for other resource types (like a Proxy) as a target to google_compute_forwarding_rule (#1630)
dataproc: added lifecycle_config to google_dataproc_cluster.cluster_config (#1593)
iam: updated to allow for empty bindings in data_source_google_iam_policy data source (#1173)
provider: added retries for batched requests so failed batches will retry each single request separately. (#1615)
resourcemanager: restricted the length of the description field of google_service_account. It is now limited to 256 characters. (#1646)

BUG FIXES:

bigtable: Fixed error on reading non-existent google_bigtable_gc_policy, google_bigtable_instance, google_bigtable_table (#1597)
cloudfunctions: Fixed validation of google_cloudfunctions_function name to allow for 63 characters. (#1640)
cloudtasks: Changed max_dispatches_per_second to a double instead of an integer. (#1633)
compute: Added validation for compute_resource_policy to no longer allow invalid start_time values that weren't hourly. (#1603)
compute: Fixed errors from concurrent creation/deletion of overlapping google_compute_network_peering resources. (#1601)
compute: Stopped panic when using usage_export_bucket and the setting had been disabled manually. (#1610)
compute: fixed google_compute_router_nat timeout fields causing a diff when using a long-lived resource (#1613)
compute: fixed google_compute_target_https_proxy.quic_override causing a diff when using a long-lived resource (#1611)
identityplatform: fixed google_identity_platform_default_supported_idp_config to correctly allow configuration of both idp_id and client_id separately (#1638)
monitoring: Stopped labels from causing a perma diff on AlertPolicy (#1622)

3.4.0 (January 07, 2020)

DEPRECATIONS:

kms: deprecated data.google_kms_secret_ciphertext as there was no way to make it idempotent. Instead, use the google_kms_secret_ciphertext resource. (#1586)

BREAKING CHANGES:

google_iap_web_iam_*, google_iap_web_type_compute_iam_*, google_iap_web_type_app_engine_*, and google_iap_app_engine_service_iam_* resources now support IAM Conditions (beta provider only). If any conditions had been created out of band before this release, take extra care to ensure they are present in your Terraform config so the provider doesn't try to create new bindings with no conditions. Terraform will show a diff that it is adding the condition to the resource, which is safe to apply. (#1527)
google_kms_key_ring_iam_* and google_kms_crypto_key_iam_* resources now support IAM Conditions (beta provider only). If any conditions had been created out of band before this release, take extra care to ensure they are present in your Terraform config so the provider doesn't try to create new bindings with no conditions. Terraform will show a diff that it is adding the condition to the resource, which is safe to apply. (#1524)
cloudrun: Changed google_cloud_run_domain_mapping to correctly match Cloud Run API expected format for spec.route_name, {serviceName}, instead of invalid projects/{project}/global/services/{serviceName} (#1563)
compute: Added back ConflictsWith restrictions for ExactlyOneOf restrictions that were removed in v3.3.0 for google_compute_firewall, google_compute_health_check, and google_compute_region_health_check. This effectively changes an API-side failure that was only accessible in v3.3.0 to a plan-time one. (#1534)
logging: Changed google_logging_metric.metric_descriptors.labels from a list to a set (#1559)
resourcemanager: Added back ConflictsWith restrictions for ExactlyOneOf restrictions that were removed in v3.3.0 for google_organization_policy, google_folder_organization_policy, and google_project_organization_policy. This effectively changes an API-side failure that was only accessible in v3.3.0 to a plan-time one. (#1534)

FEATURES:

New Data Source: google_sql_ca_certs (#1580)
New Resource: google_identity_platform_default_supported_idp_config (#1523)
New Resource: google_identity_platform_inbound_saml_config (#1523)
New Resource: google_identity_platform_oauth_idp_config (#1523)
New Resource: google_identity_platform_tenant_default_supported_idp_config (#1523)
New Resource: google_identity_platform_tenant_inbound_saml_config (#1523)
New Resource: google_identity_platform_tenant_oauth_idp_config (#1523)
New Resource: google_identity_platform_tenant (#1523)
New Resource: google_kms_crypto_key_iam_policy (#1554)
New Resource: google_kms_secret_ciphertext (#1586)

