Features:
- New Data Source
google_compute_forwarding_rule
[GH-1078] - New Data Source
google_compute_vpn_gateway
[GH-1071] - New Resource
google_folder_iam_binding
[GH-1076] - New Resource
google_folder_iam_member
[GH-1076] - New Resource
google_project_usage_export_bucket
[GH-1080]
IMPROVEMENTS:
- compute: add support for updating alias ips in instances [GH-1084]
- compute: allow setting a route resource's
description
attribute [GH-1088] - container: Fail if the ip_allocation_policy doesn't specify secondary range names [GH-1065]
- sql: Support multiple users with the same name for different host for 1st gen SQL instances. [GH-1066]
Features:
- New Resource
google_cloudiot_registry
(#970) - New Resource
google_endpoints_service
(#933) - New Resource
google_storage_default_object_acl
(#992) - New Resource
google_storage_notification
(#1033)
IMPROVEMENTS:
- compute: Suppress diff if
guest_accelerators
count is 0 ingoogle_compute_instance
andgoogle_compute_instance_template
(#866) - compute: Add update support for machine type, min cpu platform, and service accounts (#1005)
- compute: Add import support for google_compute_shared_vpc_host_project/google_compute_shared_vpc_service_project resources (#1004)
- compute: Make route priority optional since Compute has a default value. (#1009)
- container: Suppress diff for empty/default provider in
google_container_cluster
network policy #1031 - container: Return an error if name and name prefix are specified in node pool (#1062)
- sql: Support for PostgreSQL high availability (#1001)
- sql: Support for ServerCaCert in Cloud SQL instance. (Related to #635)
- storage: Add support for setting bucket's logging config (#946)
BUG FIXES:
- project: Fix crash when errors are encountered updating a
google_project
(#1016) - logging: Set project during import for
google_logging_project_sink
to avoid recreation (#1018) - compute: Suppress diff on image field when referring to unconventional public image family naming pattern (#1024)
- compute: Backend service backed by a group couldn't be created or updated because both max_rate and max_rate_per_instance would always be set to zero and they can't be both set. (#1051)
- container: Fix perpetual diff in
google_container_cluster
if the subnetwork field is not specified (#1061)
FEATURES:
- New Resource:
google_cloudfunctions_function
(#899) - New Resource:
google_logging_organization_sink
(#923) - New Resource:
google_service_account_iam_binding
(#840) - New Resource:
google_service_account_iam_member
(#840) - New Resource:
google_service_account_iam_policy
(#840) - New Resource:
google_pubsub_topic_iam_binding
(#875) - New Resource:
google_pubsub_topic_iam_member
(#875) - New Resource:
google_pubsub_topic_iam_policy
(#875) - New Resource:
google_dataflow_job
(#855) - New Data Source:
google_compute_region_instance_group
(#851) - New Data Source:
google_container_cluster
(#740) - New Data Source:
google_kms_secret
(#741) - New Data Source:
google_billing_account
(#889) - New Data Source:
google_organization
(#887) - New Data Source:
google_container_registry_repository
(#954) - New Data Source:
google_container_registry_image
(#954)
IMPROVEMENTS:
- iam: Add support for import of IAM resources (project, folder, organizations, crypto keys, and key rings). (#835)
- compute: Add support for routing mode in compute network. (#838)
- compute: Add configurable create/update/delete timeouts to
google_compute_instance
(#856) - compute: Add configurable create/update/delete timeouts to
google_compute_subnetwork
(#871) - compute: Add update support for
routing_mode
ingoogle_compute_network
(#857) - compute: Add import support for
google_compute_instance
(#873) - compute: More descriptive error message for health check not found in
google_compute_target_pool
(#883) - compute: Add
disable_on_destroy
(default true) forgoogle_project_service
. (#965) - compute: Add update support for subnetwork IP CIDR range expansion (#945)
- compute: Read boot disk initialization params from API in
google_compute_instance
(#948) - container: Ensure operations on a cluster are applied serially (#937)
- container: Don't recreate container_cluster when maintenance_window changes (#893)
- dataproc: Add "internal IP only" support for Dataproc clusters (#837)
- dataproc: Support
self_link
from a different project in dataproc network and subnetwork fields (#935) - sourcerepo: Export new
url
field forgoogle_sourcerepo_repository
(#943) - folder: Support more format for
folder
field ingoogle_folder_organization_policy
(#963) - dns: Add import support to
google_dns_record_set
(#895) - all: Make provider-wide region optional (#916)
- all: Infers region from zone schema before using the provider-level region (#938)
- all: Upgrade terraform core to v0.11.2 (#940)
