Update Terraform google-beta to ~> 3.90.0

[red-hat-konflux]

This PR contains the following updates:

Package	Type	Update	Change
google-beta (source)	provider	minor	~> 3.0.0-beta.1 -> ~> 3.90.0

---

Release Notes

hashicorp/terraform-provider-google-beta (google-beta)

v3.90.1

Compare Source

DEPRECATIONS:

• container: fixed an overly-broad deprecation on master_auth, constraining it to master_auth.username and master_auth.password

v3.90.0

Compare Source

DEPRECATIONS:

• container: deprecated workload_identity_config.0.identity_namespace and it will be removed in a future major release as it has been deprecated in the API. Use workload_identity_config.0.workload_pool instead. Switching your configuration from one value to the other will trigger a diff at plan time, and a spurious update. (#​3733)
• container: deprecated the following google_container_cluster fields: instance_group_urls and master_auth (#​3746)

IMPROVEMENTS:

• composer: added field environment_size to resource google_composer_environment (#​3730)
• container: added node_config.0.guest_accelerator.0.gpu_partition_size field to google_container_node_pool (#​3739)
• container: added workload_identity_config.0.workload_pool to google_container_cluster (#​3733)
• container: made dns_cache_config conflict with GKE Autopilot mode (#​3725)
• container_cluster: Updated monitoring_config to accept WORKLOAD (#​3732)
• provider: Added links to nested types documentation for manually generated pages (#​3736)

BUG FIXES:

• cloudrun: fixed a permadiff on the field template.spec.containers.ports.name of the google_cloud_run_service resource (#​3740)
• composer: removed config.node_config.zone requirement on google_composer_environment (#​3745)
• compute: fixed permadiff for failover_policy on google_compute_region_backend_service (#​3728)
• compute: fixed to make description updatable without recreation on google_compute_instance_group_manager (#​3735)
• container: fixed a permadiff on google_container_node_pool.workload_metadata_config.mode (#​3726)
• iam: fixed request batching bug where failed requests would show unnecessary backslash escaping to the user. (#​3723)
• securitycenter: fixed bug where google_scc_notification_config.streaming_config.filter was not updating. (#​3727)

v3.89.0

Compare Source

BUG FIXES:

• compute: fixed bug where google_compute_router_peer could not set an advertised route priority of 0, causing permadiff. (#​3718)
• container: fixed a crash on monitoring_config of google_container_cluster (#​3717)
• iam: fixed request batching bug where failed requests would show unnecessary backslash escaping to the user. (#​3723)
• storage: fixed a bug to better handle eventual consistency among google_storage_bucket resources. (#​3715)

v3.88.0

Compare Source

NOTES:

• reorganized documentation to group all Compute Engine and Monitoring (Stackdriver) resources together. (#​3686)

DEPRECATIONS:

• container: deprecated workload_metadata_configuration.node_metadata in favor of workload_metadata_configuration.mode in google_container_cluster (#​3694)
• dataproc: deprecated the google_dataproc_workflow_template.version field, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#​3675)
  BREAKING CHANGES:
• gke_hub: made the config_membership field in google_gke_hub_feature required, disallowing invalid configurations (#​3681)
• gke_hub: made the configmanagement, feature, location, membership fields in google_gke_hub_feature_membership required, disallowing invalid configurations (#​3681)

FEATURES:

• New Data Source: google_service_networking_peered_dns_domain (#​3690)
• New Data Source: google_sourcerepo_repository (#​3684)
• New Data Source: google_storage_bucket (#​3678)
• New Resource: google_pubsub_lite_reservation (#​3708)
• New Resource: google_service_networking_peered_dns_domain (#​3690)

IMPROVEMENTS:

• composer: added field enable_privately_used_public_ips to resource google_composer_environment (beta) (#​3697)
• composer: added field enable_ip_masq_agent to resource google_composer_environment (beta) (#​3705)
• composer: added support for composer v2 fields workloads_config and cloud_composer_network_ipv4_cidr_block to composer_environment (#​3709)
• compute: added NetLB support for Connection Tracking as connectionTrackingPolicy in RegionBackendService(beta) (#​3698)
• compute: added external IPv6 support on google_compute_subnetwork and google_compute_instance.network_interfaces (#​3677)
• container: added support for workload_metadata_configuration.mode in google_container_cluster (#​3694)
• eventarc: added support for uid output field, cloud_function destination to google_eventarc_trigger (#​3681)
• gke_hub: added support for gcp_service_account_email when configuring Git sync in google_gke_hub_feature_membership (#​3681)
• gke_hub: added support for resource_state, state outputs to google_gke_hub_feature (#​3681)
• pubsub: added support for references to google_pubsub_lite_reservation to google_pubsub_lite_topic. (#​3708)

BUG FIXES:

• monitoring: fixed typo in google_monitoring_uptime_check_config where NOT_MATCHES_REGEX could not be specified. (#​3700)
• servicedirectory: marked service on google_service_directory_endpoint as ForceNew to trigger recreates on changes (#​3683)

v3.87.0

Compare Source

3.87.0 (October 04, 2021)

DEPRECATIONS:

• dataproc: deprecated the google_dataproc_workflow_template.version field, as it wasn't actually useful. The field is used during updates, but updates aren't currently possible with the resource. (#​3675)

FEATURES:

• New Resource: google_monitoring_monitored_project (#​3658)
• New Resource: google_org_policy_policy (#​3637)

IMPROVEMENTS:

• cloudbuild: added field service_account to google_cloudbuild_trigger (#​3661)
• composer: added field scheduler_count to google_composer_environment (#​3660)
• compute: Disabled recreation of GCE instances when updating resource_policies property (#​3668)
• container: added support for logging_config and monitoring_config to google_container_cluster (#​3641)
• kms: added support for import_only to google_kms_crypto_key (#​3659)
• networkservices: boosted the default timeout for google_network_services_edge_cache_origin from 30m to 60m (#​3674)

BUG FIXES:

• container: fixed an issue where a node pool created with error (eg. GKE_STOCKOUT) would not be captured in state (#​3646)
• filestore: Allowed updating reserved_ip_range on google_filestore_instance via recreation of the instance (#​3651)
• serviceusage: Made the service api retry failed operation calls in anticipation of transient errors that occur when first enabling the service. (#​3666)

v3.86.0

Compare Source

BUG FIXES:

• dns: fixed an issue in google_dns_record_set where rrdatas could not be updated (#​3625)
• dns: fixed an issue in google_dns_record_set where creating the resource would result in an 409 error (#​3625)
• platform: fixed a bug in wrongly writing to state when creation failed on google_organization_policy (#​3624)

v3.85.0

Compare Source

DEPRECATIONS:

• compute: deprecated interface field on google_compute_disk and google_compute_region_disk (#​3611)

IMPROVEMENTS:

• bigtable: enabled support for user_project_override in google_bigtable_instance and google_bigtable_table (#​3614)
• compute: added iap fields to google_compute_region_backend_service (#​3605)
• compute: allowed passing an IP address to the nextHopIlb field of google_compute_route resource (#​3609)
• container: added field dns_config to resource google_container_cluster (#​3606)
• iam: added disabled field to google_service_account resource (#​3603)
• provider: added links to nested types documentation within a resource (#​3615)
• storage: added field path to google_storage_transfer_job (#​3608)

BUG FIXES:

• appengine: fixed bug where deployment.container.image would update to an old version even if in ignore_changes (#​3613)
• bigquery: fixed a bug where destination_encryption_config.kms_key_name stored the version rather than the key name. (#​3616)
• redis: extended the default timeouts on google_redis_instance (#​3604)
• serviceusage: fixed an issue in google_project_service where users could not reenable services that were disabled outside of Terraform. (#​3607)

v3.84.0

Compare Source

DEPRECATIONS:

• compute: deprecated interface field on google_compute_disk and google_compute_region_disk (#​3611)

FEATURES:

• New Data Source: google_secret_manager_secret (#​3588)

IMPROVEMENTS:

