chore(deps): update terraform google to v5

[renovate-bot]

This PR contains the following updates:

Package	Type	Update	Change
google (source)	required_provider	major	4.55.0 -> 5.0.0

---

Release Notes

hashicorp/terraform-provider-google (google)

v5.0.0

Compare Source

Terraform Google Provider 5.0.0 Upgrade Guide

NOTES:

• provider: some provider default values are now shown at plan-time (#​15707)

LABELS REWORK:

• provider: default labels configured on the provider through the new default_labels field are now supported. The default labels configured on the provider will be applied to all of the resources with standard labels field.
• provider: resources with labels - three label-related fields are now in all of the resources with standard labels field. labels field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-only terraform_labels field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-only effective_labels field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.
• provider: resources with annotations - two annotation-related fields are now in all of the resources with standard annotations field. The annotations field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-only effective_annotations field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.
• provider: datasources with labels - three fields labels, terraform_labels, and effective_labels are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent to effective_labels on the resource.
• provider: datasources with annotations - both annotations and effective_annotations are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent to effective_annotations on the resource.

BREAKING CHANGES:

• provider: added provider-level validation so these fields are not set as empty strings in a user's config: credentials, access_token, impersonate_service_account, project, billing_project, region, zone (#​15968)
• provider: fixed many import functions throughout the provider that matched a subset of the provided input when possible. Now, the GCP resource id supplied to "terraform import" must match exactly. (#​15977)
• provider: made data sources return errors on 404s when applicable instead of silently failing (#​15799)
• provider: made empty strings in the provider configuration block no longer be ignored when configuring the provider(#​15968)
• accesscontextmanager: changed multiple array fields to sets where appropriate to prevent duplicates and fix diffs caused by server side reordering. (#​15756)
• bigquery: added more input validations for google_bigquery_table schema (#​15338)
• bigquery: made routine_type required for google_bigquery_routine (#​15517)
• cloudfunction2: made location required on google_cloudfunctions2_function (#​15830)
• cloudiot: removed deprecated datasource google_cloudiot_registry_iam_policy (#​15739)
• cloudiot: removed deprecated resource google_cloudiot_device (#​15739)
• cloudiot: removed deprecated resource google_cloudiot_registry (#​15739)
• cloudiot: removed deprecated resource google_cloudiot_registry_iam_* (#​15739)
• cloudrunv2: removed deprecated field liveness_probe.tcp_socket from google_cloud_run_v2_service resource. (#​15430)
• cloudrunv2: removed deprecated fields startup_probe and liveness_probe from google_cloud_run_v2_job resource. (#​15430)
• cloudrunv2: retyped volumes.cloud_sql_instance.instances to SET from ARRAY for google_cloud_run_v2_service (#​15831)
• compute: made google_compute_node_group require one of initial_size or autoscaling_policy fields configured upon resource creation (#​16006)
• compute: made size in google_compute_node_group an output only field. (#​16006)
• compute: removed default value for rule.rate_limit_options.encorce_on_key on resource google_compute_security_policy (#​15681)
• compute: retyped consumer_accept_lists to a SET from an ARRAY type for google_compute_service_attachment (#​15985)
• container: added deletion_protection to google_container_cluster which is enabled to true by default. When enabled, this field prevents Terraform from deleting the resource. (#​16013)
• container: changed management.auto_repair and management.auto_upgrade defaults to true in google_container_node_pool (#​15931)
• container: changed networking_mode default to VPC_NATIVE for newly created google_container_cluster resources (#​6402)
• container: removed enable_binary_authorization in google_container_cluster (#​15868)
• container: removed default for logging_variant in google_container_node_pool (#​15931)
• container: removed default value in network_policy.provider in google_container_cluster (#​15920)
• container: removed the behaviour that google_container_cluster will delete the cluster if it's created in an error state. Instead, it will mark the cluster as tainted, allowing manual inspection and intervention. To proceed with deletion, run another terraform apply. (#​15887)
• container: reworked the taint field in google_container_cluster and google_container_node_pool to only manage a subset of taint keys based on those already in state. Most existing resources are unaffected, unless they use sandbox_config- see upgrade guide for details. (#​15959)
• dataplex: removed data_profile_result and data_quality_result from google_dataplex_scan (#​15505)
• firebase: changed deletion_policy default to DELETE for google_firebase_web_app. (#​15406)
• firebase: removed google_firebase_project_location (#​15764)
• gameservices: removed Terraform support for gameservices (#​15558)
• logging: changed the default value of unique_writer_identity from false to true in google_logging_project_sink. (#​15743)
• logging: made growth_factor, num_finite_buckets, and scale required for google_logging_metric (#​15680)
• looker: removed LOOKER_MODELER as a possible value in google_looker_instance.platform_edition (#​15956)
• monitoring: fixed perma-diffs in google_monitoring_dashboard.dashboard_json by suppressing values returned by the API that are not in configuration (#​16014)
• monitoring: made labels immutable in google_monitoring_metric_descriptor (#​15988)
• privateca: removed deprecated fields config_values, pem_certificates from google_privateca_certificate (#​15537)
• secretmanager: removed automatic field in google_secret_manager_secret resource (#​15859)
• servicenetworking: used Create instead of Patch to create google_service_networking_connection (#​15761)
• servicenetworking: used the deleteConnection method to delete the resource google_service_networking_connection (#​15934)

FEATURES:

• New Resource: google_scc_folder_custom_module (#​15979)
• New Resource: google_scc_organization_custom_module (#​16012)

IMPROVEMENTS:

• alloydb: added additional fields to google_alloydb_instance and google_alloydb_backup (#​15973)
• artifactregistry: added support for remote APT and YUM repositories to google_artifact_registry_repository (#​15973)
• baremetal: made delete a noop for the resource google_bare_metal_admin_cluster to better align with actual behavior (#​16010)
• bigtable: added state output attribute to google_bigtable_instance clusters (#​15961)
• compute: made google_compute_node_group mutable (#​16006)
• container: added the effective_taints attribute to google_container_cluster and google_container_node_pool, outputting all known taint values (#​15959)
• container: allowed setting addons_config.gcs_fuse_csi_driver_config on google_container_cluster with enable_autopilot: true. (#​15996)
• containeraws: added binary_authorization to google_container_aws_cluster (#​15989)
• containeraws: added update_settings to google_container_aws_node_pool (#​15989)
• google_compute_instance (#​15933)
• osconfig: added week_day_of_month.day_offset field to the google_os_config_patch_deployment resource (#​15997)
• secretmanager: allowed update for rotation.rotation_period field in google_secret_manager_secret resource (#​15952)
• sql: added preferred_zone field to google_sql_database_instance resource (#​15971)
• storagetransfer: added event_stream field to google_storage_transfer_job resource (#​16004)

BUG FIXES:

• bigquery: fixed diff suppression in external_data_configuration.connection_id in google_bigquery_table (#​15983)
• bigquery: fixed view and materialized view creation when schema is specified in google_bigquery_table (#​15442)
• bigtable: avoided re-creation of google_bigtable_instance when cluster is still updating and storage type changed (#​15961)
• bigtable: fixed a bug where dynamically created clusters would incorrectly run into duplication error in google_bigtable_instance (#​15940)
• compute: removed the default value for field reconcile_connections in resource google_compute_service_attachment, the field will now default to a value returned by the API when not set in configuration (#​15919)
• compute: replaced incorrect default value for enable_endpoint_independent_mapping with APIs default in resource google_compute_router_nat (#​15478)
• container: fixed an issue in google_container_node_pool where empty linux_node_config.sysctls would crash the provider (#​15941)
• dataflow: fixed issue causing error message when max_workers and num_workers were supplied via parameters in google_dataflow_flex_template_job (#​15976)
• dataflow: fixed max_workers read value permanently displaying as 0 in google_dataflow_flex_template_job (#​15976)
• dataflow: fixed permadiff when SdkPipeline values are supplied via parameters in google_dataflow_flex_template_job (#​15976)
• identityplayform: fixed a potential perma-diff for sign_in in google_identity_platform_config resource (#​15907)
• firebase: made google_firebase_rules.release immutable (#​15989)
• monitoring: fixed an issue where metadata was not able to be updated in google_monitoring_metric_descriptor (#​16014)
• monitoring: fixed bug where importing google_monitoring_notification_channel failed when no default project was supplied in provider configuration or through environment variables (#​15929)
• secretmanager: fixed an issue in google_secretmanager_secret where replacing replication.automatic with replication.auto would destroy and recreate the resource (#​15922)
• sql: fixed diffs when re-ordering existing database_flags in google_sql_database_instance (#​15678)
• tags: fixed import failure on google_tags_tag_binding (#​16005)
• vertexai: made contents_delta_uri a required field in google_vertex_ai_index as omitting it would result in an error (#​15992)

v4.84.0

Compare Source

DEPRECATIONS:

• alloydb: deprecated network field in favor of network_config on google_alloydb_cluster. (#​15881)
• identityplayform: deprecated google_identity_platform_project_default_config resource. Use google_identity_platform_config resource instead (#​15876)

FEATURES:

• New Data Source: google_certificate_manager_certificate_map (#​15906)
• New Resource: google_artifact_registry_vpcsc_config (#​15840)
• New Resource: google_dialogflow_cx_security_settings (#​15886)
• New Resource: google_gke_backup_restore_plan (#​15858)
• New Resource: google_edgenetwork_network (#​15891)
• New Resource: google_edgenetwork_subnet (#​15891)

IMPROVEMENTS:

• alloydb: added network_config field to support named IP ranges on google_alloydb_cluster. (#​15881)
• cloudrunv2: added fields network_interfaces to resource google_cloud_run_v2_job to support Direct VPC egress. (#​15870)
• cloudrunv2: added fields network_interfaces to resource google_cloud_run_v2_service to support Direct VPC egress. (#​15870)
• compute: updated the autoscaling_policy.mode to accept ONLY_SCALE_OUT on google_compute_autoscaler (#​15890)
• compute: added server_tls_policy argument to google_compute_target_https_proxy resource (#​15845)
• compute: added member attribute to google_compute_default_service_account datasource (#​15897)
• compute: added output field internal_ipv6_prefix to google_compute_subnetwork resource (#​15892)
• container: added node_config.fast_socket field to google_container_node_pool (#​15872)
• container: promoted node_pool_auto_config field in google_container_cluster from beta provider to GA provider. (#​15884)
• container: promoted field placement_policy.tpu_topology in resource google_container_node_pool to GA (#​15869)
• containeraws: added support for auto_repair in google_container_aws_node_pool (#​15862)
• containerazure: added support for auto_repair in google_container_azure_node_pool (#​15862)
• filestore: added support for the "ZONAL" value to tier in google_filestore_instance (#​15889)
• firestore: added delete_protection_state field to google_firestore_database resource. (#​15878)
• identityplatform: added sign-in field to google_identity_platform_config resource (#​15876)
• networkconnectivity: added support for linked_vpc_network in google_network_connectivity_spoke (#​15862)
• networkservices: increased default timeout for google_network_services_edge_cache_origin to 120m from 60m (#​15855)
• networkservices: increased default timeout for google_network_services_edge_cache_service to 60m from 30m (#​15861)
• secretmanager: added is_secret_data_base64 field to google_secret_manager_secret_version resource (#​15853)

BUG FIXES:

• bigquery: updated documentation for google_bigquery_table.time_partitioning.expiration_ms (#​15873)
• bigtable: added a read timeout to google_bigtable_instance (#​15856)
• bigtable: improved regional reliability when instance overlaps a downed region in the resource google_bigtable_instance (#​15900)
• eventarc: resolved permadiff on google_eventarc_trigger.event_data_content_type by defaulting to the value returned by the API if not set in the configuration. (#​15862)
• identityplatform: fixed a potential perma-diff for sign_in in google_identity_platform_config resource (#​15907)
• monitoring: fixed scaling issues when deploying terraform changes with many google_monitoring_monitored_project (#​15828)
• monitoring: fixed validation of service_id on google_monitoring_custom_service and slo_id on google_monitoring_slo (#​15841)
• osconfig: fixed no more than one setting is allowed under patch_config.windows_update on google_os_config_patch_deployment (#​15904)
• provider: addressed a bug where configuring the provider with unknown values did not behave as expected (#​15898)
• provider: fixed the provider so it resumes ignoring empty strings set in the provider block (#​15844)
• secretmanager: replaced the panic block with an error in import function of google_secret_manager_secret_version resource (#​15880)
• secretmanager: fixed an issue in google_secretmanager_secret where replacing replication.automatic with replication.auto would destroy and recreate the resource (#​15922)

v4.83.0

Compare Source

DEPRECATIONS:

• secretmanager: deprecated automatic field on google_secret_manager_secret. Use auto instead. (#​15793)

FEATURES:

• New Resource: google_biglake_table (#​15736)
• New Resource: google_data_pipeline_pipeline (#​15785)
• New Resource: google_dialogflow_cx_test_case (#​15814)
• New Resource: google_storage_insights_report_config (#​15819)
• New Resource: google_apigee_target_server (#​15751)

IMPROVEMENTS:

• gkehub: added labels fields to google_gke_hub_membership_binding resource (#​15753)
• bigquery: added allow_non_incremental_definition to google_bigquery_table resource (#​15813)
• bigquery: added table_constraints field to google_bigquery_table resource (#​15815)
• compute: added internal IPV6 support for google_compute_address and google_compute_instance resources (#​15780)
• containerattached: added binary_authorization field to google_container_attached_cluster resource (#​15822)
• containeraws: added update support for config.instance_type in container_aws_node_pool (#​15862)
• firestore: added point_in_time_recovery_enablement field to google_firestore_database resource (#​15795)
• firestore: added update_time and uid fields to google_firestore_database resource (#​15823)
• gkehub2: added labels, namespace_labels fields to google_gke_hub_namespace resource (#​15732)
• gkehub: added labels fields to google_gke_hub_scope resource (#​15801)
• gkeonprem: added upgrade_policy and binary_authorization fields in google_gkeonprem_bare_metal_cluster resource (beta) (#​15765)
• gkeonprem: added upgrade_policy field in google_gkeonprem_vmware_cluster resource (beta) (#​15765)
• secretmanager: added auto field to google_secret_manager_secret resource (#​15793)
• secretmanager: added deletion_policy field to google_secret_manager_secret_version resource (#​15818)
• storage: supported in-place update for autoclass field in google_storage_bucket resource (#​15782)
• vertexai: added public_endpoint_enabled to google_vertex_ai_index_endpoint (#​15741)

BUG FIXES:

• bigquerydatatransfer: fixed a bug when importing location of google_bigquery_data_transfer_config (#​15734)
• container: fixed concurrent ops' quota-error to be retriable in google_container_node_pool (#​15820)
• eventarc: resolved permadiff on event_content_type in eventarc_trigger, the field will now default to a value returned by the API when not set in configuration (#​15862)
• pipeline: fixed issue where certain google_dataflow_job instances would crash the provider (#​15821)
• provider: fixed a bug where user_project_override would not be not used correctly when provisioning resources implemented using the plugin framework. Currently there are no resources implemented this way, so no-one should have been impacted. (#​15776)
• pubsub: fixed issue where setting no_wrapper.write_metadata to false wasn't passed to the API for google_pubsub_subscription (#​15758)
• serviceaccount: added retries for reads after google_service_account creation if 403 Forbidden is returned. (#​15760)
• storage: fixed the failure in building a plan when a content value is expected on google_storage_bucket_object_content (#​15735)

v4.82.0

Compare Source

IMPROVEMENTS:

• compute: added in-place update support for field enable_proxy_protocol in google_compute_service_attachment resource (#​15716)
• compute: added in-place update support for field reconcile_connections in google_compute_service_attachment resource (#​15706)
• compute: added in-place update support for field allowPscGlobalAccess in google_compute_forwarding_rule resource (#​15691)
• compute: promoted google_compute_region_instance_template to GA (#​15710)
• container: added additional options for field monitoring_config.enable_components in google_container_cluster resource (#​15727)
• gkehub: added labels field to google_gke_hub_scope_rbac_role_binding resource (#​15729)
• logging: added in-place update support for field unique_writer_identity in google_logging_project_sink resource (#​15721)
• networkconnectivity: added psc_connections.error.details field to google_network_connectivity_service_connection_policy resource (#​15726)
• secretmanager: added in-place update support for field replication.user_managed.replicas.customer_managed_encryption in google_secret_manager_secret resource (#​15685)

BUG FIXES:

• bigquery: made params.destination_table_name_template and params.data_path immutable as updating these fields if value of data_source_id is amazon_s3 in google_bigquery_data_transfer_config resource (#​15723)
• dns: fixed hash function for network_url in google_dns_managed_zone and google_dns_policy resources to make sure that the private DNS zone or DNS policy can be attatched to all of the networks in different projects, even though the network name is the same across of those projects. (#​15728)

v4.81.0

Compare Source

FEATURES:

• New Resource: google_biglake_catalog (#​15634)
• New Resource: google_redis_cluster (#​15645)
• New Resource: google_biglake_database (#​15651)
• New Resource: google_compute_network_attachment (#​15648)
• New Resource: google_gke_hub_feature_membership (#​15604)
• New Resource: google_gke_hub_membership_binding (#​15670)
• New Resource: google_gke_hub_namespace (#​15670)
• New Resource: google_gke_hub_scope (#​15670)
• New Resource: google_gke_hub_scope_iam_member (#​15670)
• New Resource: google_gke_hub_scope_iam_policy (#​15670)
• New Resource: google_gke_hub_membership_binding (#​15670)
• New Resource: google_gke_hub_scope_rbac_role_binding (#​15670)

IMPROVEMENTS:

• compute: made the field distribution_policy_target_shape of google_compute_region_instance_group_manager not cause recreation of the resource. (#​15641)
• compute: promoted the ssl_policy field on the google_compute_region_target_https_proxy resource to GA. (#​15608)
• container: added enable_fqdn_network_policy field to google_container_cluster (#​15642)
• container: added node_config.confidential_compute field to google_container_node_pool resource (#​15662)
• datastream: made password in google_datastream_connection_profile not cause recreation of the resource. (#​15610)
• dialogflowcx: added response_type, channel, payload, conversation_success, output_audio_text, live_agent_handoff, play_audo, telephony_transfer_call, reprompt_event_handlers, set_parameter_actions, and conditional_cases fields to google_dialogflow_cx_page resource (#​15668)
• dialogflowcx: added response_type, channel, payload, conversation_success, output_audio_text, live_agent_handoff, play_audo, telephony_transfer_call, set_parameter_actions, and conditional_cases fields to google_dialogflow_cx_flow resource (#​15668)
• iam: added web_sso_config.additional_scopes field to google_iam_workforce_pool_provider resource under (#​15616)
• monitoring: added synthetic_monitor to google_monitoring_uptime_check_config resource (#​15623)
• provider: improved error message when resource creation fails to to invalid API response (#​15629)

BUG FIXES:

• cloudrunv2: changed template.volumes.secret.items.mode field in google_cloud_run_v2_job resource to a non-required field. (#​15638)
• cloudrunv2: changed template.volumes.secret.items.mode field in google_cloud_run_v2_service resource to a non-required field. (#​15638)
• filestore: fixed a bug causing permadiff on reserved_ip_range field in google_filestore_instance (#​15614)
• identityplatform: fixed a permadiff on authorized_domains in google_identity_platform_config resource (#​15607)

v4.80.0

Compare Source

DEPRECATIONS:

• dataplex: deprecated the following google_dataplex_datascan fields: dataProfileResult and dataQualityResult (#​15528)
• firebase: deprecated google_firebase_project_location in favor of google_firebase_storage_bucket and google_firestore_database (#​15526)

FEATURES:

• New Data Source: google_sql_database_instance_latest_recovery_time (#​15551)
• New Resource: google_certificate_manager_trust_config (#​15562)
• New Resource: google_compute_region_security_policy_rule (#​15523)
• New Resource: google_iam_deny_policy (#​15571)
• New Resource: google_bigquery_bi_reservation (#​15527)
• New Resource: google_gke_hub_feature_membership (#​15604)

IMPROVEMENTS:

• alloydb: added restore_backup_source and restore_continuous_backup_source fields to support restore feature in google_alloydb_cluster resource. (#​15580)
• artifactregistry: added cleanup_policies and cleanup_policy_dry_run fields to resource google_artifact_registry_repository (#​15561)
• clouddeploy: added multi_target to in google_clouddelploy_target (#​15564)
• compute: added security_policy field to google_compute_target_instance resource (beta) (#​15566)
• compute: added support for security_policy field to google_compute_target_pool (#​15569)
• compute: added support for user_defined_fields to google_compute_region_security_policy (#​15523)
• compute: added support for specifying regional disks for google_compute_instance boot_disk.source (#​15597)
• container: added additional_pod_ranges_config field to google_container_cluster resource (#​15600)
• containeraws: made config.labels updatable in google_container_aws_node_pool (#​15564)
• dataplex: added fields data_profile_spec.post_scan_actions, data_profile_spec.include_fields and data_profile_spec.exclude_fields (#​15545)
• dns: added support for removing the networks block from the configuration in the resource google_dns_response_policy (#​15557)
• firebase: added api_key_id field to google_firebase_web_app, google_firebase_android_app, and google_firebase_apple_app. (#​15577)
• sql: added psc_config , psc_service_attachment_link, and dns_name fields to google_sql_database_instance (#​15563)
• workstations: added enable_nested_virtualization field to google_workstations_workstation_config resource (#​15567)

BUG FIXES:

• bigquery: added support to unset policy tags in table schema (#​15547)
• bigtable: fixed permadiff in google_bigtable_gc_policy.gc_rules when max_age is specified using increments larger than hours (#​15595)
• bigtable: fixed permadiff in google_bigtable_gc_policy.gc_rules when mode is specified (#​15595)
• container: updated resource_container_cluster to ignore dns_config diff when enable_autopilot = true (#​15549)
• containerazure: added diff suppression for case changes of enum values in google_container_azure_cluster (#​15536)

v4.79.0

Compare Source

FEATURES:

• New Resource: google_backup_dr_management_server (#​15479)
• New Resource: google_compute_region_security_policy_rule (#​15523)

IMPROVEMENTS:

• cloudbuild: added git_file_source.bitbucket_server_config and source_to_build.bitbucket_server_config fields to google_cloudbuild_trigger resource (#​15475)
• cloudrunv2: added the following output only fields to google_cloud_run_v2_job and google_cloud_run_v2_service resources: create_time, update_time, delete_time, expire_time, creator and last_modifier (#​15502)
• composer: added config.private_environment_config.connection_type field to google_composer_environment resource (#​15460)
• compute: added disk.provisioned_iops field to google_compute_instance_template and google_compute_region_instance_template resources (#​15506)
• compute: added user_defined_fields field to google_compute_region_security_policy resource (#​15523)
• databasemigrationservice: added edition field to google_database_migration_service_connection_profile resource (#​15510)
• dns: allowed globalL7ilb value for the routing_policy.load_balancer_type field in google_dns_record_set resource (#​15521)
• healthcare: added default_search_handling_strict field to google_healthcare_fhir_store resource (#​15514)
• metastore: added scaling_config field to google_dataproc_metastore_service resource (#​15476)
• secretmanager: added version_aliases field to google_secret_manager_secret resource (#​15483)

BUG FIXES:

• alloydb: fixed a permadiff on google_alloydb_cluster when backup_window, enabled or location fields are unset (#​15444)
• containeraws: fixed permadiffs on google_container_aws_cluster and google_container_aws_node_pool resources (#​15491)
• dataplex: fixed a bug when importing google_dataplex_datascan after running a job (#​15468)
• dns: changed private_visibility_config.networks from required to requiring at least one of private_visibility_config.networks or private_visibility_config.gke_clusters in google_dns_managed_zone resource (#​15443)

v4.78.0

Compare Source

FEATURES:

• New Resource: google_billing_project_info (#​15400)
• New Resource: google_network_connectivity_service_connection_policy (#​15381)

IMPROVEMENTS:

• alloydb: added continuous_backup_config and continuous_backup_info fields to cluster resource (#​15370)
• bigquery: added external_data_configuration.file_set_spec_type to google_bigquery_table (#​15402)
• bigquery: added max_staleness to google_bigquery_table (#​15395)
• billingbudget: added resource_ancestors field to google_billing_budget resource (#​15393)
• cloudfunctions2: added support for GCF Gen2 CMEK (#​15385)
• cloudidentity: added field type to google_cloud_identity_group_memberships (#​15398)
• compute: added subnetwork field to the resource google_compute_global_forwarding_rule (#​15424)
• compute: added support for INTERNAL_MANAGED to the field load_balancing_scheme in the resource google_compute_backend_service (#​15424)
• compute: added support for INTERNAL_MANAGED to the field load_balancing_scheme in the resource google_compute_global_forwarding_rule (#​15424)
• compute: added support for ip_version to google_compute_forwarding_rule (#​15388)
• container: marked master_ipv4_cidr_block as not required when private_endpoint_subnetwork is provided for google_container_cluster (#​15422)
• container: added support for advanced_datapath_observability_config to google_container_cluster (#​15425)
• eventarc: added field event_data_content_type to google_eventarc_trigger (#​15433)
• healthcare: added send_previous_resource_on_delete field to notification_configs of google_healthcare_fhir_store (#​15380)
• pubsub: added cloud_storage_config field to google_pubsub_subscription resource (#​15420)
• secretmanager: added annotations field to google_secret_manager_secret resource (#​15392)

BUG FIXES:

• certificatemanager: added recreation behavior to the google_certificate_manager_certificate resource when its location changes (#​15432)
• cloudfunctions2: fixed creation failure state inconsistency in google_cloudfunctions2_function (#​15418)
• monitoring: updated evaluation_interval on condition_prometheus_query_language to be optional (#​15429)

v4.77.0

Compare Source

NOTES:

• vpcaccess: reverted the ability to update the number of instances for resource google_vpc_access_connector (#​15313)

FEATURES:

• New Resource: google_document_ai_warehouse_document_schema (#​15326)
• New Resource: google_document_ai_warehouse_location (#​15326)

IMPROVEMENTS:

• alloydb: added continuous_backup_config and continuous_backup_info fields to cluster resource (#​15370)
• cloudbuild: removed the validation function for the values of machine_type field on the google_cloudbuild_trigger resource (#​15357)
• compute: add future_limit in quota exceeded error details for compute resources. (#​15346)
• compute: added ipv6_endpoint_type and ip_version to google_compute_address (#​15358)
• compute: added local_ssd_recovery_timeout field to google_compute_instance resource (#​15366)
• compute: added local_ssd_recovery_timeout field to google_compute_instance_template resource (#​15366)
• compute: added network_interface.ipv6_access_config.external_ipv6_prefix_length to google_compute_instance (#​15358)
• compute: added network_interface.ipv6_access_config.name to google_compute_instance (#​15358)
• compute: added a new type GLOBAL_MANAGED_PROXY for the field purpose in the resource google_compute_subnetwork (#​15345)
• compute: added field instance_lifecycle_policy to google_compute_instance_group_manager and google_compute_region_instance_group_manager (#​15322)
• compute: added protocol type: UNSPECIFIED in google_compute_backend_service as per release note
  (#​15328)
• compute: made network_interface.ipv6_access_config.external_ipv6 configurable in google_compute_instance (#​15358)
• container: added enable_k8s_beta_apis.enabled_apis field to google_container_cluster (#​15320)
• container: added node_config.host_maintenance_policy field to google_container_cluster and google_container_node_pool (#​15347)
• container: added placement_policy.policy_name field to google_container_node_pool resource (#​15367)
• container: allowed enabled_private_endpoint to be settable on creation for PSC-based clusters (#​15361)
• container: unsuppressed private_cluster_config when master_global_access_config is set in google_container_cluster (#​15369)
• gkeonprem: added taint on failed resource creation for google_gkeonprem_bare_metal_admin_cluster (#​15362)
• gkeonprem: increased timeout for resources google_gkeonprem_bare_metal_cluster and google_gkeonprem_bare_metal_admin_cluster (#​15362)
• identityplayform: added support for blocking_functions quota and authorized_domains in google_identity_platform_config (#​15325)
• monitoring: added update support for period in google_monitoring_uptime_check_config (#​15315)
• pubsub: added no_wrapper field to google_pubsub_subscription resource (#​15334)

BUG FIXES:

• bigquery: fixed a bug in update support for several fields in google_bigquery_data_transfer_config (#​15359)
• cloudfunctions2: fixed an issue where google_cloudfunctions2_function.build_config.source.storage_source.generation created a diff when not set in config (#​15364)
• monitoring: fixed an issue in google_monitoring_monitored_project where project numbers were not accepted for name (#​15305)
• vpcaccess: reverted new behaviour introduced by resource google_vpc_access_connector in 4.75.0. min_throughput and max_throughput fields lost their default value, and customers could not make deployment due to that change. (#​15313)

v4.76.0

Compare Source

FEATURES:

• New Resource: google_compute_region_ssl_policy (#​15299)
• New Resource: google_dataplex_task (#​15226)
• New Resource: google_iap_web_region_backend_service_iam_binding (#​15285)
• New Resource: google_iap_web_region_backend_service_iam_member ([#​15285](ht

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[gcf-merge-on-green]

Merge-on-green attempted to merge your PR for 6 hours, but it was not mergeable because either one of your required status checks failed, one of your required reviews was not approved, or there is a do not merge label. Learn more about your required status checks here: https://help.github.com/en/github/administering-a-repository/enabling-required-status-checks. You can remove and reapply the label to re-run the bot.