IMPROVEMENTS:

composer: Increased default timeouts for google_composer_environment (#1539)
compute: Added graceful termination to container_cluster create calls so that partially created clusters will resume the original operation if the Terraform process is killed mid create. (#1533)
compute: Fixed google_compute_disk_resource_policy_attachment parsing of region from zone to allow for provider-level zone and make error message more accurate` (#1557)
datafusion: Increased default timeouts for google_data_fusion_instance (#1545)
datafusion: Increased update timeout for updating google_data_fusion_instance (#1538)
healthcare: Enabled request batching for (beta-only) Healthcare API IAM resources google_healthcare_*_iam_* to reduce likelihood of errors from very low default write quota. (#1558)
iap: added support for IAM Conditions to the google_iap_web_iam_*, google_iap_web_type_compute_iam_*, google_iap_web_type_app_engine_*, and google_iap_app_engine_service_iam_* resources (beta provider only) (#1527)
kms: added support for IAM Conditions to the google_kms_key_ring_iam_* and google_kms_crypto_key_iam_* resources (beta provider only) (#1524)
provider: Reduced default send_after controlling the time interval after which a batched request sends. (#1565)

BUG FIXES:

all: fixed issue where many fields that were removed in 3.0.0 would show a diff when they were removed from config (#1585)
bigquery: fixed bigquery_table.encryption_configuration to correctly recreate the table when modified (#1591)
cloudrun: Changed google_cloud_run_domain_mapping to correctly match Cloud Run API expected format for spec.route_name, {serviceName}, instead of invalid projects/{project}/global/services/{serviceName} (#1563)
cloudrun: Changed cloud_run_domain_mapping to poll for success or failure and throw an appropriate error when ready status returns as false. (#1564)
cloudrun: Fixed google_cloudrun_service to allow update instead of force-recreation for changes in spec env and command fields (#1566)
cloudrun: Removed unsupported update for google_cloud_run_domain_mapping to allow force-recreation. (#1556)
cloudrun: Stopped returning an error when a cloud_run_domain_mapping was waiting on DNS verification. (#1587)
compute: Fixed google_compute_backend_service to allow updating cdn_policy.cache_key_policy.* fields to false or empty. (#1569)
compute: Fixed behaviour where google_compute_subnetwork did not record a value for name when self_link was specified. (#1579)
container: fixed issue where an empty variable in tags would cause a crash (#1543)
endpoints: Added operation wait for google_endpoints_service to fix 403 "Service not found" errors during initial creation (#1560)
logging: Made google_logging_metric.metric_descriptors.labels a set to prevent diff from ordering (#1559)
resourcemanager: added retries for data.google_organization (#1553)
vpcaccess: marked network field as required in order to fail invalid configs at plan-time instead of at apply-time (#1577)

3.3.0 (December 17, 2019)

BREAKING CHANGES:

google_storage_bucket_iam_* resources now support IAM Conditions (beta provider only). If any conditions had been created out of band before this release, take extra care to ensure they are present in your Terraform config so the provider doesn't try to create new bindings with no conditions. Terraform will show a diff that it is adding the condition to the resource, which is safe to apply. (#1479)

FEATURES:

New Resource: google_compute_region_health_check is now available in GA (#1507)
New Resource: google_deployment_manager_deployment (#1498)

IMPROVEMENTS:

bigquery: added PARQUET as an option in google_bigquery_table.external_data_configuration.source_format (#1514)
compute: Added allow_global_access for to google_compute_forwarding_rule resource. (#1511)
compute: added support for up to 100 domains on google_compute_managed_ssl_certificate (#1519)
dataproc: added support for security_config to google_dataproc_cluster (#1492)
storage: added support for IAM Conditions to the google_storage_bucket_iam_* resources (beta provider only) (#1479)
storage: updated id and bucket fields for google_storage_bucket_iam_* resources to use b/{bucket_name} (#1479)

BUG FIXES:

compute: Fixed an issue where interpolated values caused plan-time errors in google_compute_router_interface. (#1517)
compute: relaxed ExactlyOneOf restrictions on google_compute_firewall, google_compute_health_check, and google_compute_region_health_check to enable the use of dynamic blocks with those resources. (#1520)
iam: Fixed a bug that causes badRequest errors on IAM resources due to deleted serviceAccount principals (#1501)
resourcemanager: relaxed ExactlyOneOf restrictions on google_organization_policy , google_folder_organization_policy , and google_project_organization_policy to enable the use of dynamic blocks with those resources. (#1520)
sourcerepo: Fixed a bug preventing repository IAM resources from referencing repositories with the / character in their name (#1521)
sql: fixed bug where terraform would keep retrying to create new google_sql_database_instance with the name of a previously deleted instance (#1500)

3.2.0 (December 11, 2019)

DEPRECATIONS:

compute: deprecated fingerprint field in google_compute_subnetwork. Its value is now always "". (#1482)

FEATURES:

New Data Source: data_source_google_bigquery_default_service_account (#1471)
New Resource: cloudrun: Added support for google_cloud_run_service IAM resources: google_cloud_run_service_iam_policy, google_cloud_run_service_iam_binding, google_cloud_run_service_iam_member (#1456)

IMPROVEMENTS:

all: Added synchronous_timeout to provider block to allow setting higher per-operation-poll timeouts. (#1449)
bigquery: Added KMS support to google_bigquery_table (#1471)
cloudresourcemanager: Added org_id field to google_organization datasource to expose the raw organization id (#1485)
cloudrun: Stopped requiring the root metadata block for google_cloud_run_service. (#1478)
compute: added support for expr to google_compute_security_policy.rule.match (#1465)
compute: added support for path_rules to google_compute_region_url_map (#1489)
compute: added support for path_rules to google_compute_url_map (#1483)
compute: added support for route_rules to google_compute_region_url_map (#1493)
compute: added support for header actions and route rules to google_compute_url_map (#1435)
dns: Added visibility field to google_dns_managed_zone data source (#1462)
sourcerepo: added support for pubsub_configs to google_sourcerepo_repository (#1455)

BUG FIXES:

dns: fixed 503s caused by high numbers of dns_record_sets. (#1477)
logging: updated exponential_buckets.growth_factor from integer to double. (#1484)
storage: fixed bug where users without storage.objects.list permissions couldn't delete empty buckets (#1443)

3.1.0 (December 05, 2019)

BREAKING CHANGES:

compute: field peer_ip_address in google_compute_router_peer is now required, to match the API behavior. (#1396)

FEATURES:

New Resource: google_billing_budget (#1428)
New Resource: google_cloud_tasks_queue (#1369)
New Resource: google_organization_iam_audit_config (#1427)

IMPROVEMENTS:

accesscontextmanager: added support for require_admin_approval and require_corp_owned in google_access_context_manager_access_level's device_policy. (#1403)
all: added retries for timeouts while fetching operations (#1356)
cloudbuild: Added build timeout to google_cloudbuild_trigger (#1404)
cloudresourcemanager: added support for importing google_folder in the form of the bare folder id, rather than requiring folders/{bare_id} (#1430)
compute: Updated default timeouts on google_compute_project_metadata_item. (#1436)
compute: google_compute_disk disk_encryption_key.raw_key is now sensitive (#1445)
compute: google_compute_disk source_image_encryption_key.raw_key is now sensitive (#1452)
compute: google_compute_network_peering resource can now be imported (#1439)
compute: computed attribute management_type in google_compute_router_peer is now available. (#1396)
compute: field network can now be specified on google_compute_region_backend_service, which allows internal load balancers to target the non-primary interface of an instance. (#1418)
container: Added support for peering_name in google_container_cluster.private_cluster_config. (#1438)
container: added auto_provisioning_defaults to google_container_cluster.cluster_autoscaling (#1434)
container: added upgrade_settings support to google_container_node_pool (#1400)
container: increased timeouts on google_container_cluster and google_container_node_pool (#1386)
datafusion: Added private_instance and network_config fields to google_data_fusion_instance (#1411)
kms: enabled use of user_project_override for the kms_crypto_key resource (#1422)
kms: enabled use of user_project_override for the kms_secret_ciphertext data source (#1433)
sql: added root_password field to google_sql_database_instance resource (#1432)

BUG FIXES:

bigquery: fixed an issue where bigquery table id formats from the 2.X series caused an error at plan time (#1448)
cloudbuild: Fixed incorrect dependency between trigger_template and github in google_cloud_build_trigger. (#1410)
cloudfunctions: Fixed inability to set google_cloud_functions_function update timeout. (#1447)
cloudrun: Wait for the cloudrun resource to reach a ready state before returning success. (#1409)
compute: google_compute_disk disk_encryption_key.raw_key is now sensitive (#1453)
compute: self_link in several datasources will now error on invalid values instead of crashing (#1373)
compute: field advertised_ip_ranges in google_compute_router_peer can now be updated without recreating the resource. (#1396)
compute: marked min_cpu_platform on google_compute_instance as computed so if it is not specified it will not cause diffs (#1429)
dataproc: Changed default for google_dataproc_autoscaling_policy secondary_worker_config.min_instances from 2 to 0. (#1408)
dns: Fixed issue causing google_dns_record_set deletion to fail when the managed zone ceased to exist before the deletion event. (#1446)
iam: disallowed deleted: principals in IAM resources (#1417)
sql: added retries to google_sql_user create and update to reduce flakiness (#1399)

3.0.0 (December 04, 2019)

NOTES:

These are the changes between 3.0.0-beta.1 and the 3.0.0 final release. For changes since 2.20.0, see also the 3.0.0-beta.1 changelog entry below.

Please see the 3.0.0 upgrade guide for upgrade guidance.

BREAKING CHANGES:

cloudrun: updated cloud_run_service to v1. Significant updates have been made to the resource including a breaking schema change. (#1426)

BUG FIXES:

compute: fixed a bug in google_compute_instance_group_manager and google_compute_region_instance_group_manager that created an artificial diff when removing a now-removed field from a config (#1401)
dns: Fixed bug causing google_dns_managed_zone datasource to always return a 404 (#1405)
service_networking: fixed "An unknown error occurred" bug when creating multiple google_service_networking_connection resources in parallel (#1246)

3.0.0-beta.1 (November 15, 2019)

BREAKING CHANGES:

access_context_manager: Made os_type required on block google_access_context_manager_access_level.basic.conditions.device_policy.os_constraints. MM#2665
all: changed any id values that could not be interpolated as self_links into values that could MM#2461
app_engine: Made ssl_management_type required on google_app_engine_domain_mapping.ssl_settings MM#2608
app_engine: Made shell required on google_app_engine_standard_app_version.entrypoint. MM#2608
app_engine: Made source_url required on google_app_engine_standard_app_version.deployment.files and google_app_engine_standard_app_version.deployment.zip. MM#2608
app_engine: Made split_health_checks required on google_app_engine_application.feature_settings MM#2608
app_engine: Made script_path required on google_app_engine_standard_app_version.handlers.script. MM#2665
bigtable: Made cluster_id required on google_bigtable_app_profile.single_cluster_routing. MM#2608
bigquery: Made at least one of range or skip_leading_rows required on google_bigquery_table.external_data_configuration.google_sheets_options. MM#2608
bigquery: Made role required on google_bigquery_dataset.access. MM#2665
bigtable: Made exactly one of single_cluster_routing or multi_cluster_routing_use_any required on google_bigtable_app_profile. MM#2665
binary_authorization: Made name_pattern required on google_binary_authorization_policy.admission_whitelist_patterns. MM#2665
binary_authorization: Made evaluation_mode and enforcement_mode required on google_binary_authorization_policy.cluster_admission_rules. MM#2665
cloudbuild: made Cloud Build Trigger's trigger template required to match API requirements. MM#2352
cloudbuild: Made branch required on google_cloudbuild_trigger.github. MM#2608
cloudbuild: Made steps required on google_cloudbuild_trigger.build. MM#2608
cloudbuild: Made name required on google_cloudbuild_trigger.build.steps. MM#2608
cloudbuild: Made name and path required on google_cloudbuild_trigger.build.steps.volumes. MM#2608
cloudbuild: Made exactly one of filename or build required on google_cloudbuild_trigger. MM#2665
cloudfunctions: deprecated nodejs6 as option for runtime in function and made it required. MM#2499
cloudscheduler: Made exactly one of pubsub_target, http_target or app_engine_http_target required on google_cloudscheduler_job. MM#2665
cloudiot: removed event_notification_config (singular) from google_cloudiot_registry. Use plural event_notification_configs instead. MM#2390
cloudiot: Made public_key_certificate required on google_cloudiot_registry. credentials . MM#2608
cloudscheduler: Made service_account_email required on google_cloudscheduler_job.http_target.oauth_token and google_cloudscheduler_job.http_target.oidc_token. MM#2608
composer: Made at least one of airflow_config_overrides, pypi_packages, env_variables, image_version, or python_versionrequired ongoogle_composer_environment.config.software_config`. MM#2608
composer: Made use_ip_aliases required on google_composer_environment.config.node_config.ip_allocation_policy. MM#2608
composer: Made enable_private_endpoint required on google_composer_environment.config.private_environment_config. MM#2608
composer: Made at least one of enable_private_endpoint or master_ipv4_cidr_block required on google_composer_environment.config.private_environment_config MM#2682
composer: Made at least one of node_count, node_config, software_config or private_environment_config required on google_composer_environment.config MM#2682
compute: google_compute_backend_service's backend field field now requires the group subfield to be set. MM#2373
compute: permanently removed ip_version field from google_compute_forwarding_rule MM#2436
compute: permanently removed ipv4_range field from google_compute_network. MM#2436
compute: permanently removed auto_create_routes field from google_compute_network_peering. MM#2436
compute: added check to only allow google_compute_instance_templates with 375gb scratch disks MM#2495
compute: made google_compute_instance_template fail at plan time when scratch disks do not have disk_type "local-ssd". MM#2282
compute: removed enable_flow_logs field from google_compute_subnetwork. This is now controlled by the presence of the log_config block MM#2597
compute: Made raw_key required on google_compute_snapshot.snapshot_encryption_key. MM#2608
compute: Made at least one of auto_delete, device_name, disk_encryption_key_raw, kms_key_self_link, initialize_params, mode or source required on google_compute_instance.boot_disk. MM#2608
compute: Made at least one of size, type, image, or labels required on google_compute_instance.boot_disk.initialize_params. MM#2608
compute: Made at least one of enable_secure_boot, enable_vtpm, or enable_integrity_monitoring required on google_compute_instance.shielded_instance_config. MM#2608
compute: Made at least one of on_host_maintenance, automatic_restart, preemptible, or node_affinities required on google_compute_instance.scheduling. MM#2608
compute: Made interface required on google_compute_instance.scratch_disk. MM#2608
compute: Made at least one of enable_secure_boot, enable_vtpm, or enable_integrity_monitoring required on google_compute_instance_template.shielded_instance_config. MM#2608
compute: Made at least one of on_host_maintenance, automatic_restart, preemptible, or node_affinities are now required on google_compute_instance_template.scheduling. MM#2608
compute: Made kms_key_self_link required on google_compute_instance_template.disk.disk_encryption_key. MM#2608
compute: Made range required on google_compute_router_peer. advertised_ip_ranges. MM#2608
compute: Removed instance_template for google_compute_instance_group_manager and google_compute_region_instance_group_manager. Use version.instance_template instead. MM#2595
compute: removed update_strategy for google_compute_instance_group_manager. Use update_policy instead. MM#2595
compute: stopped allowing selfLink or path style references as IP addresses for google_compute_forwarding_rule or google_compute_global_forwarding_rule MM#2620
compute: permanently removed update_strategy field from google_compute_region_instance_group_manager. MM#2436
compute: Made exactly one of http_health_check, https_health_check, http2_health_check, tcp_health_check or ssl_health_check required on google_compute_health_check. MM#2665
compute: Made exactly one of http_health_check, https_health_check, http2_health_check, tcp_health_check or ssl_health_check required on google_compute_region_health_check. MM#2665
container: permanently removed zone and region fields from data source google_container_engine_versions. MM#2436
container: permanently removed zone, region and additional_zones fields from google_container_cluster. MM#2436
container: permanently removed zone and region fields from google_container_node_pool. MM#2436
container: set google_container_cluster's logging_service and monitoring_service defaults to enable GKE Stackdriver Monitoring. MM#2471
container: removed kubernetes_dashboard from google_container_cluster.addons_config MM#2551
container: removed automatic suppression of GPU taints in GKE taint MM#2537
container: Made disabled required on google_container_cluster.addons_config.http_load_balancing, google_container_cluster.addons_config.horizontal_pod_autoscaling, google_container_cluster.addons_config.network_policy_config, google_container_cluster.addons_config.cloudrun_config, and google_container_cluster.addons_config.istio_config. MM#2608
container: Made at least one of http_load_balancing, horizontal_pod_autoscaling , network_policy_config, cloudrun_config, or istio_config required on google_container_cluster.addons_config. MM#2608
container: Made enabled required on google_container_cluster.network_policy. MM#2608
container: Made enable_private_endpoint required on google_container_cluster.private_cluster_config. MM#2608
container: Made enabled required on google_container_cluster.vertical_pod_autoscaling. MM#2608
container: Made cidr_blocks required on google_container_cluster.master_authorized_networks_config. MM#2608
container: Made at least one of username, password or client_certificate_config required on google_container_cluster.master_auth. MM#2608
container: Made exactly one of daily_maintenance_window or recurring_window required on google_container_cluster.maintenance_policy MM#2682
container: removed google_container_cluster ip_allocation_policy.use_ip_aliases. If it's set to true, remove it from your config. If false, remove ip_allocation_policy as a whole. MM#2615
container: removed google_container_cluster ip_allocation_policy.create_subnetwork, ip_allocation_policy.subnetwork_name, ip_allocation_policy.node_ipv4_cidr_block. Define an explicit google_compute_subnetwork and use subnetwork instead. MM#2615
container: Made channel required on google_container_cluster.release_channel. MM#2608
dataproc: Made at least one of staging_bucket, gce_cluster_config, master_config, worker_config, preemptible_worker_config, software_config, initialization_action or encryption_config required on google_dataproc_cluster.cluster_config. MM#2608
dataproc: Made at least one of zone, network, subnetwork, tags, service_account, service_account_scopes, internal_ip_only or metadata required on google_dataproc_cluster.cluster_config.gce_cluster_config. MM#2608
dataproc: Made at least one of num_instances, image_uri, machine_type, min_cpu_platform, disk_config, or accelerators required on google_dataproc_cluster.cluster_config.master_config and google_dataproc_cluster.cluster_config.worker_config. MM#2608
dataproc: Made at least one of num_local_ssds, boot_disk_size_gb or boot_disk_type required on google_dataproc_cluster.cluster_config.preemptible_worker_config.disk_config, google_dataproc_cluster.cluster_config.master_config.disk_config and google_dataproc_cluster.cluster_config.worker_config.disk_config. MM#2608
dataproc: Made at least one of num_instances or disk_config required on google_dataproc_cluster.cluster_config.preemptible_worker_config. MM#2608
dataproc: Made at least one of image_version, override_properties or optional_components is now required on google_dataproc_cluster.cluster_config.software_config. MM#2608
dataproc: Made policy_uri required on google_dataproc_cluster.cluster_config.autoscaling_config. MM#2608
dataproc: Made max_failures_per_hour required on google_dataproc_job.scheduling. MM#2608
dataproc: Made driver_log_levels required on google_dataproc_job.pyspark_config.logging_config, google_dataproc_job.spark_config.logging_config, google_dataproc_job.hadoop_config.logging_config, google_dataproc_job.hive_config.logging_config, google_dataproc_job.pig_config.logging_config, google_dataproc_job.sparksql_config.logging_config. MM#2608
dataproc: Made at least one of main_class or main_jar_file_uri required on google_dataproc_job.spark_config and google_dataproc_job.hadoop_config. MM#2608
dataproc: Made at least one of query_file_uri or query_list required on google_dataproc_job.hive_config, google_dataproc_job.pig_config, and google_dataproc_job.sparksql_config. MM#2608
dns: Made networks required on google_dns_managed_zone.private_visibility_config. MM#2608
dns: Made network_url required on google_dns_managed_zone.private_visibility_config.networks. MM#2608
iam: made iam_audit_config resources overwrite existing audit config on create. Previous implementations merged config with existing audit configs on create. MM#2438
iam: Made exactly one of list_policy, boolean_policy, or restore_policy required on google_organization_policy. MM#2608
iam: Made exactly one of all or values required on google_organization_policy.list_policy.allow and google_organization_policy.list_policy.deny. MM#2608
iam: google_project_iam_policy can handle the project field in either of the following forms: project-id or projects/project-id MM#2700
iam: Made exactly one of allow or deny required on google_organization_policy.list_policy MM#2682
iam: removed the deprecated pgp_key, private_key_encrypted and private_key_fingerprint from google_service_account_key MM#2680
monitoring: permanently removed is_internal and internal_checkers fields from google_monitoring_uptime_check_config. MM#2436
monitoring: permanently removed labels field from google_monitoring_alert_policy. MM#2436
monitoring: Made content required on google_monitoring_uptime_check_config.content_matchers. MM#2608
monitoring: Made exactly one of http_check or tcp_check is now required on google_monitoring_uptime_check_config. MM#2665
monitoring: Made at least one of auth_info, port, headers, path, use_ssl, or mask_headers is now required on google_monitoring_uptime_check_config.http_check MM#2665
provider: added the https://www.googleapis.com/auth/userinfo.email scope to the provider by default MM#2473
pubsub: removed ability to set a full path for google_pubsub_subscription.name (e.g. projects/my-project/subscriptions/my-subscription). name now must be the shortname (e.g. my-subscription) MM#2561
resourcemanager: converted google_folder_organization_policy and google_organization_policy import format to use slashes instead of colons. MM#2638
serviceusage: removed google_project_services MM#2403
serviceusage: stopped accepting bigquery-json.googleapis.com in google_project_service. Specify biquery.googleapis.com instead. MM#2626
sql: Made name and value required on google_sql_database_instance.settings.database_flags. MM#2608
sql: Made at least one of binary_log_enabled, enabled, start_time, and location required on google_sql_database_instance.settings.backup_configuration. MM#2608
sql: Made at least one of authorized_networks, ipv4_enabled, require_ssl, and private_network required on google_sql_database_instance.settings.ip_configuration. MM#2608
sql: Made at least one of day, hour, and update_track required on google_sql_database_instance.settings.maintenance_window. MM#2608
sql: Made at least one of cert, common_name, create_time, expiration_time, or sha1_fingerprint required on google_sql_database_instance.settings.server_ca_cert. MM#2608
sql: Made at least one of ca_certificate, client_certificate, client_key, connect_retry_interval, dump_file_path, failover_target, master_heartbeat_period, password, ssl_cipher, username, and verify_server_certificate required on google_sql_database_instance.settings.replica_configuration. MM#2608
sql: Made value required on google_sql_database_instance.settings.ip_configuration.authorized_networks. MM#2608
storage: permanently removed is_live flag from google_storage_bucket. MM#2436
storage: Made at least one of main_page_suffix or not_found_page required on google_storage_bucket.website. MM#2608
storage: Made at least one of min_time_elapsed_since_last_modification, max_time_elapsed_since_last_modification, include_prefixes, or exclude_prefixes required on google_storage_transfer_job.transfer_spec.object_conditions. MM#2608
storage: Made at least one of overwrite_objects_already_existing_in_sink, delete_objects_unique_in_sink, and delete_objects_from_source_after_transfer required on google_storage_transfer_job.transfer_spec.transfer_options. MM#2608
storage: Made at least one of gcs_data_source, aws_s3_data_source, or http_data_source required on google_storage_transfer_job.transfer_options. MM#2608