• compute: added update support to google_compute_service_attachment (#​3587)
• filestore: added connect_mode to networks field in google_filestore_instance (#​3595)

BUG FIXES:

• container: fixed a bug in failing to remove maintenance_exclusion on google_container_cluster (#​3600)
• compute: fixed advanced_machine_features error messages in google_compute_instance (#​3598)
• eventarc: fixed bug where resources deleted outside of Terraform would cause errors (#​3590)
• functions: fixed an error message on google_cloudfunctions_function (#​3591)
• logging: fixed the data type for bucket_options.linear_buckets.width on google_logging_metric (#​3589)
• osconfig: fixed import on google_os_config_guest_policies (#​3594)
• storage: fixed an undetected change on days_since_noncurrent_time of google_storage_bucket (#​3599)

v3.83.0: 3.83.0

Compare Source

FEATURES:

• New Resource: google_privateca_certificate_template (#​3561)

IMPROVEMENTS:

• privateca: added certificate_template to google_privateca_certificate. (#​3567)
• compute: allowed setting ip_address field of google_compute_router_peer (#​3565)
• dataproc: added field metastore_config to google_dataproc_cluster (#​3577)
• kms: added support for destroy_scheduled_duration to google_kms_crypto_key (#​3563)

BUG FIXES:

• endpoints: fixed a timezone discrepancy in config_id on google_endpoints_service (#​3564)
• cloudbuild: marked google_cloudbuild_trigger as requiring one of branch_name/tag_name/commit_sha within build.source.repo_source (#​3582)
• compute: fixed a crash on enable field of google_compute_router_peer (#​3579)
• compute: fixed a permanent diff for next_hop_instance_zone on google_compute_route when next_hop_instance was set to a self link (#​3571)
• compute: fixed an issue in google_compute_router_nat where removing log_config resulted in a perma-diff (#​3581)
• privateca: fixed a permadiff bug for publishing_options on google_privateca_ca_pool when both attributes set false (#​3570)
• spanner: fixed instance updates to processing units (#​3575)
• storage: added support for timeouts on google_storage_bucket_object (#​3578)

v3.82.0

Compare Source

FEATURES:

• New Resource: google_privateca_certificate_template (#​3561)
• New Resource: google_compute_firewall_policy (#​3556)
• New Resource: google_compute_firewall_policy_association (#​3556)
• New Resource: google_compute_firewall_policy_rule (#​3556)

IMPROVEMENTS:

• notebooks: added support for nic_type, reservation_affinity to google_notebooks_instance (#​3554)
• sql: added field collation to google_sql_database_instance (#​3557)

BUG FIXES:

• apigateway: fixed import functionality for all apigateway resources (#​3549)
• compute: fixed a bug when a source_machine_image from a different project is used on google_compute_instance_from_machine_image (#​3541)
• dns: fixed not-exists error message on data source google_dns_managed_zone (#​3559)
• healthcare: fixed bug where changes to google_healthcare_hl7_v2_store.parser_config subfields would error with "...parser_config.version field is immutable..." (#​3560)
• os_config: fixed imports for google_os_config_guest_policies (#​3550)
• pubsub: added polling to google_pubsub_schema to deal with eventually consistent deletes (#​3544)
• secretmanager: fixed an issue where replication fields would not update in google_secret_manager_secret (#​3558)
• service_usage: fixed imports on google_service_usage_consumer_quota_override (#​3552)
• sql: fixed a permadiff bug for type when BUILT_IN on google_sql_user (#​3545)
• sql: fixed bug in google_sql_user with CLOUD_IAM_USERs on POSTGRES. (#​3542)

v3.81.0

Compare Source

IMPROVEMENTS:

• compute: Added enable attribute to google_compute_router_peer (#​3507)
• compute: added support for L3_DEFAULT as ip_protocol for google_compute_forwarding_rule and UNSPECIFIED as protocol for google_compute_region_backend_service to support network load balancers that forward all protocols and ports. (#​3516)
• compute: added support for security_settings to google_compute_backend_service (#​3515)
• gkehub: added google_gke_hub_membership support for both //container.googleapis.com/${google_container_cluster.my-cluster.id} and google_container_cluster.my-cluster.id in endpoint.0.gke_cluster.0.resource_link (#​3502)
• provider: Added provider support for request_reason (#​3513)
• provider: added support for billing_project across all resources. If user_project_override is set to true and a billing_project is set, the X-Goog-User-Project header will be sent for all resources. (#​3539)

BUG FIXES:

• assuredworkloads: enhanced resource deletion so google_assured_workloads_workload can delete what it creates (#​3533)
• bigquery: fixed the permadiff bug on location of the google_bigquery_dataset (#​3524)
• composer: fixed environment version regexp to explicitly require . (dot) instead of any character after 'preview' (example: composer-2.0.0-preview.0-airflow-2.1.1) (#​3520)
• compute: changed wait_for_instances in google_compute_instance_group_manager and google_compute_region_instance_group_manager to no longer block plan / refresh, waiting on managed instance statuses during apply instead (#​3531)
• compute: fixed a bug where negative_caching_policy cannot be set always revalidate on google_compute_backend_service (#​3529)
• compute: fixed instances where compute resource calls would have their urls appended with a redundant /projects after the host (#​3532)
• firestore: removed diff for server generated field __name__ on google_firestore_index (#​3528)
• privateca: Fixed null for ignore_active_certificates_on_deletion on the imported google_privateca_certificate_authority (#​3511)
• privateca: fixed the creation of subordinate google_privateca_certificate_authority with max_issuer_path_length = 0. (#​3540)

v3.80.0

Compare Source

FEATURES:

• New Resource: google_dialogflow_cx_environment (#​3488)

IMPROVEMENTS:

• gkehub: added support for both //container.googleapis.com/${google_container_cluster.my-cluster.id} and google_container_cluster.my-cluster.id references in google_gke_hub_membership.endpoint.0.gke_cluster.0.resource_link (#​3502)
• kms: added name field to google_kms_crypto_key_version datasource (#​3500)

BUG FIXES:

• apigee: fixed update behavior on google_apigee_envgroup (#​3489)
• artifact_registry: transitioned the field format to be case insensitive in aligning with backend behavior on google_artifact_registry_repository (#​3491)
• privateca: fixed a failure to create google_privateca_certificate_authority of type SUBORDINATE due to an invalid attempt to activate it on creation. (#​3499)

v3.79.0

Compare Source

NOTES:

• spanner: The num_nodes field on google_spanner_instance will have its default removed in a future major release, and either num_nodes or processing_units will be required. (#​3479)

FEATURES:

• New Resource: google_dialogflow_cx_entity_type (#​3480)
• New Resource: google_dialogflow_cx_page (#​3461)

IMPROVEMENTS:

• container: added network_config block to google_container_node_pool resource (#​3472)
• spanner: added processing_units to google_spanner_instance. (#​3479)
• storage: added support for customer_encryption on resource_storage_bucket_object (#​3469)

v3.78.0

Compare Source

IMPROVEMENTS:

• composer: added validation for max_pods_per_node field. (#​3445)
• servicenetworking: added support for user_project_override and billing_project to google_service_networking_connection (#​3455)

BUG FIXES:

• storagetransfer: fixed a crash on azure_blob_storage_data_source for google_storage_transfer_job (#​3447)
• sql: fixed bug that wouldn't insert the google_sql_user in state for iam users. (#​3442)
• storage: fixed a crash when azure_credentials was defined in google_storage_transfer_job (#​3457)

v3.77.0

Compare Source

FEATURES:

• New Resource: google_scc_notification_config (#​3431)

IMPROVEMENTS:

• composer: added field maintenance_window to resource google_composer_environment (#​3435)
• compute: fixed a permadiff bug in log_config field of google_compute_region_backend_service (#​3427)
• dlp: added crypto_replace_ffx_fpe_config and crypto_replace_ffx_fpe_config as primitive transformation types to google_data_loss_prevention_deidentify_template (#​3429)

BUG FIXES:

• bigquerydatatransfer: fixed a bug where destination_dataset_id was required, it is now optional. (#​3438)
• billing: Fixed ordering of budget_filter. projects on google_billing_budget (#​3436)
• compute: removed default value of 0.8 from google_backend_service.backend.max_utilization and it will now default from API. All max_connections_xxx and max_rate_xxx will also default from API as these are all conditional on balancing mode. (#​3432)
• sql: fixed bug where the provider would retry on an error if the database instance name couldn't be reused. (#​3434)

v3.76.0

Compare Source

FEATURES:

• New Resource: google_assured_workloads_workload (#​3410)
• New Resource: google_dialogflow_cx_flow (#​3422)
• New Resource: google_dialogflow_cx_intent (#​3415)
• New Resource: google_dialogflow_cx_version (#​3423)
• New Resource: google_network_services_edge_cache_keyset (#​3417)
• New Resource: google_network_services_edge_cache_origin (#​3417)
• New Resource: google_network_services_edge_cache_service (#​3417)
• New Resource: google_vertex_ai_featurestore_entitytype (#​3416)
• New Resource: google_vertex_ai_featurestore (#​3416)

IMPROVEMENTS:

• apigee: Added SLASH_22 support for peering_cidr_range on google_apigee_instance (#​3424)
• cloudbuild: Added pubsub_config and webhook_config parameter to google_cloudbuild_trigger. (#​3418)

BUG FIXES:

• pubsub: fixed pubsublite update issues (#​3421)

v3.75.0

Compare Source

BREAKING CHANGES:

• privateca: existing beta resources will no longer function (#​3397)

FEATURES:

• New Resource: google_privateca_ca_pool (#​3397)
• New Resource: google_privateca_certificate (#​3397)
• New Resource: google_privateca_certificate_authority (#​3397)

IMPROVEMENTS:

• bigquery: added kms_key_version as an output on bigquery_table.encryption_configuration and the destination_encryption_configuration blocks of bigquery_job.query, bigquery_job.load, and bigquery_copy. (#​3406)
• compute: added advanced_machine_features to google_compute_instance (#​3392)
• dlp: Added replace_with_info_type_config to dlp_deidentify_template. (#​3384)
• storage: added temporary_hold and event_based_hold attributes to google_storage_bucket_object (#​3399)

BUG FIXES:

• bigquery: Fixed permadiff due to lowercase mode/type in google_bigquery_table.schema (#​3405)
• billing: made all_updates_rule.* fields updatable on google_billing_budget (#​3394)
• billing: made amount.specified_amount.units updatable on google_billing_budget (#​3391)
• compute: fixed perma-diff in google_compute_instance (#​3389)
• storage: fixed handling of object paths that contain slashes for google_storage_object_access_control (#​3407)

v3.74.0

Compare Source

FEATURES:

• New Resource: google_app_engine_service_network_settings (#​3371)
• New Resource: google_vertex_ai_dataset (#​3369)
• New Resource: google_cloudbuild_worker_pool (#​3372)

IMPROVEMENTS:

• bigtable: added cluster.kms_key_name field to google_bigtable_instance (#​3354)
• composer: added field max_pods_per_node to resource google_composer_environment (beta) (#​3376)
• secretmanager: added ttl, expire_time, topics and rotation fields to google_secret_manager_secret (#​3360)

BUG FIXES:

• container: allowed setting node_config.service_account at the same time as enable_autopilot = true for google_container_cluster (#​3361)
• container: fixed issue where creating a node pool with a name that already exists would import that resource. google_container_node_pool (#​3378)
• dataproc: fixed crash when creating google_dataproc_workflow_template with secondary_worker_config empty except for num_instances = 0 (#​3347)
• filestore: fixed an issue in google_filestore_instance where creating two instances simultaneously resulted in an error. (#​3358)
• iam: fixed an issue in google_iam_workload_identity_pool_provider where aws and oidc were not updatable. (#​3350)
• sql: added support for binary_logging on replica instances for googe_sql_database_instance (#​3379)

v3.73.0

Compare Source

FEATURES:

• New Resource: google_compute_service_attachment (#​3328)
• New Resource: google_dialogflow_cx_agent (#​3324)
• New Resource: google_gkehub_feature (#​3330)
• New Resource: google_gkehub_feature_membership (#​3330)

IMPROVEMENTS:

• provider: added support for mtls authentication (#​3348)
• compute: added field adaptive_protection_config to google_compute_security_policy (#​3322)
• compute: added advanced_machine_features fields to google_compute_instance_template (#​3337)
• compute: added a network_performance_config block to each of resource_compute_instance, resource_compute_instance_from_template, and resource_compute_instance_template (#​3341)
• redis: allowed redis_version to be upgraded on google_redis_instance (#​3344)

BUG FIXES:

• apigee: added SLASH_23 support for peering_cidr_range on google_apigee_instance (#​3327)
• cloudrun: fixed a bug where plan would should a diff on google_cloud_run_service if the order of the template.spec.containers.env list was re-ordered outside of terraform. (#​3326)
• container: added user_project_override support to the ContainerOperationWaiter used by google_container_cluster (#​3345)

v3.72.0: 3.72.0

Compare Source

IMPROVEMENTS:

• container: Allowed specifying a cluster id field for google_container_node_pool.cluster to ensure that a node pool is recreated if the associated cluster is recreated. (#​3314)
• storagetransfer: added support for azure_blob_storage_data_source to google_storage_transfer_job (#​3316)

BUG FIXES:

• bigquery: Fixed google_bigquery_table.schema handling of policyTags (#​3307)
• bigtable: fixed bug that would error if creating multiple bigtable gc policies at the same time (#​3311)
• compute: fixed bug where encryption showed a perma-diff on resources created prior to the feature being released. (#​3309)
• dataflow: fixed handling of failed google_dataflow_flex_template_job updates (#​3318)
• dataflow: made google_dataflow_flex_template_job updates fail fast if the job is in the process of cancelling or draining(#​3317)

v3.71.0

Compare Source

FEATURES:

• New Resource: google_dialogflow_fulfillment (#​3286)

IMPROVEMENTS:

• compute: added reservation_affinity to google_compute_instance and google_compute_instance_template (#​3288)
• compute: added support for wait_for_instances_status on google_compute_instance_group_manager and google_compute_region_instance_group_manager (#​3283)
• compute: added support for output-only status field on google_compute_instance_group_manager and google_compute_region_instance_group_manager (#​3283)
• compute: set the default value for log_config.enable on google_compute_region_health_check to avoid permanent diff on plan/apply. (#​3291)

BUG FIXES:

• composer: fixed a check that did not allow for preview versions in google_composer_environment (#​3287)
• storage: fixed error when matches_storage_class is set empty on google_storage_bucket (#​3282)
• vpcaccess: fixed permadiff when max_throughput is not set on google_vpc_access_connector (#​3294)

v3.70.0

Compare Source

IMPROVEMENTS:

• compute: added provisioned_iops to google_compute_disk (#​3269)
• sql: added field disk_autoresize_limit to sql_database_instance (#​3273)

BUG FIXES:

• cloudrun: fixed a bug where resources would return successfully due to responses based on a previous version of the resource (#​3277)
• compute: fixed issue where google_compute_region_disk and google_compute_disk would force recreation due to the addition of interface property (#​3272)
• compute: fixed missing values for negative_caching and serve_while_stale on google_compute_backend_service (#​3278)
• storage: fixed error when matches_storage_class is set empty on google_storage_bucket (#​3282)

v3.69.0

Compare Source

IMPROVEMENTS:

• apigateway: allowed field apiconfig to change on resource google_apigateway_gateway (#​3248)
• compute: added "description" field to "google_compute_resource_policy" resource (#​3263)
• compute: added "instance_schedule_policy" field to "google_compute_resource_policy" resource (#​3263)
• compute: added support for IPsec-encrypted Interconnect in the form of new fields on google_compute_router, google_compute_ha_vpn_gateway, google_compute_interconnect_attachment and google_compute_address (#​3256)
• dataflow: enabled updates for google_dataflow_flex_template_job (#​3246)

BUG FIXES:

• cloudidentity: fixed recreation on the initial_group_config of google_cloud_identity_group (#​3252)
• compute: added mutex in google_compute_metadata_item to reduce retries + quota errors (#​3262)
• container: fixed bug where enable_shielded_nodes could not be false on resource google_container_cluster (#​3247)

v3.68.0

Compare Source

FEATURES:

• New Resource: google_pubsub_schema (#​3243)

IMPROVEMENTS:

• compute: added initial_size in resource google_compute_node_group to account for scenarios where size may change under the hood (#​3228)
• compute: added support for setting kms_key_name on google_compute_machine_image (#​3241)
• dataflow: enabled updates for google_dataflow_flex_template_job (#​3246)

BUG FIXES:

• compute: Fixed permadiff for cdn_policy.serve_while_stale and cdn_policy.*_ttl in google_compute_region_backend_service (beta) (#​3230)
• compute: fixed bug where, when an organization security policy association was removed outside of terraform, the next plan/apply would fail. (#​3234)
• container: added validation to check that both node_version and remove_default_node_pool cannot be set on google_container_cluster (#​3237)
• dns: suppressed spurious diffs due to case changes in DS records (#​3236)

v3.67.0

Compare Source

NOTES:

• all: changed default HTTP request timeout from 30 seconds to 120 seconds (#​3181)
  BREAKING CHANGES:
• bigquery: updating dataset_id or project_id in google_bigquery_dataset will now recreate the resource (#​3185)

IMPROVEMENTS:

• accesscontextmanager: added support for require_verified_chrome_os in basic access levels. (#​3223)
• billingbudget: added support for import of google_billing_budget (#​3194)
• cloud_identity: added support for initial_group_config to the google_cloud_identity_group resource (#​3211)
• cloudrun: added support to bind secrets from Secret Manager to environment variables or files to google_cloud_run_service (#​3225)
• compute: added initial_size to account for scenarios where size may change under the hood in resource google_compute_node_group (#​3228)
• compute: added interface field to google_compute_region_disk (#​3193)
• healthcare: added support for stream_configs in google_healthcare_dicom_store (#​3190)
• secretmanager: added support for setting a CMEK on google_secret_manager_secret (#​3212)
• spanner: added force_destroy to google_spanner_instance to delete instances that have backups enabled. (#​3227)
• spanner: added support for setting a CMEK on google_spanner_database (#​3181)
• workflows: marked source_contents and service_account as updatable on google_workflows_workflow (#​3205)

BUG FIXES:

• bigquery: fixed dataset_id to force new resource if name is changed. (#​3185)
• cloudrun: fixed permadiff on google_cloud_run_domain_mapping.metadata.labels (#​3183)
• composer: changed google_composer_environment.master_ipv4_cidr_block to draw default from the API (#​3204)
• compute: fixed the failure when min_required_replicas is set to 0 on google_compute_autoscaler or google_compute_region_autoscaler (#​3203)
• container: fixed container node pool not removed from the state when received 404 error on delete call for the resource google_container_node_pool (#​3210)
• dns: fixed empty rrdatas list on google_dns_record_set for AAAA records (#​3207)
• kms: fixed indirectly force replacement via skip_initial_version_creation on google_kms_crypto_key (#​3192)
• logging: fixed metric_descriptor.labels can't be updated on 'google_logging_metric' (#​3217)
• pubsub: fixed diff for minimum_backoff & maximum_backoff on google_pubsub_subscription (#​3214)
• resourcemanager: fixed broken handling of IAM conditions for google_organization_iam_member, google_organization_iam_binding, and google_organization_iam_policy (#​3213)
• serviceusage: added google_project_service.service validation to reject invalid service domains that don't contain a period (#​3191)
• storage: fixed bug where role_entity user wouldn't update if the role changed. (#​3199)

v3.66.1

Compare Source

BUG FIXES:

• compute: fixed bug where terraform would crash if updating from no service_account.scopes to more. (#​3208)

[v3.66.0](https://github.com/hashicorp/

---

Configuration

📅 Schedule: Branch creation - "after 5am on friday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment