Skip to content

Bump the production-dependencies group across 2 directories with 1 update #425

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the production-dependencies group across 2 directories with 1 update #425

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 24, 2025
edited
Loading

Bumps the production-dependencies group with 1 update in the /terraform/envs/prod directory: hashicorp/aws.
Bumps the production-dependencies group with 1 update in the /terraform/envs/qa directory: hashicorp/aws.

Updates hashicorp/aws from 6.19.0 to 6.22.1

Release notes

Sourced from hashicorp/aws's releases.

v6.22.1

6.22.1 (November 21, 2025)

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

v6.22.0

6.22.0 (November 20, 2025)

NOTES:

  • resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

  • New Ephemeral Resource: aws_ecr_authorization_token (#44949)
  • New Guide: Tag Policy Compliance (#45143)
  • New Resource: aws_billing_view (#45097)
  • New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

  • data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
  • data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
  • data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
  • provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
  • resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
  • resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
  • resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
  • resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
  • resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
  • resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
  • resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
  • resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
  • resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
  • resource/aws_lambda_invocation: Add import support (#41240)
  • resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
  • resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
  • resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
  • resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
  • resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)

... (truncated)

Changelog

Sourced from hashicorp/aws's changelog.

6.22.1 (November 21, 2025)

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

6.22.0 (November 20, 2025)

NOTES:

  • resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

  • New Ephemeral Resource: aws_ecr_authorization_token (#44949)
  • New Guide: Tag Policy Compliance (#45143)
  • New Resource: aws_billing_view (#45097)
  • New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

  • data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
  • data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
  • data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
  • provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
  • resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
  • resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
  • resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
  • resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
  • resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
  • resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
  • resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
  • resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
  • resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
  • resource/aws_lambda_invocation: Add import support (#41240)
  • resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
  • resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
  • resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
  • resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
  • resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)
  • resource/aws_prometheus_workspace: Add plan-time validation of logging_configuration.log_group_arn (#35941)
  • resource/aws_s3_bucket_server_side_encryption_configuration: Add rule.blocked_encryption_types argument (#45105)

... (truncated)

Commits

Updates hashicorp/aws from 6.19.0 to 6.22.1

Release notes

Sourced from hashicorp/aws's releases.

v6.22.1

6.22.1 (November 21, 2025)

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

v6.22.0

6.22.0 (November 20, 2025)

NOTES:

  • resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

  • New Ephemeral Resource: aws_ecr_authorization_token (#44949)
  • New Guide: Tag Policy Compliance (#45143)
  • New Resource: aws_billing_view (#45097)
  • New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

  • data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
  • data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
  • data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
  • provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
  • resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
  • resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
  • resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
  • resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
  • resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
  • resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
  • resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
  • resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
  • resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
  • resource/aws_lambda_invocation: Add import support (#41240)
  • resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
  • resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
  • resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
  • resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
  • resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)

... (truncated)

Changelog

Sourced from hashicorp/aws's changelog.

6.22.1 (November 21, 2025)

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

6.22.0 (November 20, 2025)

NOTES:

  • resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

  • New Ephemeral Resource: aws_ecr_authorization_token (#44949)
  • New Guide: Tag Policy Compliance (#45143)
  • New Resource: aws_billing_view (#45097)
  • New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

  • data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
  • data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
  • data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
  • provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
  • resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
  • resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
  • resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
  • resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
  • resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
  • resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
  • resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
  • resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
  • resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
  • resource/aws_lambda_invocation: Add import support (#41240)
  • resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
  • resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
  • resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
  • resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
  • resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)
  • resource/aws_prometheus_workspace: Add plan-time validation of logging_configuration.log_group_arn (#35941)
  • resource/aws_s3_bucket_server_side_encryption_configuration: Add rule.blocked_encryption_types argument (#45105)

... (truncated)

Commits

Updates hashicorp/aws from 6.19.0 to 6.22.1

Release notes

Sourced from hashicorp/aws's releases.

v6.22.1

6.22.1 (November 21, 2025)

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

v6.22.0

6.22.0 (November 20, 2025)

NOTES:

  • resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

  • New Ephemeral Resource: aws_ecr_authorization_token (#44949)
  • New Guide: Tag Policy Compliance (#45143)
  • New Resource: aws_billing_view (#45097)
  • New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

  • data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
  • data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
  • data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
  • provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
  • resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
  • resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
  • resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
  • resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
  • resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
  • resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
  • resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
  • resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
  • resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
  • resource/aws_lambda_invocation: Add import support (#41240)
  • resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
  • resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
  • resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
  • resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
  • resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)

... (truncated)

Changelog

Sourced from hashicorp/aws's changelog.

6.22.1 (November 21, 2025)

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

6.22.0 (November 20, 2025)

NOTES:

  • resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

  • New Ephemeral Resource: aws_ecr_authorization_token (#44949)
  • New Guide: Tag Policy Compliance (#45143)
  • New Resource: aws_billing_view (#45097)
  • New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

  • data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
  • data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
  • data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
  • provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
  • resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
  • resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
  • resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
  • resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
  • resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
  • resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
  • resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
  • resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
  • resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
  • resource/aws_lambda_invocation: Add import support (#41240)
  • resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
  • resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
  • resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
  • resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
  • resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)
  • resource/aws_prometheus_workspace: Add plan-time validation of logging_configuration.log_group_arn (#35941)
  • resource/aws_s3_bucket_server_side_encryption_configuration: Add rule.blocked_encryption_types argument (#45105)

... (truncated)

Commits

Updates hashicorp/aws from 6.19.0 to 6.22.1

Release notes

Sourced from hashicorp/aws's releases.

v6.22.1

6.22.1 (November 21, 2025)

ENHANCEMENTS:

  • resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
  • resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

  • provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
  • provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
  • resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
  • resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

v6.22.0

6.22.0 (November 20, 2025)

NOTES:

  • resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

  • New Ephemeral Resource: aws_ecr_authorization_token (#44949)
  • New Guide: Tag Policy Compliance (#45143)
  • New Resource: aws_billing_view (#45097)
  • New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

  • data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
  • data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
  • data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
  • provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
  • resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
  • resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
  • resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
  • resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
  • resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
  • resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
  • resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
    • ...

    Description has been truncated

@dependabot
Bump the production-dependencies group across 2 directories with 1 up…
885afc4 
…date

Bumps the production-dependencies group with 1 update in the /terraform/envs/prod directory: [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws).
Bumps the production-dependencies group with 1 update in the /terraform/envs/qa directory: [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws).


Updates `hashicorp/aws` from 6.19.0 to 6.22.1
- [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-aws@v6.19.0...v6.22.1)

Updates `hashicorp/aws` from 6.19.0 to 6.22.1
- [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-aws@v6.19.0...v6.22.1)

Updates `hashicorp/aws` from 6.19.0 to 6.22.1
- [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-aws@v6.19.0...v6.22.1)

Updates `hashicorp/aws` from 6.19.0 to 6.22.1
- [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-aws@v6.19.0...v6.22.1)

---
updated-dependencies:
- dependency-name: hashicorp/aws
  dependency-version: 6.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: hashicorp/aws
  dependency-version: 6.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: hashicorp/aws
  dependency-version: 6.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: hashicorp/aws
  dependency-version: 6.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file terraform Pull requests that update terraform code labels Nov 24, 2025
@dependabot dependabot bot mentioned this pull request Nov 24, 2025
Closed
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Nov 24, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file terraform Pull requests that update terraform code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant