Sourced from hashicorp/google's releases.
v5.0.0
KNOWN ISSUES:
- Updating some resources post-upgrade results in an error like "The update_mask in the Update{{Resource}}Request must be set". This should be resolved in
5.1.0
, see hashicorp/terraform-provider-google#16091 for details.Terraform Google Provider 5.0.0 Upgrade Guide
NOTES:
- provider: some provider default values are now shown at plan-time (#15707)
LABELS REWORK:
- provider: default labels configured on the provider through the new
default_labels
field are now supported. The default labels configured on the provider will be applied to all of the resources with standardlabels
field.- provider: resources with labels - three label-related fields are now in all of the resources with standard
labels
field.labels
field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-onlyterraform_labels
field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-onlyeffective_labels
field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.- provider: resources with annotations - two annotation-related fields are now in all of the resources with standard
annotations
field. Theannotations
field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-onlyeffective_annotations
field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.- provider: datasources with labels - three fields
labels
,terraform_labels
, andeffective_labels
are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent toeffective_labels
on the resource.- provider: datasources with annotations - both
annotations
andeffective_annotations
are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent toeffective_annotations
on the resource.BREAKING CHANGES:
- provider: added provider-level validation so these fields are not set as empty strings in a user's config:
credentials
,access_token
,impersonate_service_account
,project
,billing_project
,region
,zone
(#15968)- provider: fixed many import functions throughout the provider that matched a subset of the provided input when possible. Now, the GCP resource id supplied to "terraform import" must match exactly. (#15977)
- provider: made data sources return errors on 404s when applicable instead of silently failing (#15799)
- provider: made empty strings in the provider configuration block no longer be ignored when configuring the provider(#15968)
- accesscontextmanager: changed multiple array fields to sets where appropriate to prevent duplicates and fix diffs caused by server side reordering. (#15756)
- bigquery: added more input validations for
google_bigquery_table
schema (#15338)- bigquery: made
routine_type
required forgoogle_bigquery_routine
(#15517)- cloudfunction2: made
location
required ongoogle_cloudfunctions2_function
(#15830)- cloudiot: removed deprecated datasource
google_cloudiot_registry_iam_policy
(#15739)- cloudiot: removed deprecated resource
google_cloudiot_device
(#15739)- cloudiot: removed deprecated resource
google_cloudiot_registry
(#15739)- cloudiot: removed deprecated resource
google_cloudiot_registry_iam_*
(#15739)- cloudrunv2: removed deprecated field
liveness_probe.tcp_socket
fromgoogle_cloud_run_v2_service
resource. (#15430)- cloudrunv2: removed deprecated fields
startup_probe
andliveness_probe
fromgoogle_cloud_run_v2_job
resource. (#15430)- cloudrunv2: retyped
volumes.cloud_sql_instance.instances
to SET from ARRAY forgoogle_cloud_run_v2_service
(#15831)- compute: made
google_compute_node_group
require one ofinitial_size
orautoscaling_policy
fields configured upon resource creation (#16006)- compute: made
size
ingoogle_compute_node_group
an output only field. (#16006)- compute: removed default value for
rule.rate_limit_options.encorce_on_key
on resourcegoogle_compute_security_policy
(#15681)- compute: retyped
consumer_accept_lists
to a SET from an ARRAY type forgoogle_compute_service_attachment
(#15985)- container: added
deletion_protection
togoogle_container_cluster
which is enabled totrue
by default. When enabled, this field prevents Terraform from deleting the resource. (#16013)- container: changed
management.auto_repair
andmanagement.auto_upgrade
defaults to true ingoogle_container_node_pool
(#15931)- container: changed
networking_mode
default toVPC_NATIVE
for newly createdgoogle_container_cluster
resources (#6402)- container: removed
enable_binary_authorization
ingoogle_container_cluster
(#15868)- container: removed default for
logging_variant
ingoogle_container_node_pool
(#15931)- container: removed default value in
network_policy.provider
ingoogle_container_cluster
(#15920)- container: removed the behaviour that
google_container_cluster
will delete the cluster if it's created in an error state. Instead, it will mark the cluster as tainted, allowing manual inspection and intervention. To proceed with deletion, run anotherterraform apply
. (#15887)- container: reworked the
taint
field ingoogle_container_cluster
andgoogle_container_node_pool
to only manage a subset of taint keys based on those already in state. Most existing resources are unaffected, unless they usesandbox_config
- see upgrade guide for details. (#15959)- dataplex: removed
data_profile_result
anddata_quality_result
fromgoogle_dataplex_scan
(#15505)- firebase: changed
deletion_policy
default toDELETE
forgoogle_firebase_web_app
. (#15406)- firebase: removed
google_firebase_project_location
(#15764)- gameservices: removed Terraform support for
gameservices
(#15558)- logging: changed the default value of
unique_writer_identity
fromfalse
totrue
ingoogle_logging_project_sink
. (#15743)
... (truncated)
Sourced from hashicorp/google's changelog.
5.0.0 (Oct 2, 2023)
KNOWN ISSUES:
- Updating some resources post-upgrade results in an error like "The update_mask in the Update{{Resource}}Request must be set". This should be resolved in
5.1.0
, see hashicorp/terraform-provider-google#16091 for details.Terraform Google Provider 5.0.0 Upgrade Guide
NOTES:
- provider: some provider default values are now shown at plan-time (#15707)
LABELS REWORK:
- provider: default labels configured on the provider through the new
default_labels
field are now supported. The default labels configured on the provider will be applied to all of the resources with standardlabels
field.- provider: resources with labels - three label-related fields are now in all of the resources with standard
labels
field.labels
field is non-authoritative and only manages the labels defined by the users on the resource through Terraform. The new output-onlyterraform_labels
field merges the labels defined by the users on the resource through Terraform and the default labels configured on the provider. The new output-onlyeffective_labels
field lists all of labels present on the resource in GCP, including the labels configured through Terraform, the system, and other clients.- provider: resources with annotations - two annotation-related fields are now in all of the resources with standard
annotations
field. Theannotations
field is non-authoritative and only manages the annotations defined by the users on the resource through Terraform. The new output-onlyeffective_annotations
field lists all of annotations present on the resource in GCP, including the annotations configured through Terraform, the system, and other clients.- provider: datasources with labels - three fields
labels
,terraform_labels
, andeffective_labels
are now present in most resource-based datasources. All three fields have all of labels present on the resource in GCP including the labels configured through Terraform, the system, and other clients, equivalent toeffective_labels
on the resource.- provider: datasources with annotations - both
annotations
andeffective_annotations
are now present in most resource-based datasources. Both fields have all of annotations present on the resource in GCP including the annotations configured through Terraform, the system, and other clients, equivalent toeffective_annotations
on the resource.BREAKING CHANGES:
- provider: added provider-level validation so these fields are not set as empty strings in a user's config:
credentials
,access_token
,impersonate_service_account
,project
,billing_project
,region
,zone
(#15968)- provider: fixed many import functions throughout the provider that matched a subset of the provided input when possible. Now, the GCP resource id supplied to "terraform import" must match exactly. (#15977)
- provider: made data sources return errors on 404s when applicable instead of silently failing (#15799)
- provider: made empty strings in the provider configuration block no longer be ignored when configuring the provider(#15968)
- accesscontextmanager: changed multiple array fields to sets where appropriate to prevent duplicates and fix diffs caused by server side reordering. (#15756)
- bigquery: added more input validations for
google_bigquery_table
schema (#15338)- bigquery: made
routine_type
required forgoogle_bigquery_routine
(#15517)- cloudfunction2: made
location
required ongoogle_cloudfunctions2_function
(#15830)- cloudiot: removed deprecated datasource
google_cloudiot_registry_iam_policy
(#15739)- cloudiot: removed deprecated resource
google_cloudiot_device
(#15739)- cloudiot: removed deprecated resource
google_cloudiot_registry
(#15739)- cloudiot: removed deprecated resource
google_cloudiot_registry_iam_*
(#15739)- cloudrunv2: removed deprecated field
liveness_probe.tcp_socket
fromgoogle_cloud_run_v2_service
resource. (#15430)- cloudrunv2: removed deprecated fields
startup_probe
andliveness_probe
fromgoogle_cloud_run_v2_job
resource. (#15430)- cloudrunv2: retyped
volumes.cloud_sql_instance.instances
to SET from ARRAY forgoogle_cloud_run_v2_service
(#15831)- compute: made
google_compute_node_group
require one ofinitial_size
orautoscaling_policy
fields configured upon resource creation (#16006)- compute: made
size
ingoogle_compute_node_group
an output only field. (#16006)- compute: removed default value for
rule.rate_limit_options.encorce_on_key
on resourcegoogle_compute_security_policy
(#15681)- compute: retyped
consumer_accept_lists
to a SET from an ARRAY type forgoogle_compute_service_attachment
(#15985)- container: added
deletion_protection
togoogle_container_cluster
which is enabled totrue
by default. When enabled, this field prevents Terraform from deleting the resource. (#16013)- container: changed
management.auto_repair
andmanagement.auto_upgrade
defaults to true ingoogle_container_node_pool
(#15931)- container: changed
networking_mode
default toVPC_NATIVE
for newly createdgoogle_container_cluster
resources (#6402)- container: removed
enable_binary_authorization
ingoogle_container_cluster
(#15868)- container: removed default for
logging_variant
ingoogle_container_node_pool
(#15931)- container: removed default value in
network_policy.provider
ingoogle_container_cluster
(#15920)- container: removed the behaviour that
google_container_cluster
will delete the cluster if it's created in an error state. Instead, it will mark the cluster as tainted, allowing manual inspection and intervention. To proceed with deletion, run anotherterraform apply
. (#15887)- container: reworked the
taint
field ingoogle_container_cluster
andgoogle_container_node_pool
to only manage a subset of taint keys based on those already in state. Most existing resources are unaffected, unless they usesandbox_config
- see upgrade guide for details. (#15959)- dataplex: removed
data_profile_result
anddata_quality_result
fromgoogle_dataplex_scan
(#15505)- firebase: changed
deletion_policy
default toDELETE
forgoogle_firebase_web_app
. (#15406)- firebase: removed
google_firebase_project_location
(#15764)- gameservices: removed Terraform support for
gameservices
(#15558)
... (truncated)
c8e4c7e
5.0.0 changelog - GA (#16067)afd9812
add default labels to provider reference page (#9143) (#16079)52b2cf4
Edit pass on upgrade guide for 5.0.0 (#9142) (#16078)6dd1b48
5.0.0 upgrade guide reformatting (#9139) (#16071)b74282e
Fix lables tests and apply new models to alloydb resources (#9123) (#16068)e686cd6
Container wording tweaks (#9135) (#16066)6ca3656
missed iam resources in update (#9117) (#16051)68f2f75
make vpc-native clusters the default (for new clusters) (#9067) (#16050)43271af
Add more details to labels model in 5.0 guide (#9091) (#16045)060279c
Container cluster upgrade guide update (#9087) (#16041)