v3.116.0

DEPRECATIONS:

All Azure Kubernetes Service (AKS) properties related to preview features are deprecated since they will not be available in a stable API. Please see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/4.0-upgrade-guide#aks-migration-to-stable-api for more details (#26863)

FEATURES:

• New Resource: azurerm_ai_services (#26008)
• New Resource: azurerm_communication_service_email_domain_association (#26432)
• New Resource: azurerm_dev_center_project_environment_type (#26941)
• New Resource: azurerm_extended_location_custom_location (#24267)
• New Resource: azurerm_postgresql_flexible_server_virtual_endpoint (#26708)

ENHANCEMENTS:

• notificationhub - updating to use version 2023-09-01 (#26528)
• azurerm_api_management_api - update validation of path to allow single character strings (#26922)
• azurerm_cosmosdb_account - add support for the property burst_capacity_enabled (#26986)
• azurerm_linux_function_app - add support for vnet_image_pull_enabled property in 4.0 (#27001)
• azurerm_linux_function_app_slot - add support for vnet_image_pull_enabled property in 4.0 (#27001)
• azurerm_logic_app_standard - add support for v8.0 in site_config.dotnet_framework_version (#26983)
• azurerm_management_group_policy_assignment - remove length restriction on name (#27055)
• azurerm_recovery_services_vault - add support for the identity block (#26254)
• azurerm_web_application_firewall_policy - add support for the js_challenge_cookie_expiration_in_minutes property (#26878)
• azurerm_windows_function_app - add support for vnet_image_pull_enabled property in 4.0 (#27001)
• azurerm_windows_function_app_slot - add support for vnet_image_pull_enabled property in 4.0 (#27001)

BUG FIXES:

• Data Source: azurerm_storage_account - add default_share_level_permission to the azure_files_authentication to prevent invalid address errors (#26996)
• Data Source: azurerm_search_service - expose the tags property (#26978)
• Data Source: azurerm_virtual_machine - populate missing power_state (#26991)
• Data Source: azurerm_virtual_machine_scale_set - populate missing power_state (#26991)
• azurerm_api_management_api_schema - correctly unmarshal definition and components (#26531)
• azurerm_cdn_frontdoor_secret - fix issue where expiration_date was being set into the parent block (#26982)
• azurerm_container_app_environment - fix diff suppress on infrastructure_resource_group_name (#27007)
• azurerm_express_route_connection - prevent sending private_link_fast_path_enabled in the payload if it hasn't been explicitly set (#26928)
• azurerm_machine_learning_workspace - serverless_compute can now be updated (#26940)
• azurerm_mssql_database - fix issue where the database cannot be upgraded to use serverless due to the behaviour of the license_type field (#26850)
• azurerm_mssql_database - prevent error when creating Free edition by setting long_term_retention_policy and short_term_retention_policy as empty (#26894)
• azurerm_nginx_deployment - omit capacity when creating deployments with a basic plan (#26223)
• azurerm_role_management_policy - prevent panic when updating activation_rules.approval_stage (#26800)
• azurerm_sentinel_threat_intelligence_indicator - prevent panic when importing this resource (#26976)
• azurerm_servicebus_namespace - fix panic reading encryption with versionless ids (#27060)
• azurerm_synapse_spark_pool - prevent plan diff due to API behaviour by setting node_count as Computed (#26953)
• azurerm_virtual_network_gateway_connection - fix issue where ingress_nat_rule_ids was updating the egress rules on updates (#27022)

v3.115.0

ENHANCEMENTS:

• cosmosdb - updating to use version 2024-05-15 (#26758)
• healthcare - updating to use version 2024-03-31 (#26699)
• redis - updating to use version 2024-03-01 (#26932)
• azurerm_cosmosdb_account - avoid infinite diff to default_identity_type for legacy resources where an empty string is returned by the RP (#26525)
• azurerm_linux_virtual_machine_scale_set - add support for the action property in the automatic_instance_repair block (#26227)
• azurerm_log_analytics_saved_search - update the regex for the function_parameters property to support more paramters (#26701)
• azurerm_monitor_data_collection_rule - update performance_counter.x.sampling_frequency_in_seconds range 1 to 1800 (#26898)
• azurerm_orchestrated_virtual_machine_scale_set - add support for the action property in the automatic_instance_repair block (#26227)
• azurerm_security_center_storage_defender - add support for the property scan_results_event_grid_topic_id (#26599)
• azurerm_storage_account - add support for the property default_share_level_permission in the azure_files_authentication block (#26924)
• azurerm_web_application_firewall_policy - excluded_rule_set.0.type supports Microsoft_BotManagerRuleSet (#26903)
• azurerm_windows_virtual_machine_scale_set - add support for the action property in the automatic_instance_repair block (#26227)

BUG FIXES:

• azurerm_container_group - retrieve and set storage_account_key in the payload when updating the resource (#26640)
• azurerm_key_vault_managed_hardware_security_module_role_assignment - fixed a crash in error messages (#26972)
• azurerm_kubernetes_cluster - allow an empty list for dns_zone_ids in the web_app_routing block (#26747)
• azurerm_storage_share_file - fix a bug when encoding the MD5 hash for the content_md5 property (#25715)

v3.114.0

UPGRADE NOTES:

• 4.0 Beta: This release includes a new feature-flag to opt-into the 4.0 Beta - which (when enabled) introduces a number of behavioural changes, field renames and removes some older deprecated resources and data sources. Please read the disclaimers carefully that are outlined in our guide on how to opt-into the 4.0 Beta before enabling this, as this will cause irreversible changes to your state. The 4.0 Beta is still a work-in-progress at this time and the changes listed in the 4.0 Upgrade Guide may change. We're interested to hear your feedback which can be provided by following this link.

FEATURES:

• New Resource: azurerm_dev_center_network_connection (#26718)
• New Resource: azurerm_stack_hci_logical_network (#26473)

ENHANCEMENTS:

• dependencies: updating go-azure-helpers to v0.70.1 (#26757)
• arckubernetes - updating to use version 2024-01-01 (#26761)
• data.azurerm_storage_account - the enable_https_traffic_only property has been superseded by https_traffic_only_enabled (#26740)
• azurerm_log_analytics_cluster - add support for setting size_gb to 100 [GH-#26865]
• azurerm_storage_account - the enable_https_traffic_only property has been superseded by https_traffic_only_enabled (#26740)

BUG FIXES:

• azurerm_dns_cname_record - split create and update function to fix lifecycle - ignore (#26610)
• azurerm_dns_srv_record - split create and update function to fix lifecycle - ignore (#26627)
• azurerm_kubernetes_cluster - fix issue that prevented max_count from being updated (#26417)
• azurerm_linux_web_app - correctly set site_config.always_on as configured during Update (#25753)
• azurerm_linux_web_app_slot - correctly set site_config.always_on as configured during Update (#25753)
• azurerm_management_group_policy_remediation - fix panic in deprecated schema change for 4.0 (#26767)
• azurerm_network_security_rule - fix panic when updating source_port_ranges (#26883)
• azurerm_public_ip - fix panix when updating idle_timeout_in_minutes

DEPRECATIONS:

• azurerm_redis_cache - enable_non_ssl_port has been superseded by non_ssl_port_enabled and redis_configuration. enable_authentication has been superseded by redis_configuration.authentication_enabled (#26608)

v3.113.0

ENHANCEMENTS:

• dependencies: updating to v0.20240715.1100358 of hashicorp/go-azure-sdk (#26638)
• storage - updating to use hashicorp/go-azure-sdk (#26218)

BUG FIXES:

• azurerm_storage_account - fix a validation bug when replacing a StorageV2 account with a StorageV1 account (#26639)
• azurerm_storage_account - resolve an issue refreshing blob or queue properties after recreation (#26218)
• azurerm_storage_account - resolve an issue setting tags for an existing storage account where a policy mandates them (#26218)
• azurerm_storage_account - fix a persistent diff with the customer_managed_key block (#26218)
• azurerm_storage_account - resolve several consistency related issues when crreating a new storage account (#26218)

DEPRECATIONS:

• azurerm_eventhub_namespace - deprecate the zone_redundant field in v4.0 (#26611)
• azurerm_servicebus_namespace - deprecate the zone_redundant field in v4.0 (#26611)

v3.112.0

FEATURES:

• New Data Source: azurerm_elastic_san_volume_snapshot (#26439)
• New Resource: azurerm_dev_center_dev_box_definition (#26307)
• New Resource: azurerm_dev_center_environment_type (#26291)
• New Resource: azurerm_virtual_machine_restore_point (#26526)
• New Resource: azurerm_virtual_machine_restore_point_collection (#26526)

ENHANCEMENTS:

• dependencies: updating to v0.20240710.1114656 of github.com/hashicorp/go-azure-sdk (#26588)
• dependencies: updating to v0.70.0 of go-azure-helpers (#26601)
• containerservice: updating the Fleet resources to use API Version 2024-04-01 (#26588)
• Data Source: azurerm_network_service_tags - extend validation for service to allow AzureFrontDoor.Backend, AzureFrontDoor.Frontend, and AzureFrontDoor.FirstParty (#26429)
• azurerm_api_management_identity_provider_aad - support for the client_library property (#26093)
• azurerm_api_management_identity_provider_aadb2c - support for the client_library property (#26093)
• azurerm_dev_test_virtual_network - support for the shared_public_ip_address property (#26299)
• azurerm_kubernetes_cluster - support for the certificate_authority block under the service_mesh_profile block (#26543)
• azurerm_linux_web_app - support the value 8.3 for the php_version property (#26194)
• azurerm_machine_learning_compute_cluster - the identity property can now be updated (#26404)
• azurerm_web_application_firewall_policy - support for the JSChallenge value for managed_rules.managed_rule_set.rule_group_override.rule_action (#26561)

BUG FIXES:

• Data Source: azurerm_communication_service - primary_connection_string, primary_key, secondary_connection_string and secondary_key are marked as Sensitive (#26560)
• azurerm_app_configuration_feature - fix issue when updating the resource without an existing targeting_filter (#26506)
• azurerm_backup_policy_vm - split create and update function to fix lifecycle - ignore (#26591)
• azurerm_backup_protected_vm - split create and update function to fix lifecycle - ignore (#26583)
• azurerm_communication_service - the primary_connection_string, primary_key, secondary_connection_string, and secondary_key properties are now sensitive (#26560)
• azurerm_mysql_flexible_server_configuration - add locks to prevent conflicts when deleting the resource (#26289)
• azurerm_nginx_deployment - changing the frontend_public.ip_address, frontend_private.ip_address, frontend_private.allocation_method, and frontend_private.subnet_id now creates a new resource (#26298)
• azurerm_palo_alto_local_rulestack_rule - correctl read the protocol property on read when the protocol_ports property is configured (#26510)
• azurerm_servicebus_namespace - parse the identity returned by the API insensitively before setting into state (#26540)

DEPRECATIONS:

• azurerm_servicebus_queue - enable_batched_operations, enable_express and enable_partitioning are superseded by batched_operations_enabled, express_enabled and partitioning_enabled (#26479)
• azurerm_servicebus_subscription - enable_batched_operations has been superseded by batched_operations_enabled (#26479)
• azurerm_servicebus_topic - enable_batched_operations, enable_express and enable_partitioning are superseded by batched_operations_enabled, express_enabled and partitioning_enabled (#26479)

v3.111.0

FEATURES:

• New Resource: azurerm_restore_point_collection (#26518)

ENHANCEMENTS:

• dependencies: updating to v0.20240701.1082110 of github.com/hashicorp/go-azure-sdk (#26502)
• azurerm_disk_encryption_set - support for the managed_hsm_key_id property (#26201)
• azurerm_firewall_policy - remove Computed from the sku property and add a default of Standard in 4.0 (#26499)
• azurerm_kubernetes_cluster - support updating default_node_pool.os_sku between Ubuntu and AzureLinux (#26262)
• azurerm_kubernetes_cluster_node_pool - support updating os_sku between Ubuntu and AzureLinux (#26139)
• azurerm_service_plan - support for new the Flex Consumption plan (#26351)

BUG FIXES:

• azurerm_kubernetes_cluster - prevent a panic (#26478)
• azurerm_kubernetes_cluster - prevent a diff in upgrade_settings when the API returns an empty object (#26541)
• azurerm_kubernetes_cluster_node_pool - prevent a diff in upgrade_settings when the API returns an empty object (#26541)
• azurerm_virtual_network_gateway - split create and update function to fix lifecycle - ignore (#26451)
• azurerm_virtual_network_gateway_connection - split create and update function to fix lifecycle - ignore (#26431)

v3.110.0

FEATURES:

• New Data Source: azurerm_load_test (#26376)
• New Resource: azurerm_virtual_desktop_scaling_plan_host_pool_association (#24670)

ENHANCEMENTS:

• Data Source: azurerm_monitor_data_collection_endpoint - support for the immutable_id property (#26380)
• Data Source: azurerm_nginx_certificate - export the properties sha1_thumbprint, key_vault_secret_version, key_vault_secret_creation_date, error_code and error_message (#26160)
• azurerm_backup_policy_vm - support for the tiering_policy property (#26263)
• azurerm_kubernetes_cluster_node_pool - Pod Disruption Budgets are now respected when deleting a node pool (#26471)
• azurerm_monitor_data_collection_endpoint - support for the immutable_id property (#26380)
• azurerm_mssql_managed_instance - support the value GZRS for the storage_account_type property (#26448)
• azurerm_mssql_managed_instance_transparent_data_encryption - support for the managed_hsm_key_id property (#26496)
• azurerm_redis_cache_access_policy - allow updates to permissions (#26440)
• azurerm_redhat_openshift_cluster - support for the managed_resource_group_name property (#25529)
• azurerm_redhat_openshift_cluster - support for the preconfigured_network_security_group_enabled property (#26082)
• azurerm_iotcentral_application - remove Computed from template and set default of [email protected] in 4.0 (#26485)
• azurerm_digital_twins_time_series_database_connection - remove Computed from kusto_table_name and set a default of AdtPropertyEvents in 4.0 (#26484)

BUG FIXES:

• Data Source: azurerm_express_route_circuit_peering - fix issue where data source attempts to parse an empty string instead of generating the resource ID (#26441)
• azurerm_express_route_gateway - prevent a panic (#26467)
• azurerm_monitor_scheduled_query_rules_alert_v2 - correctly handle the identity block if not specified (#26364)
• azurerm_security_center_automation - prevent resource recreation when tags are updated (#26292)
• azurerm_synapse_workspace - fix issue where azure_devops_repo or github_repo configuration could not be removed (#26421)
• azurerm_virtual_network_dns_servers - split create and update function to fix lifecycle - ignore (#26427)
• azurerm_linux_function_app - set allowed_applications in the request payload (#26462)
• azurerm_linux_function_app_slot - set allowed_applications in the request payload (#26462)
• azurerm_windows_function_app - set allowed_applications in the request payload (#26462)
• azurerm_windows_function_app_slot - set allowed_applications in the request payload (#26462)
• azurerm_linux_web_app - set allowed_applications in the request payload (#26462)
• azurerm_linux_web_app_slot - set allowed_applications in the request payload (#26462)
• azurerm_windows_web_app - set allowed_applications in the request payload (#26462)
• azurerm_windows_web_app_slot - set allowed_applications in the request payload (#26462)
• azurerm_api_management - remove ForceNew from additional_location.zones (#26384)
• azurerm_logic_app_integration_account_schema - the name property now allows underscores (#26475)
• azurerm_palo_alto_local_rulestack_rule - prevent error when switching between protocol and protocol_ports (#26490)

DEPRECATIONS:

• azurerm_analysis_service_server - the property enable_power_bi_service has been superseded by power_bi_service_enabled (#26456)

v3.109.0

FEATURES:

• New Data Source: azurerm_automation_runbook (#26359)
• New Resource: azurerm_data_protection_backup_instance_postgresql_flexible_server (#26249)
• New Resource: azurerm_email_communication_service_domain (#26179)
• New Resource: azurerm_system_center_virtual_machine_manager_cloud (#25429)
• New Resource: azurerm_system_center_virtual_machine_manager_virtual_machine_template (#25449)
• New Resource: azurerm_system_center_virtual_machine_manager_virtual_network (#25451)

ENHANCEMENTS:

• Data Source: azurerm_hdinsight_cluster - export the cluster_id attribute (#26228)
• azurerm_cosmosdb_sql_container - support for the partition_key_kind and partition_key_paths properties (#26372)
• azurerm_data_protection_backup_instance_blob_storage - support for the storage_account_container_names property (#26232)
• azurerm_virtual_network_peering - support for the peer_complete_virtual_networks_enabled, only_ipv6_peering_enabled, local_subnet_names, and remote_subnet_names properties (#26229)
• azurerm_virtual_desktop_host_pool - changing the preferred_app_group_type property no longer creates a new resource (#26333)
• azurerm_maps_account - support for the location, identity, cors and data_store properties (#26397)

BUG FIXES:

• azurerm_automation_job_schedule - updates azurerm_automation_job_schedule to use a composite resource id and allows azurerm_automation_runbook to be updated without causing azurerm_automation_job_schedule to recreate (#22164)
• azurerm_databricks_workspace- correctly allow disabling the default firewall (#26339)
• azurerm_virtual_hub_* - spliting create and update so lifecycle ignore changes works correctly (#26310)

DEPRECATIONS:

• Data Source: azurerm_mariadb_server - deprecated since the service is retiring. Please use azurerm_mysql_flexible_server instead (#26354)
• azurerm_mariadb_configuration - deprecated since the service is retiring. Please use azurerm_mysql_flexible_server_configuration instead (#26354)
• azurerm_mariadb_database - deprecated since the service is retiring. Please use azurerm_mysql_flexible_database instead (#26354)
• azurerm_mariadb_firewall_rule - deprecated since the service is retiring. Please use azurerm_mysql_flexible_server_firewall_rule instead (#26354)
• azurerm_mariadb_server - deprecated since the service is retiring. Please use azurerm_mysql_flexible_server instead (#26354)
• azurerm_mariadb_virtual_network_rule - deprecated since the service is retiring (#26354)

v3.108.0

FEATURES:

• New Data Source: azurerm_role_management_policy (#25900)
• New Resource: azurerm_role_management_policy (#25900)

ENHANCEMENTS:

• provider: support subscription ID hinting when using Azure CLI authentication (#26282)
• serviceconnector: updating to use API Version 2024-04-01 (#26248)
• azurerm_container_groups - can now be created with a User Assigned Identity when running Windows (#26308)
• azurerm_kubernetes_cluster - updating the network_profile.network_policy property to azure and calico when it hasn't been previously set is supported (#26176)
• azurerm_kubernetes_cluster - respect Pod Distruption Budgets when rotating the default_node_pool (#26274)
• azurerm_lb_backend_address_pool - support for the synchronous_mode property (#26309)
• azurerm_private_endpoint - support symultaneous creation of multiple resources of this type per subnet (#26006)

BUG FIXES:

• azurerm_express_route_circuit_peering, azurerm_express_route_circuit, azurerm_express_route_gateway, azurerm_express_route_port - split create and update (#26237)
• azurerm_lb_backend_address_pool_address - when using this resource, values are no longer reset on azurerm_lb_backend_address_pool (#26264)
• azurerm_route_filter - spliting create and update so lifecycle ignore changes works correctly (#26266)
• azurerm_route_server - spliting create and update so lifecycle ignore changes works correctly (#26266)
• azurerm_synapse_workspace - updates the client used in all operations of azurerm_synapse_workspace_sql_aad_admin to prevent this resource from modifying the same resource as azurerm_synapse_workspace_aad_admin (#26317)
• azurerm_virtual_network - correctly parse network securty group IDs (#26283)

DEPRECATIONS:

• Data Source: azurerm_network_interface - the enable_ip_forwarding and enable_accelerated_networking properties have been deprecated and superseded by the ip_forwarding_enabled and accelerated_networking_enabled properties (#26293)
• azurerm_api_management - the policy block has been deprecated is superseded by the azurerm_api_management_policy resource (#26305)
• azurerm_kubernetes_cluster - the ebpf_data_plane property has been deprecated and superseded by the network_data_plane property (#26251)
• azurerm_network_interface - the enable_ip_forwarding and enable_accelerated_networking properties have been deprecated and superseded by the ip_forwarding_enabled and accelerated_networking_enabled properties (#26293)
• azurerm_synapse_workspace - the aad_admin and sql_aad_admin blocks have been deprecated and superseded by the azurerm_synapse_workspace_aad_admin and azurerm_synapse_workspace_sql_aad_admin resources (#26317)

v3.107.0

FEATURES:

• New Resource: azurerm_data_protection_backup_policy_postgresql_flexible_server (#26024)

ENHANCEMENTS:

• dependencies: updating to v0.20240604.1114748 of github.com/hashicorp/go-azure-sdk (#26216)
• advisor: update API version to 2023-01-01 (#26205)
• keyvault: handling the Resources API returning Key Vaults that have been deleted when populating the cache (#26199)
• machinelearning: update API version to 2024-04-01 (#26168)
• network/privatelinkservices - update to use hashicorp/go-azure-sdk (#26212)
• network/serviceendpointpolicies - update to use hashicorp/go-azure-sdk (#26196)
• network/virtualnetworks - update to use hashicorp/go-azure-sdk (#26217)
• network/virtualwans: update route resources to use hashicorp/go-azure-sdk (#26189)
• azurerm_container_app_job - support for the key_vault_secret_id and identity properties in the secret block (#25969)
• azurerm_kubernetes_cluster - support forthe dns_zone_ids popperty in the web_app_routing block (#26117)
• azurerm_notification_hub_authorization_rule - support for the primary_connection_string and secondary_connection_string properties (#26188)
• azurerm_subnet - support for the default_outbound_access_enabled property (#25259)

BUG FIXES:

• azurerm_api_management_named_value - will now enforce setting the secret property when setting the value_from_key_vault property (#26150)
• azurerm_storage_sync_server_endpoint - improve pooling to work around api inconsistencies (#26204)
• azurerm_virtual_network - split create and update function to fix lifecycle - ignore (#26246)
• azurerm_vpn_server_configuration - split create and update function to fix lifecycle - ignore (#26175)
• azurerm_vpn_server_configuration_policy_group - split create and update function to fix lifecycle - ignore (#26207)
• azurerm_vpn_site - split create and update function to fix lifecycle - ignore changes (#26163)

DEPRECATIONS:

• azurerm_kubernetes_cluster - the property dns_zone_id has been superseded by the property dns_zone_ids in the web_app_routing block (#26117)
• azurerm_nginx_deployment - the block configuration has been deprecated and superseded by the resource azurerm_nginx_configuration (#25773)