3.90.0 (October 26, 2021)​

3.89.0 (October 18, 2021)​

3.88.0 (October 11, 2021)​

3.87.0 (October 04, 2021)​

3.86.0 (September 27, 2021)​

3.85.0 (September 20, 2021)​

3.84.0 (September 13, 2021)​

3.83.0 (September 09, 2021)​

3.82.0 (August 30, 2021)​

3.81.0 (August 23, 2021)​

3.80.0 (August 16, 2021)​

3.79.0 (August 09, 2021)​

3.78.0 (August 02, 2021)​

3.77.0 (July 26, 2021)​

3.76.0 (July 19, 2021)​

3.75.0 (July 12, 2021)​

3.74.0 (June 28, 2021)​

3.73.0 (June 21, 2021)​

3.72.0 (June 14, 2021)​

3.71.0 (June 07, 2021)​

3.70.0 (June 01, 2021)​

3.69.0 (May 24, 2021)​

3.68.0 (May 18, 2021)​

3.67.0 (May 10, 2021)​

3.66.1 (April 29, 2021)​

3.66.0 (April 28, 2021)​

3.65.0 (April 20, 2021)​

3.64.0 (April 12, 2021)​

3.63.0 (April 5, 2021)​

3.62.0 (March 27, 2021)​

3.61.0 (March 23, 2021)​

3.60.0 (March 15, 2021)​

3.59.0 (March 08, 2021)​

3.58.0 (February 23, 2021)​

3.57.0 (February 16, 2021)​

3.56.0 (February 8, 2021)​

3.55.0 (February 1, 2021)​

3.54.0 (January 25, 2021)​

3.53.0 (January 19, 2021)​

3.52.0 (January 11, 2021)​

3.51.1 (January 07, 2021)​

3.51.0 (December 14, 2020)​

3.50.0 (December 7, 2020)​

3.49.0 (November 24, 2020)​

3.48.0 (November 16, 2020)​

3.47.0 (November 09, 2020)​

3.46.0 (November 02, 2020)​

3.45.0 (October 28, 2020)​

3.44.0 (October 19, 2020)​

3.43.0 (October 12, 2020)​

3.42.0 (October 05, 2020)​

3.41.0 (September 28, 2020)​

3.40.0 (September 22, 2020)​

3.39.0 (September 15, 2020)​

3.38.0 (September 08, 2020)​

3.37.0 (August 31, 2020)​

3.36.0 (August 24, 2020)​

3.35.0 (August 17, 2020)​

3.34.0 (August 11, 2020)​

3.33.0 (August 04, 2020)​

3.32.0 (July 27, 2020)​

3.31.0 (July 20, 2020)​

3.30.0 (July 13, 2020)​

3.29.0 (July 06, 2020)​

3.28.0 (June 29, 2020)​

3.27.0 (June 23, 2020)​

3.26.0 (June 15, 2020)​

3.25.0 (June 08, 2020)​

3.24.0 (June 01, 2020)​

3.23.0 (May 25, 2020)​

3.22.0 (May 18, 2020)​

3.21.0 (May 11, 2020)​

3.20.0 (May 04, 2020)​

3.19.0 (April 27, 2020)​

3.18.0 (April 20, 2020)​

3.17.0 (April 13, 2020)​

3.16.0 (April 06, 2020)​

3.15.0 (March 30, 2020)​

3.14.0 (March 23, 2020)​

3.13.0 (March 16, 2020)​

3.90.0 (October 26, 2021)

3.89.0 (October 18, 2021)

3.88.0 (October 11, 2021)

3.87.0 (October 04, 2021)

3.86.0 (September 27, 2021)

3.85.0 (September 20, 2021)

3.84.0 (September 13, 2021)

3.83.0 (September 09, 2021)

3.82.0 (August 30, 2021)

3.81.0 (August 23, 2021)

3.80.0 (August 16, 2021)

3.79.0 (August 09, 2021)

3.78.0 (August 02, 2021)

3.77.0 (July 26, 2021)

3.76.0 (July 19, 2021)

3.75.0 (July 12, 2021)

3.74.0 (June 28, 2021)

3.73.0 (June 21, 2021)

3.72.0 (June 14, 2021)

3.71.0 (June 07, 2021)

3.70.0 (June 01, 2021)

3.69.0 (May 24, 2021)

3.68.0 (May 18, 2021)

3.67.0 (May 10, 2021)

3.66.1 (April 29, 2021)

3.66.0 (April 28, 2021)

3.65.0 (April 20, 2021)

3.64.0 (April 12, 2021)

3.63.0 (April 5, 2021)

3.62.0 (March 27, 2021)

3.61.0 (March 23, 2021)

3.60.0 (March 15, 2021)

3.59.0 (March 08, 2021)

3.58.0 (February 23, 2021)

3.57.0 (February 16, 2021)

3.56.0 (February 8, 2021)

3.55.0 (February 1, 2021)

3.54.0 (January 25, 2021)

3.53.0 (January 19, 2021)

3.52.0 (January 11, 2021)

3.51.1 (January 07, 2021)

3.51.0 (December 14, 2020)

3.50.0 (December 7, 2020)

3.49.0 (November 24, 2020)

3.48.0 (November 16, 2020)

3.47.0 (November 09, 2020)

3.46.0 (November 02, 2020)

3.45.0 (October 28, 2020)

3.44.0 (October 19, 2020)

3.43.0 (October 12, 2020)

3.42.0 (October 05, 2020)

3.41.0 (September 28, 2020)

3.40.0 (September 22, 2020)

3.39.0 (September 15, 2020)

3.38.0 (September 08, 2020)

3.37.0 (August 31, 2020)

3.36.0 (August 24, 2020)

3.35.0 (August 17, 2020)

3.34.0 (August 11, 2020)

3.33.0 (August 04, 2020)

3.32.0 (July 27, 2020)

3.31.0 (July 20, 2020)

3.30.0 (July 13, 2020)

3.29.0 (July 06, 2020)

3.28.0 (June 29, 2020)

3.27.0 (June 23, 2020)

3.26.0 (June 15, 2020)

3.25.0 (June 08, 2020)

3.24.0 (June 01, 2020)

3.23.0 (May 25, 2020)

3.22.0 (May 18, 2020)

3.21.0 (May 11, 2020)

3.20.0 (May 04, 2020)

3.19.0 (April 27, 2020)

3.18.0 (April 20, 2020)

3.17.0 (April 13, 2020)

3.16.0 (April 06, 2020)

3.15.0 (March 30, 2020)

3.14.0 (March 23, 2020)

3.13.0 (March 16, 2020)