chore(deps): update terraform aws to v6.30.0 #70

Merged

renovate-bot merged 1 commit from renovate/aws-6.x into main 2026-01-31 00:07:55 +00:00

Conversation 0 Commits 1 Files changed 1 +1 -1

renovate-bot commented 2026-01-31 00:07:54 +00:00

Member

Copy link

This PR contains the following updates:

Package	Type	Update	Change
aws (source)	required_provider	minor	6.28.0 → 6.30.0

---

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.30.0

Compare Source

FEATURES:

• New Resource: aws_ssoadmin_managed_policy_attachments_exclusive (#​46176)

BUG FIXES:

• resource/aws_dynamodb_table: Fix panic when global_secondary_index or global_secondary_index.key_schema are dynamic (#​46195)

v6.29.0

Compare Source

NOTES:

• data-source/aws_organizations_organization: Add return_organization_only argument to return only the results of the DescribeOrganization API and avoid API limits (#​40884)
• resource/aws_cloudfront_anycast_ip_list: Because we cannot easily test all this functionality, it is best effort and we ask for community help in testing (#​43331)
• resource/aws_invoicing_invoice_unit: Deprecates region attribute, as the resource is global. (#​46185)
• resource/aws_organizations_organization: Add return_organization_only argument to return only the results of the DescribeOrganization API and avoid API limits (#​40884)
• resource/aws_savingsplans_savings_plan: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#​45834)

FEATURES:

• New Data Source: aws_arcregionswitch_plan (#​43781)
• New Data Source: aws_arcregionswitch_route53_health_checks (#​43781)
• New Data Source: aws_organizations_entity_path (#​45890)
• New Data Source: aws_resourcegroupstaggingapi_required_tags (#​45994)
• New Data Source: aws_s3_bucket_object_lock_configuration (#​45990)
• New Data Source: aws_s3_bucket_replication_configuration (#​42662)
• New Data Source: aws_s3control_access_points (#​45949)
• New Data Source: aws_s3control_multi_region_access_points (#​45974)
• New Data Source: aws_savingsplans_savings_plan (#​45834)
• New Data Source: aws_wafv2_managed_rule_group (#​45899)
• New List Resource: aws_appflow_connector_profile (#​45983)
• New List Resource: aws_appflow_flow (#​45980)
• New List Resource: aws_cleanrooms_collaboration (#​45953)
• New List Resource: aws_cleanrooms_configured_table (#​45956)
• New List Resource: aws_cloudfront_key_value_store (#​45957)
• New List Resource: aws_opensearchserverless_collection (#​46001)
• New List Resource: aws_route53_record (#​46059)
• New List Resource: aws_s3_bucket (#​46004)
• New List Resource: aws_s3_object (#​46002)
• New List Resource: aws_security_group (#​46062)
• New Resource: aws_apigatewayv2_routing_rule (#​42961)
• New Resource: aws_arcregionswitch_plan (#​43781)
• New Resource: aws_cloudfront_anycast_ip_list (#​43331)
• New Resource: aws_notifications_managed_notification_account_contact_association (#​45185)
• New Resource: aws_notifications_managed_notification_additional_channel_association (#​45186)
• New Resource: aws_notifications_organizational_unit_association (#​45197)
• New Resource: aws_notifications_organizations_access (#​45273)
• New Resource: aws_opensearch_application (#​43822)
• New Resource: aws_ram_permission (#​44114)
• New Resource: aws_ram_resource_associations_exclusive (#​45883)
• New Resource: aws_sagemaker_labeling_job (#​46041)
• New Resource: aws_sagemaker_model_card (#​45993)
• New Resource: aws_sagemaker_model_card_export_job (#​46009)
• New Resource: aws_savingsplans_savings_plan (#​45834)
• New Resource: aws_sesv2_tenant_resource_association (#​45904)
• New Resource: aws_vpc_security_group_rules_exclusive (#​45876)

ENHANCEMENTS:

• aws_api_gateway_domain_name: Add routing_mode argument to support dynamic routing via routing rules (#​42961)
• aws_apigatewayv2_domain_name: Add routing_mode argument to support dynamic routing via routing rules (#​42961)
• data-source/aws_batch_job_definition: Add allow_privilege_escalation attribute to eks_properties.pod_properties.containers.security_context (#​45896)
• data-source/aws_dynamodb_table: Add global_secondary_index.key_schema attribute (#​46157)
• data-source/aws_networkmanager_core_network_policy_document: Add segment_actions.routing_policy_names argument (#​45928)
• data-source/aws_s3_object: Add body_base64 and download_body attributes. For improved performance, set download_body = false to ensure bodies are never downloaded (#​46163)
• data-source/aws_vpc_ipam_pool: Add source_resource attribute (#​44705)
• resource/aws_batch_job_definition: Add allow_privilege_escalation attribute to eks_properties.pod_properties.containers.security_context (#​45896)
• resource/aws_bedrockagent_data_source: Add vector_ingestion_configuration.parsing_configuration.bedrock_data_automation_configuration block (#​45966)
• resource/aws_bedrockagent_data_source: Add vector_ingestion_configuration.parsing_configuration.bedrock_foundation_model_configuration.parsing_modality argument (#​46056)
• resource/aws_docdb_cluster_instance: Add certificate_rotation_restart argument (#​45984)
• resource/aws_dynamodb_table: Add support for multi-attribute keys in global secondary indexes. Introduces hash_keys and range_keys to the gsi block and makes hash_key optional for backwards compatibility. (#​45357)
• resource/aws_dynamodb_table: Adds warning when stream_view_type is set and stream_enabled is either false or unset. (#​45934)
• resource/aws_ecr_account_setting: Add support for BLOB_MOUNTING account setting name with ENABLED and DISABLED values (#​46092)
• resource/aws_fsx_windows_file_system: Add domain_join_service_account_secret argument to self_managed_active_directory configuration block (#​45852)
• resource/aws_fsx_windows_file_system: Change self_managed_active_directory.password to Optional and self_managed_active_directory.username to Optional and Computed (#​45852)
• resource/aws_invoicing_invoice_unit: Adds resource identity support. (#​46185)
• resource/aws_invoicing_invoice_unit: Adds validation to restrict rules to a single element. (#​46185)
• resource/aws_lambda_function: Increase upper limit of memory_size from 10240 MB to 32768 MB (#​46065)
• resource/aws_launch_template: Add network_performance_options argument (#​46071)
• resource/aws_odb_network: Enhancements to support KMS and STS parameters in CreateOdbNetwork and UpdateOdbNetwork. (#​45636)
• resource/aws_opensearchserverless_collection: Add resource identity support (#​45981)
• resource/aws_osis_pipeline: Updates pipeline_configuration_body maximum length validation to 2,621,440 bytes to align with AWS API specification. (#​44881)
• resource/aws_sagemaker_endpoint: Retry IAM eventual consistency errors on Create (#​45951)
• resource/aws_sagemaker_monitoring_schedule: Add monitoring_schedule_config.monitoring_job_definition argument (#​45951)
• resource/aws_sagemaker_monitoring_schedule: Make monitoring_schedule_config.monitoring_job_definition_name argument optional (#​45951)
• resource/aws_vpc_ipam_pool: Add source_resource argument in support of provisioning of VPC Resource Planning Pools (#​44705)
• resource/aws_vpc_ipam_resource_discovery: Add organizational_unit_exclusion argument (#​45890)
• resource/aws_vpc_subnet: Add ipv4_ipam_pool_id, ipv4_netmask_length, ipv6_ipam_pool_id, and ipv6_netmask_length arguments in support of provisioning of subnets using IPAM (#​44705)
• resource/aws_vpc_subnet: Change ipv6_cidr_block to Optional and Computed (#​44705)

BUG FIXES:

• data-source/aws_ecr_lifecycle_policy_document: Add rule.action.target_storage_class and rule.selection.storage_class to JSON serialization (#​45909)
• data-source/aws_lakeformation_permissions: Remove incorrect validation from catalog_id, data_location.catalog_id, database.catalog_id, lf_tag_policy.catalog_id, table.catalog_id, and table_with_columns.catalog_id arguments (#​43931)
• data-source/aws_networkmanager_core_network_policy_document: Fix panic when attachment_routing_policy_rules.action.associate_routing_policies is empty (#​46160)
• provider: Fix crash when using custom S3 endpoints with non-standard region strings (e.g., S3-compatible storage like Ceph or MinIO) (#​46000)
• provider: When importing resources with region defined, in AWS European Sovereign Cloud, prevent failing due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
• resource/aws_athena_workgroup: Fix error when removing configuration.result_configuration.encryption_configuration argument (#​46159)
• resource/aws_bcmdataexports_export: Fix Provider produced inconsistent result after apply error when querying CARBON_EMISSIONS table without table_configurations (#​45972)
• resource/aws_bedrock_inference_profile: Fixed forced replacement following import when model_source is set (#​45713)
• resource/aws_billing_view: Fix handling of data_filter_expression (#​45293)
• resource/aws_cloudformation_stack_set: Fix perpetual diff when using auto_deployment with permission_model set to SERVICE_MANAGED (#​45992)
• resource/aws_cloudfront_distribution: Fix runtime error: invalid memory address or nil pointer dereference panic when mistakenly importing a multi-tenant distribution (#​45873)
• resource/aws_cloudfront_distribution: Prevent mistakenly importing a multi-tenant distribution (#​45873)
• resource/aws_cloudfront_multitenant_distribution: Fix "specified origin server does not exist or is not valid" errors when attempting to use Origin Access Control (OAC) (#​45977)
• resource/aws_cloudfront_multitenant_distribution: Fix origin_group to use correct id attribute name and fix field mapping to resolve missing required field errors (#​45921)
• resource/aws_cloudwatch_event_rule: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
• resource/aws_config_configuration_recorder: Fix InvalidRecordingGroupException: The recording group provided is not valid errors when the recording_group.exclusion_by_resource_type or recording_group.recording_strategy argument is removed during update (#​46110)
• resource/aws_datazone_environment_profile: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
• resource/aws_dynamodb_table: Fix perpetual diff for warm_throughput in global_secondary_index when not set in configuration. (#​46094)
• resource/aws_dynamodb_table: Fixes error when name is known after apply (#​45917)
• resource/aws_eks_cluster: Fix kubernetes_network_config argument name in EKS Auto Mode validation error message (#​45997)
• resource/aws_emrserverless_application: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
• resource/aws_lakeformation_permissions: Remove incorrect validation from catalog_id, data_location.catalog_id, database.catalog_id, lf_tag_policy.catalog_id, table.catalog_id, and table_with_columns.catalog_id arguments (#​43931)
• resource/aws_lambda_event_source_mapping: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
• resource/aws_lambda_invocation: Fix panic when deleting or replacing resource with empty input in CRUD lifecycle scope (#​45967)
• resource/aws_lambda_permission: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
• resource/aws_lb_target_group: Fix update error when switching health_check.protocol from HTTP to TCP when protocol is TCP (#​46036)
• resource/aws_multitenant_cloudfront_distribution: Prevent mistakenly importing a standard distribution (#​45873)
• resource/aws_networkfirewall_firewall_policy: Support partner-managed rule groups via firewall_policy.stateful_rule_group_reference.resource_arn (#​46124)
• resource/aws_odb_network: Fix delete_associated_resources being set when value is unknown (#​45636)
• resource/aws_pipes_pipe: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "[a-z]{2}-" (#​45895)
• resource/aws_placement_group: Correct validation of partition_count (#​45042)
• resource/aws_rds_cluster: Properly set iam_database_authentication_enabled when restored from snapshot (#​39461)
• resource/aws_redshift_cluster: Changing port now works. (#​45870)
• resource/aws_redshiftserverless_workgroup: Fix ValidationException: Base capacity cannot be updated when PerformanceTarget is Enabled error when updating price_performance_target and base_capacity (#​46137)
• resource/aws_route53_health_check: Mark regions argument as Computed to fix an unexpected regions diff when it is not specified (#​45829)
• resource/aws_route53_zone: Fix InvalidChangeBatch errors during ForceNew operations when zone name changes (#​45242)
• resource/aws_route53_zone: Fixes error where Delete would fail if the remote resource had already been deleted. (#​45985)
• resource/aws_route53profiles_resource_association: Fix Invalid JSON String Value error on initial apply and ConflictException on subsequent apply when associating Route53 Resolver Query Log Configs (#​45958)
• resource/aws_route53recoverycontrolconfig_control_panel: Fix crash when create returns an error (#​45954)
• resource/aws_s3_bucket: Fix bucket creation with tags in non-commercial AWS regions by handling UnsupportedArgument errors during tag-on-create operations (#​46122)
• resource/aws_s3_bucket: Fix tag read and update operations in non-commercial AWS regions by handling MethodNotAllowed errors when S3 Control APIs are unavailable (#​46122)
• resource/aws_servicecatalog_portfolio_share: Support organization and OU IDs in addition to ARNs for GovCloud compatibility (#​39863)
• resource/aws_subnet: Mark ipv6_cidr_block as ForceNew when the existing IPv6 subnet was created with assign_ipv6_address_on_create = true (#​46043)
• resource/aws_vpc_endpoint: Fix persistent diffs caused by case differences in ip_address_type (#​45947)

---

Configuration

📅 Schedule: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [aws](https://registry.terraform.io/providers/hashicorp/aws) ([source](https://github.com/hashicorp/terraform-provider-aws)) | required_provider | minor | `6.28.0` → `6.30.0` | --- ### Release Notes <details> <summary>hashicorp/terraform-provider-aws (aws)</summary> ### [`v6.30.0`](https://github.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#6300-January-28-2026) [Compare Source](https://github.com/hashicorp/terraform-provider-aws/compare/v6.29.0...v6.30.0) FEATURES: - **New Resource:** `aws_ssoadmin_managed_policy_attachments_exclusive` ([#&#8203;46176](https://github.com/hashicorp/terraform-provider-aws/issues/46176)) BUG FIXES: - resource/aws\_dynamodb\_table: Fix panic when `global_secondary_index` or `global_secondary_index.key_schema` are `dynamic` ([#&#8203;46195](https://github.com/hashicorp/terraform-provider-aws/issues/46195)) ### [`v6.29.0`](https://github.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#6290-January-28-2026) [Compare Source](https://github.com/hashicorp/terraform-provider-aws/compare/v6.28.0...v6.29.0) NOTES: - data-source/aws\_organizations\_organization: Add `return_organization_only` argument to return only the results of the [`DescribeOrganization`](https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeOrganization.html) API and avoid API limits ([#&#8203;40884](https://github.com/hashicorp/terraform-provider-aws/issues/40884)) - resource/aws\_cloudfront\_anycast\_ip\_list: Because we cannot easily test all this functionality, it is best effort and we ask for community help in testing ([#&#8203;43331](https://github.com/hashicorp/terraform-provider-aws/issues/43331)) - resource/aws\_invoicing\_invoice\_unit: Deprecates `region` attribute, as the resource is global. ([#&#8203;46185](https://github.com/hashicorp/terraform-provider-aws/issues/46185)) - resource/aws\_organizations\_organization: Add `return_organization_only` argument to return only the results of the [`DescribeOrganization`](https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeOrganization.html) API and avoid API limits ([#&#8203;40884](https://github.com/hashicorp/terraform-provider-aws/issues/40884)) - resource/aws\_savingsplans\_savings\_plan: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing ([#&#8203;45834](https://github.com/hashicorp/terraform-provider-aws/issues/45834)) FEATURES: - **New Data Source:** `aws_arcregionswitch_plan` ([#&#8203;43781](https://github.com/hashicorp/terraform-provider-aws/issues/43781)) - **New Data Source:** `aws_arcregionswitch_route53_health_checks` ([#&#8203;43781](https://github.com/hashicorp/terraform-provider-aws/issues/43781)) - **New Data Source:** `aws_organizations_entity_path` ([#&#8203;45890](https://github.com/hashicorp/terraform-provider-aws/issues/45890)) - **New Data Source:** `aws_resourcegroupstaggingapi_required_tags` ([#&#8203;45994](https://github.com/hashicorp/terraform-provider-aws/issues/45994)) - **New Data Source:** `aws_s3_bucket_object_lock_configuration` ([#&#8203;45990](https://github.com/hashicorp/terraform-provider-aws/issues/45990)) - **New Data Source:** `aws_s3_bucket_replication_configuration` ([#&#8203;42662](https://github.com/hashicorp/terraform-provider-aws/issues/42662)) - **New Data Source:** `aws_s3control_access_points` ([#&#8203;45949](https://github.com/hashicorp/terraform-provider-aws/issues/45949)) - **New Data Source:** `aws_s3control_multi_region_access_points` ([#&#8203;45974](https://github.com/hashicorp/terraform-provider-aws/issues/45974)) - **New Data Source:** `aws_savingsplans_savings_plan` ([#&#8203;45834](https://github.com/hashicorp/terraform-provider-aws/issues/45834)) - **New Data Source:** `aws_wafv2_managed_rule_group` ([#&#8203;45899](https://github.com/hashicorp/terraform-provider-aws/issues/45899)) - **New List Resource:** `aws_appflow_connector_profile` ([#&#8203;45983](https://github.com/hashicorp/terraform-provider-aws/issues/45983)) - **New List Resource:** `aws_appflow_flow` ([#&#8203;45980](https://github.com/hashicorp/terraform-provider-aws/issues/45980)) - **New List Resource:** `aws_cleanrooms_collaboration` ([#&#8203;45953](https://github.com/hashicorp/terraform-provider-aws/issues/45953)) - **New List Resource:** `aws_cleanrooms_configured_table` ([#&#8203;45956](https://github.com/hashicorp/terraform-provider-aws/issues/45956)) - **New List Resource:** `aws_cloudfront_key_value_store` ([#&#8203;45957](https://github.com/hashicorp/terraform-provider-aws/issues/45957)) - **New List Resource:** `aws_opensearchserverless_collection` ([#&#8203;46001](https://github.com/hashicorp/terraform-provider-aws/issues/46001)) - **New List Resource:** `aws_route53_record` ([#&#8203;46059](https://github.com/hashicorp/terraform-provider-aws/issues/46059)) - **New List Resource:** `aws_s3_bucket` ([#&#8203;46004](https://github.com/hashicorp/terraform-provider-aws/issues/46004)) - **New List Resource:** `aws_s3_object` ([#&#8203;46002](https://github.com/hashicorp/terraform-provider-aws/issues/46002)) - **New List Resource:** `aws_security_group` ([#&#8203;46062](https://github.com/hashicorp/terraform-provider-aws/issues/46062)) - **New Resource:** `aws_apigatewayv2_routing_rule` ([#&#8203;42961](https://github.com/hashicorp/terraform-provider-aws/issues/42961)) - **New Resource:** `aws_arcregionswitch_plan` ([#&#8203;43781](https://github.com/hashicorp/terraform-provider-aws/issues/43781)) - **New Resource:** `aws_cloudfront_anycast_ip_list` ([#&#8203;43331](https://github.com/hashicorp/terraform-provider-aws/issues/43331)) - **New Resource:** `aws_notifications_managed_notification_account_contact_association` ([#&#8203;45185](https://github.com/hashicorp/terraform-provider-aws/issues/45185)) - **New Resource:** `aws_notifications_managed_notification_additional_channel_association` ([#&#8203;45186](https://github.com/hashicorp/terraform-provider-aws/issues/45186)) - **New Resource:** `aws_notifications_organizational_unit_association` ([#&#8203;45197](https://github.com/hashicorp/terraform-provider-aws/issues/45197)) - **New Resource:** `aws_notifications_organizations_access` ([#&#8203;45273](https://github.com/hashicorp/terraform-provider-aws/issues/45273)) - **New Resource:** `aws_opensearch_application` ([#&#8203;43822](https://github.com/hashicorp/terraform-provider-aws/issues/43822)) - **New Resource:** `aws_ram_permission` ([#&#8203;44114](https://github.com/hashicorp/terraform-provider-aws/issues/44114)) - **New Resource:** `aws_ram_resource_associations_exclusive` ([#&#8203;45883](https://github.com/hashicorp/terraform-provider-aws/issues/45883)) - **New Resource:** `aws_sagemaker_labeling_job` ([#&#8203;46041](https://github.com/hashicorp/terraform-provider-aws/issues/46041)) - **New Resource:** `aws_sagemaker_model_card` ([#&#8203;45993](https://github.com/hashicorp/terraform-provider-aws/issues/45993)) - **New Resource:** `aws_sagemaker_model_card_export_job` ([#&#8203;46009](https://github.com/hashicorp/terraform-provider-aws/issues/46009)) - **New Resource:** `aws_savingsplans_savings_plan` ([#&#8203;45834](https://github.com/hashicorp/terraform-provider-aws/issues/45834)) - **New Resource:** `aws_sesv2_tenant_resource_association` ([#&#8203;45904](https://github.com/hashicorp/terraform-provider-aws/issues/45904)) - **New Resource:** `aws_vpc_security_group_rules_exclusive` ([#&#8203;45876](https://github.com/hashicorp/terraform-provider-aws/issues/45876)) ENHANCEMENTS: - aws\_api\_gateway\_domain\_name: Add `routing_mode` argument to support dynamic routing via routing rules ([#&#8203;42961](https://github.com/hashicorp/terraform-provider-aws/issues/42961)) - aws\_apigatewayv2\_domain\_name: Add `routing_mode` argument to support dynamic routing via routing rules ([#&#8203;42961](https://github.com/hashicorp/terraform-provider-aws/issues/42961)) - data-source/aws\_batch\_job\_definition: Add `allow_privilege_escalation` attribute to `eks_properties.pod_properties.containers.security_context` ([#&#8203;45896](https://github.com/hashicorp/terraform-provider-aws/issues/45896)) - data-source/aws\_dynamodb\_table: Add `global_secondary_index.key_schema` attribute ([#&#8203;46157](https://github.com/hashicorp/terraform-provider-aws/issues/46157)) - data-source/aws\_networkmanager\_core\_network\_policy\_document: Add `segment_actions.routing_policy_names` argument ([#&#8203;45928](https://github.com/hashicorp/terraform-provider-aws/issues/45928)) - data-source/aws\_s3\_object: Add `body_base64` and `download_body` attributes. For improved performance, set `download_body = false` to ensure bodies are never downloaded ([#&#8203;46163](https://github.com/hashicorp/terraform-provider-aws/issues/46163)) - data-source/aws\_vpc\_ipam\_pool: Add `source_resource` attribute ([#&#8203;44705](https://github.com/hashicorp/terraform-provider-aws/issues/44705)) - resource/aws\_batch\_job\_definition: Add `allow_privilege_escalation` attribute to `eks_properties.pod_properties.containers.security_context` ([#&#8203;45896](https://github.com/hashicorp/terraform-provider-aws/issues/45896)) - resource/aws\_bedrockagent\_data\_source: Add `vector_ingestion_configuration.parsing_configuration.bedrock_data_automation_configuration` block ([#&#8203;45966](https://github.com/hashicorp/terraform-provider-aws/issues/45966)) - resource/aws\_bedrockagent\_data\_source: Add `vector_ingestion_configuration.parsing_configuration.bedrock_foundation_model_configuration.parsing_modality` argument ([#&#8203;46056](https://github.com/hashicorp/terraform-provider-aws/issues/46056)) - resource/aws\_docdb\_cluster\_instance: Add `certificate_rotation_restart` argument ([#&#8203;45984](https://github.com/hashicorp/terraform-provider-aws/issues/45984)) - resource/aws\_dynamodb\_table: Add support for multi-attribute keys in global secondary indexes. Introduces hash\_keys and range\_keys to the gsi block and makes hash\_key optional for backwards compatibility. ([#&#8203;45357](https://github.com/hashicorp/terraform-provider-aws/issues/45357)) - resource/aws\_dynamodb\_table: Adds warning when `stream_view_type` is set and `stream_enabled` is either `false` or unset. ([#&#8203;45934](https://github.com/hashicorp/terraform-provider-aws/issues/45934)) - resource/aws\_ecr\_account\_setting: Add support for `BLOB_MOUNTING` account setting name with `ENABLED` and `DISABLED` values ([#&#8203;46092](https://github.com/hashicorp/terraform-provider-aws/issues/46092)) - resource/aws\_fsx\_windows\_file\_system: Add `domain_join_service_account_secret` argument to `self_managed_active_directory` configuration block ([#&#8203;45852](https://github.com/hashicorp/terraform-provider-aws/issues/45852)) - resource/aws\_fsx\_windows\_file\_system: Change `self_managed_active_directory.password` to Optional and `self_managed_active_directory.username` to Optional and Computed ([#&#8203;45852](https://github.com/hashicorp/terraform-provider-aws/issues/45852)) - resource/aws\_invoicing\_invoice\_unit: Adds resource identity support. ([#&#8203;46185](https://github.com/hashicorp/terraform-provider-aws/issues/46185)) - resource/aws\_invoicing\_invoice\_unit: Adds validation to restrict `rules` to a single element. ([#&#8203;46185](https://github.com/hashicorp/terraform-provider-aws/issues/46185)) - resource/aws\_lambda\_function: Increase upper limit of `memory_size` from 10240 MB to 32768 MB ([#&#8203;46065](https://github.com/hashicorp/terraform-provider-aws/issues/46065)) - resource/aws\_launch\_template: Add `network_performance_options` argument ([#&#8203;46071](https://github.com/hashicorp/terraform-provider-aws/issues/46071)) - resource/aws\_odb\_network: Enhancements to support KMS and STS parameters in CreateOdbNetwork and UpdateOdbNetwork. ([#&#8203;45636](https://github.com/hashicorp/terraform-provider-aws/issues/45636)) - resource/aws\_opensearchserverless\_collection: Add resource identity support ([#&#8203;45981](https://github.com/hashicorp/terraform-provider-aws/issues/45981)) - resource/aws\_osis\_pipeline: Updates `pipeline_configuration_body` maximum length validation to 2,621,440 bytes to align with AWS API specification. ([#&#8203;44881](https://github.com/hashicorp/terraform-provider-aws/issues/44881)) - resource/aws\_sagemaker\_endpoint: Retry IAM eventual consistency errors on Create ([#&#8203;45951](https://github.com/hashicorp/terraform-provider-aws/issues/45951)) - resource/aws\_sagemaker\_monitoring\_schedule: Add `monitoring_schedule_config.monitoring_job_definition` argument ([#&#8203;45951](https://github.com/hashicorp/terraform-provider-aws/issues/45951)) - resource/aws\_sagemaker\_monitoring\_schedule: Make `monitoring_schedule_config.monitoring_job_definition_name` argument optional ([#&#8203;45951](https://github.com/hashicorp/terraform-provider-aws/issues/45951)) - resource/aws\_vpc\_ipam\_pool: Add `source_resource` argument in support of provisioning of VPC Resource Planning Pools ([#&#8203;44705](https://github.com/hashicorp/terraform-provider-aws/issues/44705)) - resource/aws\_vpc\_ipam\_resource\_discovery: Add `organizational_unit_exclusion` argument ([#&#8203;45890](https://github.com/hashicorp/terraform-provider-aws/issues/45890)) - resource/aws\_vpc\_subnet: Add `ipv4_ipam_pool_id`, `ipv4_netmask_length`, `ipv6_ipam_pool_id`, and `ipv6_netmask_length` arguments in support of provisioning of subnets using IPAM ([#&#8203;44705](https://github.com/hashicorp/terraform-provider-aws/issues/44705)) - resource/aws\_vpc\_subnet: Change `ipv6_cidr_block` to Optional and Computed ([#&#8203;44705](https://github.com/hashicorp/terraform-provider-aws/issues/44705)) BUG FIXES: - data-source/aws\_ecr\_lifecycle\_policy\_document: Add `rule.action.target_storage_class` and `rule.selection.storage_class` to JSON serialization ([#&#8203;45909](https://github.com/hashicorp/terraform-provider-aws/issues/45909)) - data-source/aws\_lakeformation\_permissions: Remove incorrect validation from `catalog_id`, `data_location.catalog_id`, `database.catalog_id`, `lf_tag_policy.catalog_id`, `table.catalog_id`, and `table_with_columns.catalog_id` arguments ([#&#8203;43931](https://github.com/hashicorp/terraform-provider-aws/issues/43931)) - data-source/aws\_networkmanager\_core\_network\_policy\_document: Fix panic when `attachment_routing_policy_rules.action.associate_routing_policies` is empty ([#&#8203;46160](https://github.com/hashicorp/terraform-provider-aws/issues/46160)) - provider: Fix crash when using custom S3 endpoints with non-standard region strings (e.g., S3-compatible storage like Ceph or MinIO) ([#&#8203;46000](https://github.com/hashicorp/terraform-provider-aws/issues/46000)) - provider: When importing resources with `region` defined, in AWS European Sovereign Cloud, prevent failing due to region validation requiring region names to start with "\[a-z]{2}-" ([#&#8203;45895](https://github.com/hashicorp/terraform-provider-aws/issues/45895)) - resource/aws\_athena\_workgroup: Fix error when removing `configuration.result_configuration.encryption_configuration` argument ([#&#8203;46159](https://github.com/hashicorp/terraform-provider-aws/issues/46159)) - resource/aws\_bcmdataexports\_export: Fix `Provider produced inconsistent result after apply` error when querying `CARBON_EMISSIONS` table without `table_configurations` ([#&#8203;45972](https://github.com/hashicorp/terraform-provider-aws/issues/45972)) - resource/aws\_bedrock\_inference\_profile: Fixed forced replacement following import when `model_source` is set ([#&#8203;45713](https://github.com/hashicorp/terraform-provider-aws/issues/45713)) - resource/aws\_billing\_view: Fix handling of data\_filter\_expression ([#&#8203;45293](https://github.com/hashicorp/terraform-provider-aws/issues/45293)) - resource/aws\_cloudformation\_stack\_set: Fix perpetual diff when using `auto_deployment` with `permission_model` set to `SERVICE_MANAGED` ([#&#8203;45992](https://github.com/hashicorp/terraform-provider-aws/issues/45992)) - resource/aws\_cloudfront\_distribution: Fix `runtime error: invalid memory address or nil pointer dereference` panic when mistakenly importing a multi-tenant distribution ([#&#8203;45873](https://github.com/hashicorp/terraform-provider-aws/issues/45873)) - resource/aws\_cloudfront\_distribution: Prevent mistakenly importing a multi-tenant distribution ([#&#8203;45873](https://github.com/hashicorp/terraform-provider-aws/issues/45873)) - resource/aws\_cloudfront\_multitenant\_distribution: Fix "specified origin server does not exist or is not valid" errors when attempting to use Origin Access Control (OAC) ([#&#8203;45977](https://github.com/hashicorp/terraform-provider-aws/issues/45977)) - resource/aws\_cloudfront\_multitenant\_distribution: Fix `origin_group` to use correct `id` attribute name and fix field mapping to resolve `missing required field` errors ([#&#8203;45921](https://github.com/hashicorp/terraform-provider-aws/issues/45921)) - resource/aws\_cloudwatch\_event\_rule: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "\[a-z]{2}-" ([#&#8203;45895](https://github.com/hashicorp/terraform-provider-aws/issues/45895)) - resource/aws\_config\_configuration\_recorder: Fix `InvalidRecordingGroupException: The recording group provided is not valid` errors when the `recording_group.exclusion_by_resource_type` or `recording_group.recording_strategy` argument is removed during update ([#&#8203;46110](https://github.com/hashicorp/terraform-provider-aws/issues/46110)) - resource/aws\_datazone\_environment\_profile: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "\[a-z]{2}-" ([#&#8203;45895](https://github.com/hashicorp/terraform-provider-aws/issues/45895)) - resource/aws\_dynamodb\_table: Fix perpetual diff for `warm_throughput` in global\_secondary\_index when not set in configuration. ([#&#8203;46094](https://github.com/hashicorp/terraform-provider-aws/issues/46094)) - resource/aws\_dynamodb\_table: Fixes error when `name` is known after apply ([#&#8203;45917](https://github.com/hashicorp/terraform-provider-aws/issues/45917)) - resource/aws\_eks\_cluster: Fix `kubernetes_network_config` argument name in EKS Auto Mode validation error message ([#&#8203;45997](https://github.com/hashicorp/terraform-provider-aws/issues/45997)) - resource/aws\_emrserverless\_application: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "\[a-z]{2}-" ([#&#8203;45895](https://github.com/hashicorp/terraform-provider-aws/issues/45895)) - resource/aws\_lakeformation\_permissions: Remove incorrect validation from `catalog_id`, `data_location.catalog_id`, `database.catalog_id`, `lf_tag_policy.catalog_id`, `table.catalog_id`, and `table_with_columns.catalog_id` arguments ([#&#8203;43931](https://github.com/hashicorp/terraform-provider-aws/issues/43931)) - resource/aws\_lambda\_event\_source\_mapping: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "\[a-z]{2}-" ([#&#8203;45895](https://github.com/hashicorp/terraform-provider-aws/issues/45895)) - resource/aws\_lambda\_invocation: Fix panic when deleting or replacing resource with empty input in CRUD lifecycle scope ([#&#8203;45967](https://github.com/hashicorp/terraform-provider-aws/issues/45967)) - resource/aws\_lambda\_permission: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "\[a-z]{2}-" ([#&#8203;45895](https://github.com/hashicorp/terraform-provider-aws/issues/45895)) - resource/aws\_lb\_target\_group: Fix update error when switching `health_check.protocol` from `HTTP` to `TCP` when `protocol` is `TCP` ([#&#8203;46036](https://github.com/hashicorp/terraform-provider-aws/issues/46036)) - resource/aws\_multitenant\_cloudfront\_distribution: Prevent mistakenly importing a standard distribution ([#&#8203;45873](https://github.com/hashicorp/terraform-provider-aws/issues/45873)) - resource/aws\_networkfirewall\_firewall\_policy: Support partner-managed rule groups via `firewall_policy.stateful_rule_group_reference.resource_arn` ([#&#8203;46124](https://github.com/hashicorp/terraform-provider-aws/issues/46124)) - resource/aws\_odb\_network: Fix `delete_associated_resources` being set when value is unknown ([#&#8203;45636](https://github.com/hashicorp/terraform-provider-aws/issues/45636)) - resource/aws\_pipes\_pipe: Prevent failing on AWS European Sovereign Cloud regions due to region validation requiring region names to start with "\[a-z]{2}-" ([#&#8203;45895](https://github.com/hashicorp/terraform-provider-aws/issues/45895)) - resource/aws\_placement\_group: Correct validation of `partition_count` ([#&#8203;45042](https://github.com/hashicorp/terraform-provider-aws/issues/45042)) - resource/aws\_rds\_cluster: Properly set `iam_database_authentication_enabled` when restored from snapshot ([#&#8203;39461](https://github.com/hashicorp/terraform-provider-aws/issues/39461)) - resource/aws\_redshift\_cluster: Changing `port` now works. ([#&#8203;45870](https://github.com/hashicorp/terraform-provider-aws/issues/45870)) - resource/aws\_redshiftserverless\_workgroup: Fix `ValidationException: Base capacity cannot be updated when PerformanceTarget is Enabled` error when updating `price_performance_target` and `base_capacity` ([#&#8203;46137](https://github.com/hashicorp/terraform-provider-aws/issues/46137)) - resource/aws\_route53\_health\_check: Mark `regions` argument as `Computed` to fix an unexpected `regions` diff when it is not specified ([#&#8203;45829](https://github.com/hashicorp/terraform-provider-aws/issues/45829)) - resource/aws\_route53\_zone: Fix `InvalidChangeBatch` errors during [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) operations when zone name changes ([#&#8203;45242](https://github.com/hashicorp/terraform-provider-aws/issues/45242)) - resource/aws\_route53\_zone: Fixes error where Delete would fail if the remote resource had already been deleted. ([#&#8203;45985](https://github.com/hashicorp/terraform-provider-aws/issues/45985)) - resource/aws\_route53profiles\_resource\_association: Fix `Invalid JSON String Value` error on initial apply and `ConflictException` on subsequent apply when associating Route53 Resolver Query Log Configs ([#&#8203;45958](https://github.com/hashicorp/terraform-provider-aws/issues/45958)) - resource/aws\_route53recoverycontrolconfig\_control\_panel: Fix crash when create returns an error ([#&#8203;45954](https://github.com/hashicorp/terraform-provider-aws/issues/45954)) - resource/aws\_s3\_bucket: Fix bucket creation with tags in non-commercial AWS regions by handling `UnsupportedArgument` errors during tag-on-create operations ([#&#8203;46122](https://github.com/hashicorp/terraform-provider-aws/issues/46122)) - resource/aws\_s3\_bucket: Fix tag read and update operations in non-commercial AWS regions by handling `MethodNotAllowed` errors when S3 Control APIs are unavailable ([#&#8203;46122](https://github.com/hashicorp/terraform-provider-aws/issues/46122)) - resource/aws\_servicecatalog\_portfolio\_share: Support organization and OU IDs in addition to ARNs for GovCloud compatibility ([#&#8203;39863](https://github.com/hashicorp/terraform-provider-aws/issues/39863)) - resource/aws\_subnet: Mark `ipv6_cidr_block` as `ForceNew` when the existing IPv6 subnet was created with `assign_ipv6_address_on_create = true` ([#&#8203;46043](https://github.com/hashicorp/terraform-provider-aws/issues/46043)) - resource/aws\_vpc\_endpoint: Fix persistent diffs caused by case differences in `ip_address_type` ([#&#8203;45947](https://github.com/hashicorp/terraform-provider-aws/issues/45947)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45Mi40IiwidXBkYXRlZEluVmVyIjoiNDIuOTIuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

renovate-bot added 1 commit 2026-01-31 00:07:54 +00:00

chore(deps): update terraform aws to v6.30.0 4a36e6d58b

renovate-bot scheduled this pull request to auto merge when all checks succeed 2026-01-31 00:07:54 +00:00

renovate-bot merged commit 9652a06500 into main 2026-01-31 00:07:55 +00:00

renovate-bot referenced this pull request from a commit 2026-01-31 00:07:56 +00:00

Merge pull request 'chore(deps): update terraform aws to v6.30.0' (#70) from renovate/aws-6.x into main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

infrastructure/tofu-template!70

No description provided.