Skip to content

chore(deps): update terraform aws to v6 #36

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): update terraform aws to v6 #36

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 30, 2025

This PR contains the following updates:

Package Type Update Change
aws (source) required_provider major >= 4.0, < 6.0.0 -> < 7.0.0

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.0.0

Compare Source

BREAKING CHANGES:

  • data-source/aws_ami: The severity of the diagnostic returned when most_recent is true and owner and image ID filter criteria has been increased to an error. Existing configurations which were previously receiving a warning diagnostic will now fail to apply. To prevent this error, set the owner argument or include a filter block with an image-id or owner-id name/value pair. To continue using unsafe filter values with most_recent set to true, set the new allow_unsafe_filter argument to true. This is not recommended. (#​42114)
  • data-source/aws_ecs_task_definition: Remove inference_accelerator attribute. Amazon Elastic Inference reached end of life on April, 2024. (#​42137)
  • data-source/aws_ecs_task_execution: Remove inference_accelerator_overrides attribute. Amazon Elastic Inference reached end of life on April, 2024. (#​42137)
  • data-source/aws_elbv2_listener_rule: The action.authenticate_cognito, action.authenticate_oidc, action.fixed_response, action.forward, action.forward.stickiness, action.redirect, condition.host_header, condition.http_header, condition.http_request_method, condition.path_pattern, condition.query_string, and condition.source_ip attributes are now list nested blocks instead of single nested blocks (#​42283)
  • data-source/aws_identitystore_user: filter has been removed (#​42325)
  • data-source/aws_launch_template: Remove elastic_inference_accelerator attribute. Amazon Elastic Inference reached end of life on April, 2024. (#​42137)
  • data-source/aws_launch_template: elastic_gpu_specifications has been removed (#​42312)
  • data-source/aws_opensearch_domain: kibana_endpoint has been removed (#​42268)
  • data-source/aws_opensearchserverless_security_config: saml_options is now a list nested block instead of a single nested block (#​42270)
  • data-source/aws_service_discovery_service: Remove tags_all attribute (#​42136)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_application resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_custom_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_ecs_cluster_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_ganglia_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_haproxy_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_instance resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_java_app_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_memcached_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_mysql_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_nodejs_app_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_permission resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_php_app_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_rails_app_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_rds_db_instance resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_stack resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_static_web_layer resource has been removed (#​41948)
  • provider: As the AWS OpsWorks Stacks service has reached End Of Life, the aws_opsworks_user_profile resource has been removed (#​41948)
  • provider: As the AWS SDK for Go v2 does not support Amazon SimpleDB the aws_simpledb_domain resource has been removed. Add a constraint to v5 of the Terraform AWS Provider for continued use of this resource (#​41775)
  • provider: As the AWS SDK for Go v2 does not support Amazon Worklink, the aws_worklink_fleet resource has been removed (#​42059)
  • provider: As the AWS SDK for Go v2 does not support Amazon Worklink, the aws_worklink_website_certificate_authority_association resource has been removed (#​42059)
  • provider: The aws_redshift_service_account resource has been removed. AWS recommends that a service principal name should be used instead of an AWS account ID in any relevant IAM policy (#​41941)
  • provider: The endpoints.iotanalytics and endpoints.iotevents configuration arguments have been removed (#​42703)
  • provider: The endpoints.opsworks configuration argument has been removed (#​41948)
  • provider: The endpoints.simpledb and endpoints.sdb configuration arguments have been removed (#​41775)
  • provider: The endpoints.worklink configuration argument has been removed (#​42059)
  • resource/aws_accessanalyzer_archive_rule: filter.exists now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_alb_target_group: preserve_client_ip now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_api_gateway_account: The reset_on_delete argument has been removed (#​42226)
  • resource/aws_api_gateway_deployment: Remove canary_settings, execution_arn, invoke_url, stage_description, and stage_name arguments. Instead, use the aws_api_gateway_stage resource to manage stages. (#​42249)
  • resource/aws_batch_compute_environment: Rename compute_environment_name to name
    resource/aws_batch_compute_environment: Rename compute_environment_name_prefix to name_prefix (#​38050)
  • resource/aws_batch_compute_environment_data_source: Rename compute_environment_name to name (#​38050)
  • resource/aws_batch_job_queue: Remove deprecated parameter compute_environments in place of compute_environment_order (#​40751)
  • resource/aws_bedrock_model_invocation_logging_configuration: logging_config, logging_config.cloudwatch_config, logging_config.cloudwatch_config.large_data_delivery_s3_config, and logging_config.s3_config are now list nested blocks instead of single nested blocks (#​42307)
  • resource/aws_cloudfront_key_value_store: Attribute id is now set to remote object's Id instead of name (#​42230)
  • resource/aws_cloudfront_response_headers_policy: The etag argument is now computed only (#​38448)
  • resource/aws_cloudtrail_event_data_store: suspend now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_cognito_user_in_group: The id attribute is now a comma-delimited string concatenating the user_pool_id, group_name, and username arguments (#​34082)
  • resource/aws_cur_report_definition: The s3_prefix argument is now required (#​38446)
  • resource/aws_db_instance: character_set_name now cannot be set with replicate_source_db, restore_to_point_in_time, s3_import, or snapshot_identifier. (#​42348)
  • resource/aws_dms_endpoint: Remove s3_settings attribute. Use aws_dms_s3_endpoint instead (#​42379)
  • resource/aws_dx_gateway_association: vpn_gateway_id has been removed (#​42323)
  • resource/aws_ec2_spot_instance_fleet: terminate_instances_on_delete now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_ec2_spot_instance_request: Remove block_duration_minutes attribute (#​42060)
  • resource/aws_ecs_task_definition: Remove inference_accelerator attribute. Amazon Elastic Inference reached end of life on April, 2024. (#​42137)
  • resource/aws_eip: vpc has been removed. Use domain instead. (#​42340)
  • resource/aws_eks_addon: resolve_conflicts has been removed. Use resolve_conflicts_on_create and resolve_conflicts_on_update instead. (#​42318)
  • resource/aws_elasticache_cluster: auto_minor_version_upgrade now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_elasticache_replication_group: at_rest_encryption_enabled and auto_minor_version_upgrade now only accept one of "" (empty string), true, or false (#​42434)
  • resource/aws_elasticache_replication_group: auth_token_update_strategy no longer has a default value. If auth_token is set, auth_token_update_strategy must also be explicitly configured. (#​42336)
  • resource/aws_evidently_feature: variations.value.bool_value now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_flow_log: log_group_name has been removed. Use log_destination instead. (#​42333)
  • resource/aws_globalaccelerator_accelerator: The id attribute is now computed only (#​42097)
  • resource/aws_guardduty_detector: Deprecates datasources. Use aws_guardduty_detector_feature resources instead. (#​42436)
  • resource/aws_guardduty_organization_configuration: The auto_enable attribute has been removed (#​42251)
  • resource/aws_identitystore_group: filter has been removed (#​42325)
  • resource/aws_imagebuilder_container_recipe: instance_configuration.block_device_mapping.ebs.delete_on_termination and instance_configuration.block_device_mapping.ebs.encrypted now only accept one of "" (empty string), true, or false (#​42434)
  • resource/aws_imagebuilder_image_recipe: block_device_mapping.ebs.delete_on_termination and block_device_mapping.ebs.encrypted now only accept one of "" (empty string), true, or false (#​42434)
  • resource/aws_instance: Remove cpu_core_count and cpu_threads_per_core. Instead, use cpu_options. (#​42280)
  • resource/aws_instance: user_data now displays cleartext instead of a hash. Base64 encoded content should use user_data_base64 instead. (#​42078)
  • resource/aws_launch_template: block_device_mappings.ebs.delete_on_termination, block_device_mappings.ebs.encrypted, ebs_optimized, network_interfaces.associate_carrier_ip_address, network_interfaces.associate_public_ip_address, network_interfaces.delete_on_termination, and network_interfaces.primary_ipv6 now only accept one of "" (empty string), true, or false (#​42434)
  • resource/aws_launch_template: Remove elastic_inference_accelerator attribute. Amazon Elastic Inference reached end of life on April, 2024. (#​42137)
  • resource/aws_launch_template: elastic_gpu_specifications has been removed (#​42312)
  • resource/aws_lb_listener: mutual_authentication attributes advertise_trust_store_ca_names, ignore_client_certificate_expiry, and trust_store_arn are only valid if mode is verify (#​42326)
  • resource/aws_lb_target_group: preserve_client_ip now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_mq_broker: logs.audit now only accepts one of "" (empty string), true, or false (#​42434)
  • resource/aws_networkmanager_core_network: The base_policy_region argument has been removed. Use base_policy_regions instead. (#​38398)
  • resource/aws_opensearch_domain: kibana_endpoint has been removed (#​42268)
  • resource/aws_opensearchserverless_security_config: saml_options is now a list nested block instead of a single nested block (#​42270)
  • resource/aws_paymentcryptography_key: key_attributes and key_attributes.key_modes_of_use are now list nested blocks instead of single nested blocks. (#​42264)
  • resource/aws_quicksight_data_set: tags_all has been removed (#​42260)
  • resource/aws_redshift_cluster: Attributes cluster_public_key, cluster_revision_number, and endpoint are now read only and should not be set (#​42119)
  • resource/aws_redshift_cluster: The logging attribute has been removed (#​42013)
  • resource/aws_redshift_cluster: The publicly_accessible attribute now defaults to false (#​41978)
  • resource/aws_redshift_cluster: The snapshot_copy attribute has been removed (#​41995)
  • resource/aws_rekognition_stream_processor: regions_of_interest.bounding_box is now a list nested block instead of a single nested block (#​41380)
  • resource/aws_resiliencehub_resiliency_policy: policy, policy.az, policy.hardware, policy.software, and policy.region are now list nested blocks instead of single nested blocks (#​42297)
  • resource/aws_sagemaker_app_image_config: Exactly one code_editor_app_image_config, jupyter_lab_image_config, or kernel_gateway_image_config block must be configured (#​42753)
  • resource/aws_sagemaker_image_version: id is now a comma-delimited string concatenating image_name and version (#​42536)
  • resource/aws_sagemaker_notebook_instance: Remove accelerator_types from your configuration—it no longer exists. Instead, use instance_type to use Inferentia. (#​42099)
  • resource/aws_ssm_association: Remove instance_id argument (#​42224)
  • resource/aws_verifiedpermissions_schema: definition is now a list nested block instead of a single nested block (#​42305)
  • resource/aws_wafv2_web_acl: rule.statement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_bot_control_rule_set.enable_machine_learning now defaults to false (#​39858)

NOTES:

  • data-source/aws_cloudtrail_service_account: This data source is deprecated. AWS recommends using a service principal name instead of an AWS account ID in any relevant IAM policy. (#​42320)
  • data-source/aws_kms_secret: This data source will be removed in a future version (#​42524)
  • data-source/aws_region: The name attribute has been deprecated. All configurations using name should be updated to use the region attribute instead (#​42131)
  • data-source/aws_s3_bucket: Add bucket_region attribute. Use of the bucket_region attribute instead of the region attribute is encouraged (#​42014)
  • data-source/aws_servicequotas_templates: The region attribute has been deprecated. All configurations using region should be updated to use the aws_region attribute instead (#​42131)
  • data-source/aws_ssmincidents_replication_set: The region attribute has been deprecated. All configurations using region should be updated to use the regions attribute instead (#​42014)
  • data-source/aws_vpc_endpoint_service: The region attribute has been deprecated. All configurations using region should be updated to use the service_region attribute instead (#​42014)
  • data-source/aws_vpc_peering_connection: The region attribute has been deprecated. All configurations using region should be updated to use the requester_region attribute instead (#​42014)
  • provider: Support for the global S3 endpoint is deprecated, along with the s3_us_east_1_regional_endpoint argument. The ability to use the global S3 endpoint will be removed in v7.0.0. (#​42375)
  • resource/aws_cloudformation_stack_set_instance: The region attribute has been deprecated. All configurations using region should be updated to use the stack_set_instance_region attribute instead (#​42014)
  • resource/aws_codeconnections_host: Deprecates id in favor of arn (#​42232)
  • resource/aws_config_aggregate_authorization: The region attribute has been deprecated. All configurations using region should be updated to use the authorized_aws_region attribute instead (#​42014)
  • resource/aws_dx_hosted_connection: The region attribute has been deprecated. All configurations using region should be updated to use the connection_region attribute instead (#​42014)
  • resource/aws_elasticache_replication_group: The ability to provide an uppercase engine value is deprecated (#​42419)
  • resource/aws_elasticache_user: The ability to provide an uppercase engine value is deprecated (#​42419)
  • resource/aws_elasticache_user_group: The ability to provide an uppercase engine value is deprecated (#​42419)
  • resource/aws_elastictranscoder_pipeline: This resource is deprecated. Use AWS Elemental MediaConvert instead. (#​42313)
  • resource/aws_elastictranscoder_preset: This resource is deprecated. Use AWS Elemental MediaConvert instead. (#​42313)
  • resource/aws_evidently_feature: This resource is deprecated. Use AWS AppConfig feature flags instead. (#​42227)
  • resource/aws_evidently_launch: This resource is deprecated. Use AWS AppConfig feature flags instead. (#​42227)
  • resource/aws_evidently_project: This resource is deprecated. Use AWS AppConfig feature flags instead. (#​42227)
  • resource/aws_evidently_segment: This resource is deprecated. Use AWS AppConfig feature flags instead. (#​42227)
  • resource/aws_guardduty_organization_configuration: datasources now returns a deprecation warning (#​42251)
  • resource/aws_kinesis_analytics_application: Effective January 27, 2026, AWS will no longer support Kinesis Data Analytics for SQL. This resource is deprecated and will be removed in a future version. Use the aws_kinesisanalyticsv2_application resource instead (#​42102)
  • resource/aws_media_store_container: This resource is deprecated. It will be removed in a future version. Use S3, AWS MediaPackage, or other storage solution instead. (#​42265)
  • resource/aws_media_store_container_policy: This resource is deprecated. It will be removed in a future version. Use S3, AWS MediaPackage, or other storage solution instead. (#​42265)
  • resource/aws_redshift_cluster: The default value of encrypted is now true to match the AWS API. (#​42631)
  • resource/aws_s3_bucket: Add bucket_region attribute. Use of the bucket_region attribute instead of the region attribute is encouraged (#​42014)
  • resource/aws_service_discovery_service: health_check_custom_config.failure_threshold is deprecated. The argument is no longer supported by AWS and is always set to 1 (#​40777)
  • resource/aws_servicequotas_template: The region attribute has been deprecated. All configurations using region should be updated to use the aws_region attribute instead (#​42131)
  • resource/aws_ssmincidents_replication_set: The region attribute has been deprecated. All configurations using region should be updated to use the regions attribute instead (#​42014)

ENHANCEMENTS:

  • data-source/aws_ami: Add allow_unsafe_filter argument (#​42114)
  • data-source/aws_availability_zone: Add group_long_name attribute (#​42014)
  • data-source/aws_availability_zone: Mark region as Optional, allowing a value to be configured (#​42014)
  • resource/aws_auditmanager_assessment: Add plan-time validation of roles.role_arn and roles.role_type (#​42131)
  • provider: Add enhanced region support to most resources, data sources, and ephemeral resources, allowing per-resource Region targeting without requiring multiple provider configurations. See the Enhanced Region Support guide for more information. (#​43075)
  • resource/aws_auditmanager_control: Add plan-time validation of control_mapping_sources.source_frequency, control_mapping_sources.source_set_up_option, and control_mapping_sources.source_type (#​42131)
  • resource/aws_auditmanager_framework_share: Add plan-time validation of destination_account (#​42741)
  • resource/aws_auditmanager_organization_admin_account_registration: Add plan-time validation of admin_account_id (#​42741)
  • resource/aws_cognito_user_in_group: Add import support (#​34082)
  • resource/aws_ecs_service: Add arn attribute (#​42733)
  • resource/aws_guardduty_detector: Adds validation to finding_publishing_frequency. (#​42436)
  • resource/aws_lb_listener: mutual_authentication attribute trust_store_arn is required if mode is verify (#​42326)
  • resource/aws_quicksight_iam_policy_assignment: Add plan-time validation of policy_arn (#​42131)
  • resource/aws_sagemaker_image_version: Add aliases argument (#​42610)
  • resource/aws_securitylake_subscriber: Add plan-time validation of access_type source.aws_log_source_resource.source_name, and subscriber_identity.external_id (#​42131)

BUG FIXES:

  • resource/aws_auditmanager_control: Fix Provider produced inconsistent result after apply errors (#​42131)
  • resource/aws_redshift_cluster: Fixes permanent diff when encrypted is not explicitly set to true. (#​42631)
  • resource/aws_rekognition_stream_processor: Fix regions_of_interest.bounding_box and regions_of_interest.polygon argument validation (#​41380)
  • resource/aws_sagemaker_image_version: Read the correct image version after creation rather than always fetching the latest (#​42536)
  • resource/aws_securitylake_subscriber: Change access_type to ForceNew (#​42131)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jun 30, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@mergify mergify bot added auto-update This PR was automatically generated needs-test Needs testing labels Jun 30, 2025
@cloudposse-releaser cloudposse-releaser bot enabled auto-merge June 30, 2025 12:22
@goruha goruha closed this Jun 30, 2025
auto-merge was automatically disabled June 30, 2025 12:28

Pull request was closed

@goruha goruha deleted the renovate/aws-6.x branch June 30, 2025 12:28
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jun 30, 2025

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 6.x releases. But if you manually upgrade to 6.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cloudpossebot cloudpossebot cloudpossebot approved these changes

Assignees
No one assigned
Labels
auto-update This PR was automatically generated needs-test Needs testing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cloudpossebot @goruha