Skip to content

Update Terraform aws to v6.30.0 #136

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
keithly merged 1 commit into from
Jan 29, 2026
Merged

Update Terraform aws to v6.30.0 #136

keithly merged 1 commit into from
Jan 29, 2026

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jun 18, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
aws (source) required_provider minor 6.28.06.30.0

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.30.0

Compare Source

FEATURES:

  • New Resource: aws_ssoadmin_managed_policy_attachments_exclusive (#​46176)

BUG FIXES:

  • resource/aws_dynamodb_table: Fix panic when global_secondary_index or global_secondary_index.key_schema are dynamic (#​46195)

v6.29.0

Compare Source

NOTES:

  • data-source/aws_organizations_organization: Add return_organization_only argument to return only the results of the DescribeOrganization API and avoid API limits (#​40884)
  • resource/aws_cloudfront_anycast_ip_list: Because we cannot easily test all this functionality, it is best effort and we ask for community help in testing (#​43331)
  • resource/aws_invoicing_invoice_unit: Deprecates region attribute, as the resource is global. (#​46185)
  • resource/aws_organizations_organization: Add return_organization_only argument to return only the results of the DescribeOrganization API and avoid API limits (#​40884)
  • resource/aws_savingsplans_savings_plan: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#​45834)

FEATURES:

  • New Data Source: aws_arcregionswitch_plan (#​43781)
  • New Data Source: aws_arcregionswitch_route53_health_checks (#​43781)
  • New Data Source: aws_organizations_entity_path (#​45890)
  • New Data Source: aws_resourcegroupstaggingapi_required_tags (#​45994)
  • New Data Source: aws_s3_bucket_object_lock_configuration (#​45990)
  • New Data Source: aws_s3_bucket_replication_configuration (#​42662)
  • New Data Source: aws_s3control_access_points (#​45949)
  • New Data Source: aws_s3control_multi_region_access_points (#​45974)
  • New Data Source: aws_savingsplans_savings_plan (#​45834)
  • New Data Source: aws_wafv2_managed_rule_group (#​45899)
  • New List Resource: aws_appflow_connector_profile (#​45983)
  • New List Resource: aws_appflow_flow (#​45980)
  • New List Resource: aws_cleanrooms_collaboration (#​45953)
  • New List Resource: aws_cleanrooms_configured_table (#​45956)
  • New List Resource: aws_cloudfront_key_value_store (#​45957)
  • New List Resource: aws_opensearchserverless_collection (#​46001)
  • New List Resource: aws_route53_record (#​46059)
  • New List Resource: aws_s3_bucket (#​46004)
  • New List Resource: aws_s3_object (#​46002)
  • New List Resource: aws_security_group (#​46062)
  • New Resource: aws_apigatewayv2_routing_rule (#​42961)
  • New Resource: aws_arcregionswitch_plan (#​43781)
  • New Resource: aws_cloudfront_anycast_ip_list (#​43331)
  • New Resource: aws_notifications_managed_notification_account_contact_association (#​45185)
  • New Resource: aws_notifications_managed_notification_additional_channel_association (#​45186)
  • New Resource: aws_notifications_organizational_unit_association (#​45197)
  • New Resource: aws_notifications_organizations_access (#​45273)
  • New Resource: aws_opensearch_application (#​43822)
  • New Resource: aws_ram_permission (#​44114)
  • New Resource: aws_ram_resource_associations_exclusive (#​45883)
  • New Resource: aws_sagemaker_labeling_job (#​46041)
  • New Resource: aws_sagemaker_model_card (#​45993)
  • New Resource: aws_sagemaker_model_card_export_job (#​46009)
  • New Resource: aws_savingsplans_savings_plan (#​45834)
  • New Resource: aws_sesv2_tenant_resource_association (#​45904)
  • New Resource: aws_vpc_security_group_rules_exclusive (#​45876)

ENHANCEMENTS:

  • aws_api_gateway_domain_name: Add routing_mode argument to support dynamic routing via routing rules (#​42961)
  • aws_apigatewayv2_domain_name: Add routing_mode argument to support dynamic routing via routing rules (#​42961)
  • data-source/aws_batch_job_definition: Add allow_privilege_escalation attribute to eks_properties.pod_properties.containers.security_context (#​45896)
  • data-source/aws_dynamodb_table: Add global_secondary_index.key_schema attribute (#​46157)
  • data-source/aws_networkmanager_core_network_policy_document: Add segment_actions.routing_policy_names argument (#​45928)
  • data-source/aws_s3_object: Add body_base64 and download_body attributes. For improved performance, set download_body = false to ensure bodies are never downloaded (#​46163)
  • data-source/aws_vpc_ipam_pool: Add source_resource attribute (#​44705)
  • resource/aws_batch_job_definition: Add allow_privilege_escalation attribute to eks_properties.pod_properties.containers.security_context (#​45896)
  • resource/aws_bedrockagent_data_source: Add vector_ingestion_configuration.parsing_configuration.bedrock_data_automation_configuration block (#​45966)
  • resource/aws_bedrockagent_data_source: Add vector_ingestion_configuration.parsing_configuration.bedrock_foundation_model_configuration.parsing_modality argument (#​46056)
  • resource/aws_docdb_cluster_instance: Add certificate_rotation_restart argument (#​45984)
  • resource/aws_dynamodb_table: Add support for multi-attribute keys in global secondary indexes. Introduces hash_keys and range_keys to the gsi block and makes hash_key optional for backwards compatibility. (#​45357)
  • resource/aws_dynamodb_table: Adds warning when stream_view_type is set and stream_enabled is either false or unset. (#​45934)
  • resource/aws_ecr_account_setting: Add support for BLOB_MOUNTING account setting name with ENABLED and DISABLED values (#​46092)
  • resource/aws_fsx_windows_file_system: Add domain_join_service_account_secret argument to self_managed_active_directory configuration block (#​45852)
  • resource/aws_fsx_windows_file_system: Change self_managed_active_directory.password to Optional and self_managed_active_directory.username to Optional and Computed (#​45852)
  • resource/aws_invoicing_invoice_unit: Adds resource identity support. (#​46185)
  • resource/aws_invoicing_invoice_unit: Adds validation to restrict rules to a single element. (#​46185)
  • resource/aws_lambda_function: Increase upper limit of memory_size from 10240 MB to 32768 MB (#​46065)
  • resource/aws_launch_template: Add network_performance_options argument (#​46071)
  • resource/aws_odb_network: Enhancements to support KMS and STS parameters in CreateOdbNetwork and UpdateOdbNetwork. (#​45636)
  • resource/aws_opensearchserverless_collection: Add resource identity support (#​45981)
  • resource/aws_osis_pipeline: Updates pipeline_configuration_body maximum length validation to 2,621,440 bytes to align with AWS API specification. (#​44881)
  • resource/aws_sagemaker_endpoint: Retry IAM eventual consistency errors on Create (#​45951)
  • resource/aws_sagemaker_monitoring_schedule: Add monitoring_schedule_config.monitoring_job_definition argument (#​45951)
  • resource/aws_sagemaker_monitoring_schedule: Make monitoring_schedule_config.monitoring_job_definition_name argument optional (#​45951)
  • resource/aws_vpc_ipam_pool: Add source_resource argument in support of provisioning of VPC Resource Planning Pools (#​44705)
  • resource/aws_vpc_ipam_resource_discovery: Add organizational_unit_exclusion argument (#​45890)
  • resource/aws_vpc_subnet: Add ipv4_ipam_pool_id, ipv4_netmask_length, ipv6_ipam_pool_id, and ipv6_netmask_length arguments in support of provisioning of subnets using IPAM (#​44705)
  • resource/aws_vpc_subnet: Change ipv6_cidr_block to Optional and Computed (#​44705)

BUG FIXES:

