Update Terraform aws to v6

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
aws (source)	required_provider	major	5.98.0 → 6.43.0

---

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.43.0

Compare Source

FEATURES:

• New Data Source: aws_securityhub_enabled_standards (#​43947)
• New Data Source: aws_securityhub_security_controls (#​43947)
• New List Resource: aws_db_subnet_group (#​47637)
• New List Resource: aws_ec2_network_insights_access_scope (#​47582)
• New List Resource: aws_iam_group_policy_attachment (#​47667)
• New List Resource: aws_lambda_event_source_mapping (#​47686)
• New List Resource: aws_securityhub_insight (#​47622)
• New Resource: aws_arczonalshift_autoshift_observer_notification_status (#​46343)
• New Resource: aws_ec2_network_insights_access_scope (#​47582)
• New Resource: aws_securityhub_account_v2 (#​47356)

ENHANCEMENTS:

• resource/aws_arczonalshift_autoshift_observer_notification_status: Add resource identity support (#​46343)
• resource/aws_auditmanager_assessment: Add resource identity support (#​47674)
• resource/aws_auditmanager_control: Add resource identity support (#​47674)
• resource/aws_auditmanager_framework: Add resource identity support (#​47674)
• resource/aws_auditmanager_framework_share: Add resource identity support (#​47674)
• resource/aws_bedrockagentcore_memory_strategy: Support EPISODIC as a valid value for type (#​47589)
• resource/aws_ecs_express_gateway_service: Deprecates current_deployment. (#​47694)
• resource/aws_iam_group_policy_attachment: Add resource identity support (#​47667)
• resource/aws_lambda_event_source_mapping: Add resource identity support (#​47686)
• resource/aws_securityhub_action_target: Add Resource Identity support (#​47543)
• resource/aws_securityhub_configuration_policy: Add Resource Identity support (#​47543)
• resource/aws_securityhub_configuration_policy_association: Add Resource Identity support (#​47543)
• resource/aws_securityhub_configuration_policy_association: Add support for SELF_MANAGED_SECURITY_HUB as a policy_id value (#​47078)
• resource/aws_securityhub_finding_aggregator: Add Resource Identity support (#​47543)
• resource/aws_securityhub_finding_aggregator: Add arn attribute (#​47543)
• resource/aws_securityhub_insight: Add Resource Identity support (#​47543)
• resource/aws_securityhub_member: Add Resource Identity support (#​47543)
• resource/aws_securityhub_organization_admin_account: Add Resource Identity support (#​47543)
• resource/aws_securityhub_product_subscription: Add Resource Identity support (#​47543)
• resource/aws_securityhub_standards_control: Add Resource Identity support (#​47543)
• resource/aws_securityhub_standards_control_association: Add Resource Identity support (#​47543)
• resource/aws_securityhub_standards_subscription: Add Resource Identity support (#​47543)
• resource/aws_securityhub_standards_subscription: Add arn attribute (#​47543)
• resource/aws_subnet: Automatically detect and dissociate GuardDuty-managed VPC endpoints during terraform destroy when they block subnet deletion (#​46953)
• resource/aws_vpc: Automatically detect and remove GuardDuty-managed VPC endpoints and security groups during terraform destroy when they block VPC deletion (#​46953)

BUG FIXES:

• resource/aws_cloudwatch_metric_alarm: Fix invalid One of 'metric_name', 'metric_query', or 'evaluation_criteria' must be set for a cloudwatch metric alarm plan-time errors. This fixes a regression introduced in v6.42.0 (#​47666)
• resource/aws_ecs_express_gateway_service: Handles more transient API errors during creation and deletion. (#​47568)
• resource/aws_ecs_express_gateway_service: Marks resource for re-creation if it fails while waiting for creation. (#​47568)
• resource/aws_ecs_express_gateway_service: Prevents errors when value of current_deployment changes. (#​47694)
• resource/aws_ecs_express_gateway_service: Waits until the service is INACTIVE instead of DRAINING. (#​47568)
• resource/aws_flow_log: Prevents error when updating from earlier versions of the provider or importing VPC Flow Logs (#​47699)
• resource/aws_globalaccelerator_cross_account_attachment: Fix runtime error: invalid memory address or nil pointer dereference panics when removing resource blocks (#​47625)
• resource/aws_pinpoint_app: Lower minimum of limits.messages_per_second from 50 to 1 to match the AWS API. (#​47636)
• resource/aws_s3_bucket: Fix bucket creation on third-party S3-compatible APIs (e.g. OVH, Ceph RGW) by handling MalformedXML errors during tag-on-create and CreateBucketConfiguration operations (#​47530)

v6.42.0

Compare Source

BREAKING CHANGES:

• resource/aws_mq_configuration: Destruction of this resource will now delete the configuration. Previously delete was a no-op due to missing API operations, leaving resources in an unmanaged state. For this reason a breaking change was deemed acceptable in a minor version. This functionality requires the mq:DeleteConfiguration IAM permission. To restore the previous no-op behavior, set skip_destroy to true. (#​47273)

NOTES:

• documentation: CDKTF documentation has been removed from the provider (#​47484)
• resource/aws_eip: Because we cannot easily test this behavior in isolated regions, it is best effort and we ask for community help in testing (#​47091)

FEATURES:

• New Data Source: aws_ec2_service_link_virtual_interface (#​47478)
• New Data Source: aws_ec2_service_link_virtual_interfaces (#​47478)
• New List Resource: aws_apigatewayv2_api (#​47472)
• New List Resource: aws_cloudwatch_log_metric_filter (#​47495)
• New List Resource: aws_config_remediation_configuration (#​47514)
• New List Resource: aws_ebs_volume (#​47551)
• New List Resource: aws_ebs_volume_attachment (#​47561)
• New List Resource: aws_eip (#​47557)
• New List Resource: aws_iam_user_policy_attachment (#​47467)
• New List Resource: aws_internet_gateway (#​47529)
• New List Resource: aws_lambda_layer_version (#​47496)
• New List Resource: aws_launch_template (#​47540)
• New List Resource: aws_route53_zone (#​47494)
• New List Resource: aws_sagemaker_hyper_parameter_tuning_job (#​47138)
• New List Resource: aws_sqs_queue_policy (#​47489)
• New Resource: aws_cloudwatch_otel_enrichment (#​47275)
• New Resource: aws_ebs_volume_copy (#​47311)
• New Resource: aws_sagemaker_hyper_parameter_tuning_job (#​47138)

ENHANCEMENTS:

• data-source/aws_identitystore_user: Add user_status attribute (#​47323)
• data-source/aws_identitystore_users: Add user_status attribute (#​47323)
• data-source/aws_network_interface: Add ena_srd_specification attribute (#​46669)
• data-source/aws_odb_network: Enhancements to support cross-region restore. (#​46317)
• resource/aws_cloudwatch_log_metric_filter: Add Resource Identity support (#​47495)
• resource/aws_cloudwatch_metric_alarm: Add evaluation_criteria and evaluation_interval arguments in support of PromQL queries. Change comparison_operator and evaluation_periods to Optional (#​47449)
• resource/aws_ebs_volume_attachment: Add resource identity support (#​47561)
• resource/aws_eip: Add resource identity support (#​47557)
• resource/aws_eks_access_entry: Add Resource Identity support (#​47428)
• resource/aws_eks_access_policy_association: Add Resource Identity support (#​47428)
• resource/aws_eks_addon: Add Resource Identity support (#​47428)
• resource/aws_eks_addon: Add namespace_config argument (#​44087)
• resource/aws_eks_capability: Add Resource Identity support (#​47428)
• resource/aws_eks_identity_provider_config: Add Resource Identity support (#​47428)
• resource/aws_eks_identity_provider_config: Add identity_provider_config_name attribute (#​47428)
• resource/aws_eks_node_group: Add Resource Identity support (#​47428)
• resource/aws_eks_pod_identity_association: Add Resource Identity support (#​47428)
• resource/aws_fargate_profile: Add Resource Identity support (#​47428)
• resource/aws_identitystore_user: Add user_status attribute (#​47323)
• resource/aws_imagebuilder_lifecycle_policy: Support wildcard semantic version for resource_selection.recipe.semantic_version (#​47443)
• resource/aws_lambda_layer_version: Add resource identity support (#​47496)
• resource/aws_launch_template: Add resource identity support (#​47540)
• resource/aws_mq_configuration: Add skip_destroy argument (#​47273)
• resource/aws_mq_configuration: Implement resource deletion (#​47273)
• resource/aws_network_interface: Add ena_srd_specification argument to support ENA Express (#​46669)
• resource/aws_networkmanager_site_to_site_vpn_attachment: Enable in-place updates of routing_policy_label argument. This functionality requires the networkmanager: PutAttachmentRoutingPolicyLabel and networkmanager: RemoveAttachmentRoutingPolicyLabel IAM permissions (#​47541)
• resource/aws_odb_network: Enhancements to support cross-region restore. (#​46317)
• resource/aws_rds_integration: Add integration_identifier attribute (#​45632)
• resource/aws_rds_integration: Support in-place update of data_filter and integration_name (#​45632)
• resource/aws_s3_bucket_inventory: Support S3 Inventory for directory buckets (#​47555)
• resource/aws_s3control_storage_lens_configuration: Add storage_lens_configuration.expanded_prefixes_data_export and storage_lens_configuration.prefix_delimiter arguments (#​47205)
• resource/aws_s3files_file_system: Add accept_bucket_warning argument (#​47510)
• resource/network_peering_connection: Peer cidr management through peer_network_cidrs argument. (#​46207)

BUG FIXES:

• resource/aws_appintegrations_data_integration: Fix source_uri regular expression validation (#​47498)
• resource/aws_bedrock_guardrail: Update maximum length of topic_policy_config.topics_config.definition from 200 to 1000 to support standard tier. (#​47574)
• resource/aws_cloudwatch_alarm_mute_rule: Fix mute_targets.alarm_names ordering causing "Provider produced inconsistent result after apply" errors (#​47507)
• resource/aws_ecs_service: Excludes Express-Mode Services from listing. (#​47533)
• resource/aws_eip: Gracefully handle UnsupportedOperation errors in isolated regions (#​47091)
• resource/aws_msk_cluster: Fix a request parameter error when updating broker_node_group_info.vpc_connectivity configuration block. This fixes a regression introduced in v6.40.0 (#​47515)
• resource/aws_odb_network: Fix runtime error: invalid memory address or nil pointer dereference panic in statusManagedService() and statusNetwork() when FindOracleDBNetworkResourceByID returns a nil result during resource creation (#​47159)
• resource/aws_securityhub_member: Only set email if returned by AWS API and don't recompute invite from member_status. This prevents drift for organization members (#​47106)

v6.41.0

Compare Source

FEATURES:

• New List Resource: aws_api_gateway_integration (#​47370)
• New List Resource: aws_api_gateway_integration_response (#​47388)
• New List Resource: aws_api_gateway_method (#​47365)
• New List Resource: aws_api_gateway_method_response (#​47387)
• New List Resource: aws_api_gateway_resource (#​47382)
• New List Resource: aws_api_gateway_rest_api (#​47404)
• New List Resource: aws_apigatewayv2_route (#​47452)
• New List Resource: aws_cloudfront_distribution (#​47459)
• New List Resource: aws_cloudwatch_alarm_mute_rule (#​46750)
• New List Resource: aws_cloudwatch_log_subscription_filter (#​47451)
• New List Resource: aws_nat_gateway (#​47349)
• New List Resource: aws_sns_topic_policy (#​47445)
• New Resource: aws_cloudwatch_alarm_mute_rule (#​46750)

ENHANCEMENTS:

• data-source/aws_ecs_task_definition: Add volume.s3files_volume_configuration attribute (#​47363)
• data-source/aws_opensearch_domain: Add deployment_strategy_options block (#​47401)
• resource/aws_api_gateway_integration: Add resource identity support (#​47357)
• resource/aws_api_gateway_integration_response: Add resource identity support (#​47366)
• resource/aws_api_gateway_method: Add resource identity support (#​47310)
• resource/aws_api_gateway_method_response: Add resource identity support (#​47360)
• resource/aws_api_gateway_resource: Add resource identity support (#​47358)
• resource/aws_api_gateway_rest_api: Add resource identity support (#​47384)
• resource/aws_apigatewayv2_api: Add resource identity support (#​47465)
• resource/aws_apigatewayv2_route: Add resource identity support (#​47441)
• resource/aws_autoscaling_group: Add Resource Identity support (#​47381)
• resource/aws_autoscaling_lifecycle_hook: Add Resource Identity support (#​47381)
• resource/aws_autoscaling_notification: Add plan-time validation of topic_arn (#​47381)
• resource/aws_autoscaling_policy: Add Resource Identity support (#​47381)
• resource/aws_autoscaling_traffic_source_attachment: Add import support (#​47381)
• resource/aws_budgets_budget: Add metrics attribute (#​47047)
• resource/aws_cloudwatch_log_subscription_filter: Add Resource Identity support (#​47451)
• resource/aws_directory_service_directory: add enable_directory_data_access argument (#​44736)
• resource/aws_dynamodb_table: Add Resource Identity support (#​47301)
• resource/aws_ecs_task_definition: Add volume.s3files_volume_configuration argument (#​47363)
• resource/aws_elasticache_user: Add passwords_wo and passwords_wo_version write-only arguments (#​45988)
• resource/aws_launch_configuration: Add Resource Identity support (#​47381)
• resource/aws_opensearch_domain: Add deployment_strategy_options configuration block (#​47401)

BUG FIXES:

• data-source/aws_outposts_asset: Fix nil pointer dereference panic when asset has no ComputeAttributes or AssetLocation (#​47450)
• list-resource/aws_lb: Fixes error when no results are returned (#​47455)
• list-resource/aws_lb_listener: Fixes error when no results are returned (#​47455)
• list-resource/aws_lb_listener_rule: Fixes error when no results are returned (#​47455)
• list-resource/aws_lb_target_group: Fixes error when no results are returned (#​47455)
• resource/aws_autoscaling_traffic_source_attachment: Change traffic_source to Required (#​47381)
• resource/aws_budgets_budget: Add missing metrics attribute required for filter_expression (#​47047)
• resource/aws_cloudfront_multitenant_distribution: Allows disabling the enforcement of a response_completion_timeout for Origins, by removing its default value (#​46329)
• resource/aws_cloudfront_multitenant_distribution: Fix function_association and lambda_function_association block ordering producing inconsistent result after apply when multiple associations are configured (#​46378)
• resource/aws_cloudfront_multitenant_distribution: Fix origin block ordering producing inconsistent result after apply when multiple origins are configured (#​47199)
• resource/aws_dynamodb_global_secondary_index: Fixes error when key_type is unknown during plan-time. (#​47456)
• resource/aws_dynamodb_table: Prevents validation error when global secondary index range_key is set to empty string (#​47427)
• resource/aws_neptune_global_cluster: Fix a regression in the minor version upgrade workflow for MySQL engine types triggered by upstream changes to the API error response text (#​47448)
• resource/aws_rds_global_cluster: Fix a regression in the minor version upgrade workflow for MySQL engine types triggered by upstream changes to the API error response text (#​47448)

v6.40.0

Compare Source

FEATURES:

• New Data Source: aws_opensearchserverless_collection_group (#​46308)
• New Data Source: aws_opensearchserverless_collection_groups (#​46308)
• New Data Source: aws_s3files_access_point (#​47352)
• New Data Source: aws_s3files_file_system (#​47344)
• New Data Source: aws_s3files_file_systems (#​47344)
• New Data Source: aws_s3files_mount_target (#​47347)
• New List Resource: aws_config_config_rule (#​47319)
• New List Resource: aws_glue_job (#​47266)
• New List Resource: aws_opensearchserverless_collection_group (#​46308)
• New List Resource: aws_s3files_access_point (#​47352)
• New List Resource: aws_s3files_file_system (#​47325)
• New List Resource: aws_s3files_file_system_policy (#​47355)
• New List Resource: aws_s3files_mount_target (#​47347)
• New List Resource: aws_s3files_synchronization_configuration (#​47353)
• New List Resource: aws_ssm_association (#​47321)
• New List Resource: aws_ssm_patch_group (#​47329)
• New Resource: aws_opensearchserverless_collection_group (#​46308)
• New Resource: aws_s3files_access_point (#​47352)
• New Resource: aws_s3files_file_system (#​47325)
• New Resource: aws_s3files_file_system_policy (#​47355)
• New Resource: aws_s3files_mount_target (#​47347)
• New Resource: aws_s3files_synchronization_configuration (#​47353)
• New Resource: aws_servicequotas_auto_management (#​45968)

ENHANCEMENTS:

• data-source/aws_msk_cluster: Add broker_node_group_info.connectivity_info.network_type attribute (#​47279)
• resource/aws_cloudformation_stack_set: Add depends_on_stack_sets to auto_deployment configuration block (#​47269)
• resource/aws_config_config_rule: Add Resource Identity support (#​47286)
• resource/aws_config_configuration_aggregator: Add Resource Identity support (#​47286)
• resource/aws_config_configuration_recorder: Add Resource Identity support (#​47286)
• resource/aws_config_configuration_recorder_status: Add Resource Identity support (#​47286)
• resource/aws_config_conformance_pack: Add Resource Identity support (#​47286)
• resource/aws_config_delivery_channel: Add Resource Identity support (#​47286)
• resource/aws_config_organization_conformance_pack: Add Resource Identity support (#​47286)
• resource/aws_config_organization_custom_policy_rule: Add Resource Identity support (#​47286)
• resource/aws_config_organization_custom_rule: Add Resource Identity support (#​47286)
• resource/aws_config_organization_managed_rule: Add Resource Identity support (#​47286)
• resource/aws_config_remediation_configuration: Add Resource Identity support (#​47286)
• resource/aws_config_retention_configuration: Add Resource Identity support (#​47286)
• resource/aws_controltower_landing_zone: Add remediation_types attribute (#​46549)
• resource/aws_glue_job: Add Resource Identity support (#​47266)
• resource/aws_iam_instance_profile: Add resource identity support (#​47307)
• resource/aws_kinesisanalyticsv2_application: Support FLINK-2_2 as a valid value for runtime_environment (#​47207)
• resource/aws_msk_cluster: Add broker_node_group_info.connectivity_info.network_type argument (#​47279)
• resource/aws_opensearchserverless_access_policy: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_lifecycle_policy: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_security_config: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_security_policy: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_vpc_endpoint: Add Resource Identity support (#​47262)
• resource/aws_s3control_storage_lens_configuration: Add storage_lens_configuration.data_export.storage_lens_table_destination argument (#​47152)
• resource/aws_ssm_patch_group: Add resource identity support (#​47318)

BUG FIXES:

• resource/aws_bcmdataexports_export: Allows empty values in export.data_query.table_configurations (#​47261)
• resource/aws_cloudwatch_log_metric_filter: Fix validation to count pattern length in UTF-8 characters (#​47287)
• resource/aws_config_configuration_recorder_status: Mark name as as ForceNew (#​47286)
• resource/aws_organizations_account: Fix AccountAlreadyClosedException error when deleting an account that has already been closed with close_on_deletion set to true (#​46627)
• resource/aws_s3_bucket_server_side_encryption_configuration: Change rule.apply_server_side_encryption_by_default.kms_master_key_id, rule.blocked_encryption_types, and rule.bucket_key_enabled to Optional and Computed, preventings diffs once SSE-C is disabled for all new general purpose buckets (#​47359)
• resource/aws_uxc_account_customizations: Fix inconsistent result error when visible_regions or visible_services is set to an explicit empty set ([]) (#​47290)

v6.39.0

Compare Source

NOTES:

• data-source/aws_eks_access_entry: The tags_all attribute is deprecated and will be removed in a future major version (#​47133)

FEATURES:

• New Data Source: aws_iam_role_policies (#​46936)
• New Data Source: aws_iam_role_policy_attachments (#​47119)
• New Data Source: aws_networkmanager_core_network (#​45798)
• New Data Source: aws_uxc_services (#​47115)
• New List Resource: aws_eks_cluster (#​47133)
• New List Resource: aws_organizations_aws_service_access (#​46993)
• New List Resource: aws_sagemaker_training_job (#​46892)
• New List Resource: aws_workmail_group (#​47131)
• New List Resource: aws_workmail_user (#​47131)
• New Resource: aws_organizations_aws_service_access (#​46993)
• New Resource: aws_sagemaker_training_job (#​46892)
• New Resource: aws_uxc_account_customizations (#​47115)
• New Resource: aws_workmail_group (#​47131)
• New Resource: aws_workmail_user (#​47131)

ENHANCEMENTS:

• data-source/aws_outposts_asset: Add instance_families attribute (#​47153)
• resource/aws_eks_cluster: Add resource identity support (#​47133)
• resource/aws_eks_cluster: Support tier-8xl as a valid value for control_plane_scaling_config.tier (#​46976)
• resource/aws_network_acl_rule: Add Resource Identity support (#​47090)
• resource/aws_observabilityadmin_centralization_rule_for_organization: Add source.source_logs_configuration.data_source_selection_criteria argument. Change source.source_logs_configuration.log_group_selection_criteria to Optional (#​47154)
• resource/aws_prometheus_scraper: Add source.vpc argument. Change source.eks to Optional (#​47155)
• resource/aws_s3_bucket_metric: Support bucket metrics for directory buckets (#​47184)
• resource/aws_s3control_storage_lens_configuration: Add storage_lens_configuration.account_level.advanced_performance_metrics and storage_lens_configuration.account_level.bucket_level.advanced_performance_metrics arguments (#​46865)

BUG FIXES:

• data-source/aws_eks_access_entry: Fixed tags not being returned (#​47133)
• data-source/aws_service_principal: Fix service principal names for EC2 and S3 in the aws-cn partition (#​47141)
• resource/aws_config_organization_conformance_pack: Fix creation timeout when using a delegated administrator account (#​47072)
• resource/aws_dynamodb_table: Fix Error: waiting for creation AWS DynamoDB Table (xxxxx): couldn't find resource in highly active accounts by restoring 5s delay before polling for table status. This fixes a regression introduced in v6.28.0. (#​47143)
• resource/aws_eks_cluster: Set bootstrap_self_managed_addons to true when importing (#​47133)
• resource/aws_elasticache_serverless_cache: Fix InvalidParameterCombination error when cache_usage_limits is removed (#​46134)
• resource/aws_glue_catalog_table: Detect and report failed view creation (#​47101)

v6.38.0

Compare Source

FEATURES:

• New Action: aws_dms_start_replication_task_assessment_run (#​47058)
• New Data Source: aws_dynamodb_backups (#​47036)
• New Data Source: aws_msk_topic (#​46490)
• New Data Source: aws_savingsplans_offerings (#​47081)
• New List Resource: aws_msk_cluster (#​46490)
• New List Resource: aws_msk_serverless_cluster (#​46490)
• New List Resource: aws_msk_topic (#​46490)
• New List Resource: aws_route53_resolver_rule (#​47063)
• New List Resource: aws_sagemaker_algorithm (#​47051)
• New List Resource: aws_ssm_document (#​46974)
• New List Resource: aws_ssoadmin_account_assignment (#​47067)
• New List Resource: aws_vpc_endpoint (#​46977)
• New List Resource: aws_workmail_domain (#​46931)
• New Resource: aws_msk_topic (#​46490)
• New Resource: aws_observabilityadmin_telemetry_enrichment (#​47089)
• New Resource: aws_sagemaker_algorithm (#​47051)
• New Resource: aws_workmail_default_domain (#​46931)
• New Resource: aws_workmail_domain (#​46931)

ENHANCEMENTS:

• data-source/aws_networkfirewall_firewall_policy: Add firewall_policy.enable_tls_session_holding attribute (#​47065)
• resource/aws_bedrockagentcore_agent_runtime: Add authorizer_configuration.custom_jwt_authorizer.custom_claim configuration block (#​47049)
• resource/aws_bedrockagentcore_gateway: Add authorizer_configuration.custom_jwt_authorizer.custom_claim configuration block (#​47049)
• resource/aws_bedrockagentcore_gateway_target: Add target_configuration.mcp.api_gateway configuration block (#​46916)
• resource/aws_dynamodb_table: Add restore_backup_arn argument (#​47068)
• resource/aws_fis_experiment_template: Support KinesisStreams as a value for action.target.key (#​47010)
• resource/aws_fis_experiment_template: Support VPCEndpoints as a value for action.target.key (#​47045)
• resource/aws_mq_broker: Change user block to Optional (#​46883)
• resource/aws_msk_cluster: Add resource identity support (#​46490)
• resource/aws_msk_serverless_cluster: Add resource identity support (#​46490)
• resource/aws_networkfirewall_firewall_policy: Add firewall_policy.enable_tls_session_holding argument (#​47065)
• resource/aws_securityhub_insight: Add filters.aws_account_name configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_associated_standards_id configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_security_control_id configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_security_control_parameters_name configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_security_control_parameters_value configuration block (#​47027)
• resource/aws_ssoadmin_account_assignment: Add Resource Identity support (#​47067)

BUG FIXES:

• resource/aws_api_gateway_method: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_apigatewayv2_integration: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_apigatewayv2_route: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_apigatewayv2_stage: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_gateway_route: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_route: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_gateway: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_node: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_router: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_service: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_cloudfront_distribution_tenant: Fix panic when managed certificate is not found during creation (#​46982)
• resource/aws_controltower_control: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_default_route_table: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_gateway_association: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_private_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_private_virtual_interface_accepter: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_public_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_public_virtual_interface_accepter: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_transit_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_transit_virtual_interface_accepter: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_private_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_public_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_transit_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_ecs_express_gateway_service: Fix Provider produced inconsistent result after apply error when environment variables are defined in non-alphabetical order (#​46771)
• resource/aws_elasticache_reserved_cache_node: Fix Provider returned invalid result object after apply errors where computed attributes

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.