BUG FIXES:
- compute: Suppress diff for equivalent value in
google_compute_disk
image field (#884) - compute: Read IAP settings properly in
google_compute_backend_service
(#907) - compute: Fix bug causing a crash when specifying unknown network in
google_compute_network_peering
(#918) - compute: Fix failing update when changing
google_compute_health_check
type (#944) - compute: Fix bug blocking
google_compute_autoscaler
from containing multiple metrics. (#966) - container: Set default scopes when creating GKE clusters/node pools (#924)
- storage: Fix bug blocking the update of a storage object if its content is dynamic/interpolated (#848)
- storage: Fix bug preventing the removal of lifecycle rules for a
google_storage_bucket
(#850) - all: Fix bug causing a perpetual diff when using provider-default zone (#914)
FEATURES:
- New Data Source:
google_compute_image
(#128) - New Resource:
google_storage_bucket_iam_binding
(#822) - New Resource:
google_storage_bucket_iam_member
(#822)
IMPROVEMENTS:
- all: Add support for
zone
at the provider level, as a default for all zonal resources. (#816) - compute: Add support for
min_cpu_platform
togoogle_compute_instance_template
(#808) - compute: Add example for Shared VPC (aka cross-project networking, or XPN). (#810)
BUG FIXES:
- all: Fix bug that disallowed using file paths for credentials (#832)
- dns: Fix bug that broke NS records on subdomains (#807)
- bigquery: Fix bug causing a crash if the import id was invalid (#828)
FEATURES:
- New Resource:
google_folder_organization_policy
(#747) - New Resource:
google_kms_key_ring_iam_binding
(#781) - New Resource:
google_kms_key_ring_iam_member
(#781) - New Resource:
google_kms_crypto_key_iam_binding
(#781) - New Resource:
google_kms_crypto_key_iam_member
(#781) - New Resource:
google_project_custom_iam_role
(#709) - New Resource:
google_organization_custom_iam_role
(#735) - New Resource:
google_organization_iam_binding
(#775) - New Resource:
google_organization_iam_member
(#775) - New Resource:
google_dataproc_job
(#253) - New Data Source:
google_active_folder
(#738) - New Data Source:
google_compute_address
(#748) - New Data Source:
google_compute_global_address
(#759)
IMPROVEMENTS:
- compute: Add import support for
google_compute_ssl_certificates
(#678) - compute: Add import support for
google_compute_target_http_proxy
(#678) - compute: Add import support for
google_compute_target_https_proxy
(#678) - compute: Add partial import support for
google_compute_url_map
(#678) - compute: Add import support for
google_compute_backend_bucket
(#736) - compute: Add configurable timeouts for disks (#717)
- compute: Use v1 API now that all beta features are in GA for
google_compute_firewall
[#768] - compute: Add Alias IP and Guest Accelerator support to Instance Templates (#639)
- container: Relax diff on
daily_maintenance_window.start_time
forgoogle_container_cluster
(#726) - container: Allow node pools with size 0 (#752)
- container: Add support for
google_container_node_pool
management (#669) - container: Add container cluster network policy (#630)
- container: add support for ip aliasing in
google_container_cluster
(#654) - kms: Adds support for creating KMS CryptoKeys resources (#692)
- project: Add validation for
account_id
ingoogle_service_account
(#793) - storage: Detect file changes in
google_storage_bucket_object
when using source field (#789) - all: Consistently store the project and region fields value in state. (#784)
BUG FIXES:
- bigquery: Set UseLegacySql to true for compatibility with the BigQuery API (#724)
- compute: Fix perpetual diff with
next_hop_instance
field ingoogle_compute_route
(#716) - compute: Restore the
ipv4_range
field togoogle_compute_network
to support legacy VPCs (#805) - project: Fix timeout issue with project services (#737)
- sql: Fix perpetual diff with
authorized_networks
field ingoogle_sql_database_instance
(#733) - sql: give disk_autoresize a default in
google_sql_database_instance
(#806)
FEATURES:
- New Resource:
google_service_account_key
(#472) - New Resource:
google_kms_key_ring
(#518) - New Resource:
google_dataproc_cluster
(#252) - New Resource:
google_project_service
(#668)
IMPROVEMENTS:
- compute: Add import support for
google_compute_global_forwarding_rule
(#653) - compute: Add IAP support for backend services (#471)
- compute: Allow attaching and detaching disks from instances (#636)
- compute: Add support for source/target service accounts to
google_compute_firewall
(#681) - compute: Add
secondary_ip_range
support togoogle_compute_subnetwork
data source (#687) - compute: Add support for internal address (beta feature) in
google_compute_address
(#594) - compute: Add support to
google_compute_target_pool
for health checks self_link (#702) - container: Add support for CPU Platform in
google_container_node_pool
andgoogle_container_cluster
(#622) - container: Add support for Kubernetes alpha features (#646)
- container: Add support for master authorized networks in
google_container_cluster
(#626) - container: Add support for maintenance window on
google_container_cluster
(#670) - logging: Make
google_logging_project_sink
resource importable (#688) - project: Make
google_service_account
resource importable (#606) - project: Project is optional and default to the provider value in
google_project_iam_policy
(#691) - pubsub: Create a
google_pubsub_subscription
for a topic in a different project (#640) - storage: Add labels to
google_storage_bucket
(#652)
BUG FIXES:
- compute: Increase timeout for deleting networks (#662)
- compute: Fix disk migration bug with empty
initialize_params
block (#664) - compute: Update
google_compute_target_pool
to no longer have a plan/apply loop with instance URLs (#666) - container:
google_container_cluster.node_config.oauth_scopes
no longer need to be set alphabetically (#506) - dns:
google_dns_record_set
can now manage NS records (#359) - project: Set valid default
public_key_type
forgoogle_service_account_key
(#686)
FEATURES:
- New Resource:
google_compute_target_ssl_proxy
(#569) - New Data Source:
google_compute_lb_ip_ranges
(#567)
IMPROVEMENTS:
- compute: Make
boot_disk
required; remove checks around expected number of disks (#600) - compute: Allow setting boot and attached disk sources by name or self link (#605)
- container: Allow updating
google_container_cluster.monitoring_service
(#598) - container: Allow updating
google_container_cluster.addons_config
(#597) - project: Make
google_project_services
resource importable (#601)
BUG FIXES:
- compute: Fix import functionality in
google_compute_route
(#565) - compute: Migrate boot disk initialize params (#592)
FEATURES:
- New Resource:
google_logging_folder_sink
(#470) - New Resource:
google_organization_policy
(#523) - New Resource:
google_compute_target_tcp_proxy
(#528) - New Resource:
google_compute_region_autoscaler
(#544) - New Resources:
google_compute_shared_vpc_host_project
andgoogle_compute_shared_vpc_service_project
(#544)
IMPROVEMENTS:
- compute: Generate network link without calling network API in
google_compute_subnetwork
(#527) - compute: Generate network link without calling network API in
google_compute_vpn_gateway
andgoogle_compute_router
(#527) - compute: Add import support to
google_compute_target_tcp_proxy
(#534) - compute: Add labels support to
google_compute_instance_template
(#17) - compute:
google_vpn_tunnel
- Mark 'shared_secret' as sensitive (#561) - container: Allow disabling of Kubernetes Dashboard via
kubernetes_dashboard
addon (#433) - container: Merge the schemas and logic for the node pool resource and the node pool field in the cluster to aid in maintainability (#489)
- container: Add master_version to container cluster (#538)
- sql: Add new retry wrapper fn, retry sql database instance operations that commonly 503 (#417)
- pubsub:
push_config
field for agoogle_pubsub_subscription
is not updateable (#512)
BUG FIXES:
- compute: Fix bug in
google_compute_instance
preventing theassigned_nat_ip
field from ever getting assigned (#536) - compute: Fix bug in
google_compute_firewall
causing the beta APIs even if no beta features are used (#500) - compute: Fix bug in
google_network_peering
preventing creating a peering for a network outside the provider default project (#496) - compute: Fix BackendService group hash when instance groups use beta features (#522)
- compute: Make
disk.device_name
computed ingoogle_compute_instance_template
(#566) - dns: Error out if DNS zone is not found (#560)
- container: Fix crash when creating node pools with
name_prefix
or no name (#531) - container: Fix cluster version upgrades (#577)
BUG FIXES:
- compute: Fix bug that prevented the state migration for
google_compute_instance
from updating to use attached_disk, boot_disk, and scratch_disk. (#511) - compute: Fix bug causing a crash if the API returns an error on
google_compute_instance
creation (#556)
BACKWARDS INCOMPATIBILITIES / NOTES:
- compute: A state migration was added to convert
google_compute_instance.disk
fields into the correct one ofattached_disk
,boot_disk
, orscratch_disk
. This will lead to plan-time diffs for anyone still using thedisk
field. Please verify its results carefully and update configs appropriately. - container:
google_container_cluster.node_pool.initial_node_count
is now deprecated. Please replace withgoogle_container_cluster.node_pool.node_count
instead. (#331) - storage:
google_storage_bucket_acl
now sets the bucket ACL to whatever is in the config, correcting any drift. This means any permissions set automatically by GCP (e.g., project-viewers-* policies, etc.) will be removed unless they're added to your config. Also, theOWNER:project-owners-{project-id}