  • data-source/aws_ecr_lifecycle_policy_document: Add rule.action.target_storage_class and rule.selection.storage_class to JSON serialization (#​45909)
  • data-source/aws_lakeformation_permissions: Remove incorrect validation from catalog_id, data_location.catalog_id, database.catalog_id, lf_tag_policy.catalog_id, table.catalog_id, and table_with_columns.catalog_id arguments (#​43931)
  • data-source/aws_networkmanager_core_network_policy_document: Fix panic when attachment_routing_policy_rules.action.associate_routing_policies is empty (#​46160)
  • provider: Fix crash when using custom S3 endpoints with non-standard region strings (e.g., S3-compatible storage like Ceph or MinIO) (#​46000)
  • provider: When importing resources with region defined, in AWS European Sovereign Cloud, prevent failing due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
  • resource/aws_athena_workgroup: Fix error when removing configuration.result_configuration.encryption_configuration argument (#​46159)
  • resource/aws_bcmdataexports_export: Fix Provider produced inconsistent result after apply error when querying CARBON_EMISSIONS table without table_configurations (#​45972)
  • resource/aws_bedrock_inference_profile: Fixed forced replacement following import when model_source is set (#​45713)
  • resource/aws_billing_view: Fix handling of data_filter_expression (#​45293)
  • resource/aws_cloudformation_stack_set: Fix perpetual diff when using auto_deployment with permission_model set to SERVICE_MANAGED (#​45992)
  • resource/aws_cloudfront_distribution: Fix runtime error: invalid memory address or nil pointer dereference panic when mistakenly importing a multi-tenant distribution (#​45873)
  • resource/aws_cloudfront_distribution: Prevent mistakenly importing a multi-tenant distribution (#​45873)
  • resource/aws_cloudfront_multitenant_distribution: Fix "specified origin server does not exist or is not valid" errors when attempting to use Origin Access Control (OAC) (#​45977)
  • resource/aws_cloudfront_multitenant_distribution: Fix origin_group to use correct id attribute name and fix field mapping to resolve missing required field errors (#​45921)
  • resource/aws_cloudwatch_event_rule: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
  • resource/aws_config_configuration_recorder: Fix InvalidRecordingGroupException: The recording group provided is not valid errors when the recording_group.exclusion_by_resource_type or recording_group.recording_strategy argument is removed during update (#​46110)
  • resource/aws_datazone_environment_profile: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
  • resource/aws_dynamodb_table: Fix perpetual diff for warm_throughput in global_secondary_index when not set in configuration. (#​46094)
  • resource/aws_dynamodb_table: Fixes error when name is known after apply (#​45917)
  • resource/aws_eks_cluster: Fix kubernetes_network_config argument name in EKS Auto Mode validation error message (#​45997)
  • resource/aws_emrserverless_application: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
  • resource/aws_lakeformation_permissions: Remove incorrect validation from catalog_id, data_location.catalog_id, database.catalog_id, lf_tag_policy.catalog_id, table.catalog_id, and table_with_columns.catalog_id arguments (#​43931)
  • resource/aws_lambda_event_source_mapping: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
  • resource/aws_lambda_invocation: Fix panic when deleting or replacing resource with empty input in CRUD lifecycle scope (#​45967)
  • resource/aws_lambda_permission: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
  • resource/aws_lb_target_group: Fix update error when switching health_check.protocol from HTTP to TCP when protocol is TCP (#​46036)
  • resource/aws_multitenant_cloudfront_distribution: Prevent mistakenly importing a standard distribution (#​45873)
  • resource/aws_networkfirewall_firewall_policy: Support partner-managed rule groups via firewall_policy.stateful_rule_group_reference.resource_arn (#​46124)
  • resource/aws_odb_network: Fix delete_associated_resources being set when value is unknown (#​45636)
  • resource/aws_pipes_pipe: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
  • resource/aws_placement_group: Correct validation of partition_count (#​45042)
  • resource/aws_rds_cluster: Properly set iam_database_authentication_enabled when restored from snapshot (#​39461)
  • resource/aws_redshift_cluster: Changing port now works. (#​45870)
  • resource/aws_redshiftserverless_workgroup: Fix ValidationException: Base capacity cannot be updated when PerformanceTarget is Enabled error when updating price_performance_target and base_capacity (#​46137)
  • resource/aws_route53_health_check: Mark regions argument as Computed to fix an unexpected regions diff when it is not specified (#​45829)
  • resource/aws_route53_zone: Fix InvalidChangeBatch errors during ForceNew operations when zone name changes (#​45242)
  • resource/aws_route53_zone: Fixes error where Delete would fail if the remote resource had already been deleted. (#​45985)
  • resource/aws_route53profiles_resource_association: Fix Invalid JSON String Value error on initial apply and ConflictException on subsequent apply when associating Route53 Resolver Query Log Configs (#​45958)
  • resource/aws_route53recoverycontrolconfig_control_panel: Fix crash when create returns an error (#​45954)
  • resource/aws_s3_bucket: Fix bucket creation with tags in non-commercial AWS regions by handling UnsupportedArgument errors during tag-on-create operations (#​46122)
  • resource/aws_s3_bucket: Fix tag read and update operations in non-commercial AWS regions by handling MethodNotAllowed errors when S3 Control APIs are unavailable (#​46122)
  • resource/aws_servicecatalog_portfolio_share: Support organization and OU IDs in addition to ARNs for GovCloud compatibility (#​39863)
  • resource/aws_subnet: Mark ipv6_cidr_block as ForceNew when the existing IPv6 subnet was created with assign_ipv6_address_on_create = true (#​46043)
  • resource/aws_vpc_endpoint: Fix persistent diffs caused by case differences in ip_address_type (#​45947)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/aws-6.x branch from 013b78d to 637f69b Compare July 3, 2025 04:31
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 637f69b to b6314ad Compare July 10, 2025 22:14
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from 09caacd to 2c5a2d4 Compare July 24, 2025 20:46
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from 60a8bc6 to 2fd725a Compare August 1, 2025 00:49
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 2fd725a to ca45462 Compare August 7, 2025 21:33
@renovate renovate bot force-pushed the renovate/aws-6.x branch from ca45462 to 1c891d3 Compare August 14, 2025 22:30
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 1c891d3 to ea38a79 Compare August 21, 2025 23:08
@renovate renovate bot force-pushed the renovate/aws-6.x branch from ea38a79 to 120ee8f Compare August 31, 2025 09:33
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from f2e0521 to e08e341 Compare September 13, 2025 04:54
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from cf8a2c3 to ba2898f Compare September 22, 2025 20:37
@renovate renovate bot force-pushed the renovate/aws-6.x branch from ba2898f to ae4bfd3 Compare October 2, 2025 20:27
@renovate renovate bot force-pushed the renovate/aws-6.x branch from ae4bfd3 to 626a5e9 Compare October 9, 2025 21:46
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 626a5e9 to 15f13aa Compare October 16, 2025 22:45
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 15f13aa to 33c50c5 Compare October 23, 2025 23:14
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from 64a563e to 3833cf2 Compare November 7, 2025 00:04
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from f5ee753 to 4e92186 Compare November 21, 2025 01:27
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from 67c641b to e0094c9 Compare November 26, 2025 22:02
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from e883c1a to 7bf2997 Compare December 5, 2025 03:33
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 7bf2997 to 1b55876 Compare December 10, 2025 21:32
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 1b55876 to 8442310 Compare December 18, 2025 02:39
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 8442310 to 8dfcedd Compare January 8, 2026 19:34
@renovate renovate bot changed the title Update Terraform aws to v6 Update Terraform aws to v6 - autoclosed Jan 24, 2026
@renovate renovate bot closed this Jan 24, 2026
@renovate renovate bot deleted the renovate/aws-6.x branch January 24, 2026 04:42
@renovate renovate bot changed the title Update Terraform aws to v6 - autoclosed Update Terraform aws to v6.29.0 Jan 29, 2026
@renovate renovate bot reopened this Jan 29, 2026
@renovate renovate bot force-pushed the renovate/aws-6.x branch 2 times, most recently from 8dfcedd to 7296384 Compare January 29, 2026 00:38
@renovate renovate bot force-pushed the renovate/aws-6.x branch from 7296384 to 92ae9ff Compare January 29, 2026 05:13
@renovate renovate bot changed the title Update Terraform aws to v6.29.0 Update Terraform aws to v6.30.0 Jan 29, 2026
@keithly keithly merged commit 4461f36 into main Jan 29, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@keithly