will never be deleted, as the API won't allow it. This is now correctly handled, and it is removed from state without being deleted in the API. (#358] [#439)
FEATURES:
- New Data Source:
google_client_config
(#385) - New Resource:
google_compute_region_instance_group_manager
(#394) - New Resource:
google_folder
(#416) - New Resource:
google_folder_iam_policy
(#447) - New Resource:
google_logging_project_sink
(#432) - New Resource:
google_logging_billing_account_sink
(#457)
IMPROVEMENTS:
- bigquery: Support Bigquery Views (#230)
- container: Add import support for
google_container_cluster
(#391) - container: Add support for resizing a node pool defined in
google_container_cluster
(#331) - container: Allow updating
google_container_cluster.logging_service
(#343) - container: Add support for 'node_config.preemptible' field on
google_container_cluster
(#341) - container: Allow min node counts of 0 for node pool autoscaling (#468)
- compute: Add support for 'labels' field on
google_compute_image
(#339) - compute: Add support for 'labels' field on
google_compute_disk
(#344) - compute: Add support for
labels
field ongoogle_compute_global_forwarding_rule
(#354) - compute: Add support for 'guest_accelerators' (GPU) on
google_compute_instance
(#330) - compute: Add support for 'priority' field on
google_compute_firewall
(#342) - compute:
google_compute_firewall
network field now supports self_link in addition of name (#477) - compute: Add support for 'min_cpu_platform' in
google_compute_instance
(#349) - compute: Add support for 'alias_ip_range' in
google_compute_instance
(#375) - compute: Add support for computed field 'instance_id' in
google_compute_instance
(#427) - compute: Improve import for
google_compute_address
to support multiple id formats. (#378) - compute: Add state migration from
disk
to boot_disk/scratch_disk/attached_disk (#329) - compute: Mark certificate as sensitive within
google_compute_ssl_certificate
(#490) - project: Add support for 'labels' field on
google_project
(#383) - project: Move a
google_project
in and out of a folder (#438) - pubsub: Add import support for
google_pubsub_topic
. (#392) - pubsub: Add import support for
google_pubsub_subscription
. (#456) - sql: Add support for
connection_name
ingoogle_sql_database_instance
(#387) - storage: Add support for versioning in
google_storage_bucket
(#381)
BUG FIXES:
- compute/sql: Fix a few instances where we read the project from the provider config and not using the helper function (#469)
- compute: Fix bug with CSEK where the key stored in state might be associated with the wrong disk (#327)
- compute: Fix bug where 'session_affinity' would get reset on
google_compute_backend_service
resource (#348) - sql: Fixed bug where ip_address elements were offset incorrectly (#352)
- sql: Fixed bug where default user on replica would cause an incorrect delete api call (#347)
- project: Fixed bug where deleting a project outside Terraform would cause
google_project
to fail. (#466) - pubsub: Fixed bug where
google_pubsub_subscription
did not read its state from the API. (#456)
BACKWARDS INCOMPATIBILITIES / NOTES:
- bigtable:
num_nodes
ingoogle_bigtable_instance
no longer defaults to3
; if you used that default, it will need to be explicitly set. (#313) - compute:
automatic_restart
andon_host_maintenance
have been removed fromgoogle_compute_instance_template
. Usescheduling.automatic_restart
orscheduling.on_host_maintenance
instead. (#224)
FEATURES:
- New Data Source:
google_compute_instance_group
(#267) - New Data Source:
google_dns_managed_zone
(#268) - New Resource:
google_compute_project_metadata_item
- allows management of single key/value pairs within the project metadata map (#176) - New Resource:
google_project_iam_binding
- allows fine-grained control of a project's IAM policy, controlling only a single binding. (#171) - New Resource:
google_project_iam_member
- allows fine-grained control of a project's IAM policy, controlling only a single member in a binding. (#171) - New Resource:
google_compute_network_peering
(#259) - New Resource:
google_runtimeconfig_config
- allows creating, updating and deleting Google RuntimeConfig resources (#315) - New Resource:
google_runtimeconfig_variable
- allows creating, updating, and deleting Google RuntimeConfig variables (#315) - New Resource:
google_sourcerepo_repository
- allows creating and deleting Google Source Repositories (#256) - New Resource:
google_spanner_instance
- allows creating, updating and deleting Google Spanner Instance (#270) - New Resource:
google_spanner_database
- allows creating, updating and deleting Google Spanner Database (#271)
IMPROVEMENTS:
- bigtable: Add support for
instance_type
togoogle_bigtable_instance
. (#313) - compute: Add import support for
google_compute_subnetwork
(#227) - compute: Add import support for
google_container_node_pool
(#284) - compute: Change google_container_node_pool ID format to zone/cluster/name to remove artificial restriction on node pool name across clusters (#304)
- compute: Add support for
auto_healing_policies
togoogle_compute_instance_group_manager
(#249) - compute: Add support for
ip_version
togoogle_compute_global_forwarding_rule
(#265) - compute: Add support for
ip_version
togoogle_compute_global_address
(#250) - compute: Add support for
subnetwork
as a self_link togoogle_compute_instance
. (#290) - compute: Add support for
secondary_ip_range
togoogle_compute_subnetwork
. (#310) - compute: Add support for multiple
network_interface
's togoogle_compute_instance
. (#289) - compute: Add support for
denied
togoogle_compute_firewall
(#282) - compute: Add support for egress traffic using
direction
togoogle_compute_firewall
(#306) - compute: When disks are created from snapshots, both snapshot names and URLs may be used (#238)
- container: Add support for node pool autoscaling (#157)
- container: Add NodeConfig support on
google_container_node_pool
(#184) - container: Add support for legacyAbac to
google_container_cluster
(#261) - container: Allow configuring node_config of node_pools specified in
google_container_cluster
(#299) - sql: Persist state from the API for
google_sql_database_instance
regardless of what attributes the user has set (#208) - storage: Buckets now can have lifecycle properties (#6)
BUG FIXES:
- bigquery: Fix type panic on expiration_time (#209)
- compute: Marked 'private_key' as sensitive (#220)
- compute: Fix disk type "Malformed URL" error on
google_compute_instance
boot disks (#275) - compute: Refresh
google_compute_autoscaler
using thezone
set in state instead of scanning for the first one with a matching name in the provider region. (#193) - compute:
google_compute_instance
readsscheduling
fields from GCP (#237) - compute: Fix bug where
scheduling.automatic_restart
set to false ongoogle_compute_instance_template
would force recreate (#224) - container: Fix error if
google_container_node_pool
deleted out of band (#293) - container: Fail when both name and name_prefix are set for node_pool in
google_container_cluster
(#296) - container: Allow upgrading GKE versions and provide better error message handling (#291)
BACKWARDS INCOMPATIBILITIES / NOTES:
google_sql_database_instance
: a limited number of fields will be read during import because of (#114)google_sql_database_instance
:name
,region
,database_version
, andmaster_instance_name
fields are now updated during a refresh and may display diffs
FEATURES:
IMPROVEMENTS:
- compute: Add
boot_disk
property togoogle_compute_instance
(#122) - compute: Add
scratch_disk
property togoogle_compute_instance
and deprecatedisk
(#123) - compute: Add
labels
property togoogle_compute_instance
(#150) - compute: Add import support for
google_compute_image
(#194) - compute: Add import support for
google_compute_https_health_check
(#213) - compute: Add import support for
google_compute_instance_group
(#201) - container: Add timeout support (#13203)
- container: Allow adding/removing zones to/from GKE clusters without recreating them (#152)
- project: Allow unlinking of billing account (#138)
- sql: Add support for importing
google_sql_database
(#12) - sql: Add support for importing
google_sql_database_instance
(#11) - sql: Add
charset
andcollation
properties togoogle_sql_database
(#183)
BUG FIXES:
- compute:
compute_firewall
will no longer display a perpetual diff ifsource_ranges
isn't set (#147) - compute: Fix read method + test/document import for
google_compute_health_check
(#155) - compute: Read named ports changes properly in
google_compute_instance_group
(#188) - compute:
google_compute_image
description
property can now be set [#199] - compute:
google_compute_target_https_proxy
will no longer display a diff if ssl certificates are referenced using only the path (#210)
BUG FIXES:
- compute: Restrict the number of health_checks in Backend Service resources to 1. (#145)
BACKWARDS INCOMPATIBILITIES / NOTES:
compute_disk.image
: shorthand for disk images is no longer supported, and will display a diff if used (#1)
IMPROVEMENTS:
- compute: Add support for importing
compute_backend_service
(#40) - compute: Wait for disk resizes to complete (#1)
- compute: Support
connection_draining_timeout_sec
ingoogle_compute_region_backend_service
(#101) - compute: Made
path_rule
optional ingoogle_compute_url_map
'spath_matcher
block (#118) - container: Add support for labels and tags on GKE node_config (#7)
- sql: Add an additional delay when checking for sql operations (#15170)
BUG FIXES: