chore(deps): update terraform-gcp to v7 (major)

[renovate]

Note

Mend has cancelled the proposed renaming of the Renovate GitHub app being renamed to mend[bot].

This notice will be removed on 2025-10-07.

---

This PR contains the following updates:

Package	Type	Update	Change
google (source)	required_provider	major	~> 6.49.0 -> ~> 7.5.0
google (source)	required_provider	major	~> 6.5 -> ~> 7.0
google-beta (source)	required_provider	major	~> 6.49.0 -> ~> 7.5.0

---

Release Notes

hashicorp/terraform-provider-google (google)

v7.5.0

Compare Source

BREAKING CHANGES:

• netapp: changed peer_ip_addresses field type from String to Array in google_netapp_volume resource, as it was unusable otherwise (#​24428)

FEATURES:

• New Data Source: google_artifact_registry_maven_artifacts (#​24487)
• New Data Source: google_artifact_registry_npm_packages (#​24486)
• New Resource: google_apigee_api_deployment (#​24469)
• New Resource: google_discovery_engine_data_connector (#​24472)
• New Resource: google_managed_kafka_connect_cluster (#​24443)
• New Resource: google_managed_kafka_connector (#​24443)
• New Resource: google_kms_organization_kaj_policy_config (#​24471)
• New Resource: google_saas_runtime_rollout_kind (#​24447)

IMPROVEMENTS:

• cloudrunv2: added mount_options in gcsfuse volumes for google_cloud_run_v2_service, google_cloud_run_v2_job, and google_cloud_run_v2_workerpool resources. (#​24413)
• cloudrunv2: added startup_probe and liveness_probe to google_cloud_run_v2_worker_pool resource (#​24418)
• compute: added bandwidth_allocation field to google_compute_wire_group resource (#​24460)
• compute: added shared_secret_wo and shared_secret_wo_version fields for google_compute_vpn_tunnel resource, enabling write-only management of the shared secret. (#​24491)
• dialogflow: added new_recognition_result_notification_config field to google_dialogflow_conversation_profile resource (#​24468)
• discoveryengine: added features field to google_discovery_engine_search_engine resource (#​24445)
• dlp: added other_cloud_target and other_cloud_starting_location to google_data_loss_prevention_discovery_config (#​24463)
• gkebackup: added backup_config.selected_namespace_labels field to google_gke_backup_backup_plan resource (#​24427)
• looker: added gemini_enabled field to google_looker_instance resource (#​24461)
• netapp: added hot_tier_bypass_mode_enabled and hot_tier_size_used_gib fields to google_netapp_volume (#​24454)
• netapp: added hot_tier_size_gib, enable_hot_tier_auto_resize, cold_tier_size_used_gib and hot_tier_size_used_gib fields to google_netapp_storage_pool (#​24454)
• oracledatabase: added gcp_oracle_zone field to google_oracle_database_odb_network resource (#​24456)
• privilegedaccessmanager: added approval_workflow.steps.id field to google_privileged_access_manager_entitlement resource (#​24419)
• pubsub: added support for tags field to google_pubsub_topic and google_pubsub_subscription resources (#​24442)
• sql: added point_in_time_restore_context field to google_sql_database_instance (#​24489)
• storage: added force_destroy field to google_storage_insights_report_config resource (#​24462)
• storageinsights: added activity_data_retention_period_days field to google_storage_insights_dataset_config resource (#​24459)
• vertexai: added endpoint_config.private_service_connect_config block to google_vertex_ai_endpoint_with_model_garden_deployment resource (#​24425)
• vertexai: added encryption_spec.kms_key_name field to google_vertex_ai_index_endpoint resource (#​24490)
• vertexai: added encryption_spec.kms_key_name field to google_vertex_ai_index resource (#​24441)

BUG FIXES:

• apihub: fixed a permadiff on config_template in google_apihub_plugin resource (#​24429)
• storage: fixed a panic caused by empty cors blocks google_storage_bucket resource (#​24476)

v7.4.0

Compare Source

DEPRECATIONS:

• compute: deprecated the option to deploy a container during VM creation using the container startup agent in google_compute_instance. Use alternative services to run containers on your VMs. Learn more at https://cloud.google.com/compute/docs/containers/migrate-containers. (#​24375)

FEATURES:

• New Data Source: google_artifact_registry_maven_artifact (#​24358)
• New Data Source: google_compute_interconnect_location (#​24377)
• New Resource: google_network_services_wasm_plugin (#​24406)
• New Resource: google_resource_manager_capability (#​24404)

IMPROVEMENTS:

• cloudrunv2: added mount_options in gcsfuse volumes for google_cloud_run_v2_service, google_cloud_run_v2_job, and google_cloud_run_v2_workerpool resources. (#​24413)
• compute: added cipher_suite field to google_compute_vpn_tunnel resource. (#​24378)
• container: added auto_ipam_config to google_container_cluster resource. (#​24396)
• storage: added support for timeouts to google_storage_bucket_iam_binding, google_storage_bucket_iam_member, google_storage_bucket_iam_policy resources (#​24376)

BUG FIXES:

• bigtable: fixed node_scaling_factor forcing new instance on google_bigtable_instance when adding new cluster (#​24410)
• cloudscheduler: fixed a type assertion panic in google_cloud_scheduler_job when processing HTTP headers with nil or unexpected data types (#​24360)
• compute: fixed the Network field cannot be modified issue in google_compute_region_backend_service. Now updating the network field will force the resource to be recreated. (#​24398)
• netapp: fixed incorrect default value handling in google_netapp_volume for export_policy.rules attributes has_root_access and squash_mode. When not specified, these fields will now take on the API default value with no diff. (#​24395)
• netapp: updated google_netapp_storage_pool to source the default value for the qos_type field from the API. If not specified in the configuration, qos_type will now default to the value provided by the NetApp Volumes API. (#​24394)
• sql: fixed the permadiffs on disk_size when disk_autoresize is enabled in google_sql_database_instance (#​24399)
• workbench: added retry for unable to queue the operation 409 errors in google_workbench_instance resource. (#​24392)

v7.3.0

Compare Source

FEATURES:

• New Data Source: google_backup_dr_data_source_reference (#​24346)
• New Resource: google_bigquery_datapolicyv2_data_policy (#​24313)
• New Resource: google_saas_runtime_release (#​24289)
• New Resource: google_secure_source_manager_hook (#​24345)

IMPROVEMENTS:

• cloudrun: added sub_path field to google_cloud_run_service resource. (#​24341)
• cloudrunv2: added sub_path field to google_cloud_run_v2_service google_cloud_run_v2_job and google_cloud_run_v2_worker_pool resource. (#​24341)
• compute: added labels and label_fingerprint fields to google_compute_security_policy resource (#​24322)
• compute: labels under initialize_params are now updatable on google_compute_instance (#​24349)
• container: added new fields memory_manager and topology_manager to node_kubelet_config block (#​24277)
• datastream: added destination_config.bigquery_destination_config.source_hierarchy_datasets.project_id field to google_datastream_stream resource (#​24340)
• discoveryengine: added app_type field to google_discovery_engine_search_engine resource (#​24320)
• gkeonprem: added proxy field to google_gkeonprem_vmware_admin_cluster resource (#​24338)
• healthcare: added validation_config to google_healthcare_fhir_store resource (#​24336)
• iamworkforcepool: added extended_attributes field to workforce_pool_provider resource (#​24308)
• netapp: added export_policy.rules.squash_mode field to google_netapp_volume resource. (#​24350)
• privateca: added encryption_spec field to google_privateca_ca_pool resource (#​24328)
• run: added connector to vpc_access on google_cloud_run_v2_worker_pool resource (#​24337)
• tags: added the DATA_GOVERNANCE value to google_tags_tag_key.purpose (#​24307)

BUG FIXES:

• bigquery: updated the schema change detection for google_bigquery_table to take into account presence of row access policy (#​24284)
• compute: fixed allow_global_access to correctly be immutable for google_compute_forwarding_rule resources with load balancing scheme of INTERNAL_MANAGED (#​24312)
• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​24353)
• dialogflow: added support for non-global endpoints for google_dialogflow_conversation_profile (#​24351)
• publicca: use RawURLEncoding instead of URLEncoding for unpadded base64 encoding (#​24283)
• secretmanager: fixed a panic in google_secret_manager_secret_version in a secret_manager (#​24326)
• workbench: fixed issue that resource creation with computed labels field fails in google_workbench_instance resource (#​24311)
• workbench: made report-notebook-metrics metadata key settable for google_workbench_instance (#​24310)

v7.2.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_python_package (#​24267)
• New Data Source: google_backup_dr_data_source_references (#​24268)
• New Resource: google_discovery_engine_acl_config (#​24276)
• New Resource: google_saas_runtime_unit_kind (#​24236)

IMPROVEMENTS:

• chronicle: made the scope_info field in google_chronicle_reference_list configurable (#​24250)
• compute: added header_action to path_matcher and default_service level on google_compute_region_url_map resource (#​24253)
• container: added secret_manager_config.rotation_config field to google_container_cluster resource (#​24244)
• container: added new fields memory_manager and topology_manager to google_container_cluster.node_config.kubelet_config and google_container_node_pool.node_config.kubelet_config (#​24277)
• sql: added final_backup_description and final_backup_config fields to google_sql_database_instance resource (#​24273)
• storage: added aws_s3_compatible_data_source to google_storage_transfer_job resource (#​24241)

BUG FIXES:

• provider: fixed an issue with universe_domain where the provider tried to connect to "googleapis.com" for user email logging when universe_domain was set (#​24238)
• container: fixed a faulty diff for arrays on user_managed_keys_config that caused faulty cluster updates to be triggered in google_container_cluster (#​24256)
• osconfig: fixed a permadiff in google_osconfig_patch_deployment where patch_config.yum.minimal doesn't send false for empty values (#​24247)

v7.1.1

Compare Source

BUG FIXES:

• bigtable: fixed an error encountered when applying google_bigtable_table_iam_* resources after upgrading to 7.x and replacing instance with instance_name (#​24255)

v7.1.0

Compare Source

DEPRECATIONS:

• container: deprecated enterprise_config field in google_container_cluster resource. GKE Enterprise features are now available without an Enterprise tier. (#​24210)
• storage: removed deprecated status for field to detect_md5hash in google_storage_bucket_object resource (#​24147)

FEATURES:

• New Data Source: google_iap_web_forwarding_rule_service_iam_policy (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_binding (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_member (#​24178)
• New Resource: google_iap_web_forwarding_rule_service_iam_policy (#​24178)

IMPROVEMENTS:

• artifactregistry: added registry_uri as attribute to google_artifact_registry_repository (#​24164)
• backupdr: added 'supported_resource_types' field to google_backup_dr_backup_plan resource (#​24189)
• backupdr: added create_time field to google_backup_dr_backup data source (#​24183)
• cloudbuild: added worker_config.enable_nested_virtualization field to google_cloudbuild_worker_pool resource (#​24176)
• cloudrunv2: added support for multi_region_settings field to google_cloud_run_v2_service resource (#​24149)
• compute: add params.resource_manager_tags field to the google_compute_region_backend_service (#​24191)
• compute: added public_delegated_sub_prefixs field to resource google_compute_public_delegated_prefix (#​24202)
• compute: added update_strategy field to google_compute_network_peering resource (#​24180)
• firestore: added unique field to google_firestore_index resource (#​24163)
• netapp: added qos_type and available_throughput_mibps fields to google_netapp_storage_pool resource (#​24161)
• netapp: added throughput_mibps field to google_netapp_volume resource (#​24161)
• networkservices: allowed EXPLICIT_ROUTING_MODE for routing_mode on google_network_services_gateway resource (#​24151)
• sql: added consumer_network_status, ip_address, and status fields to psc_auto_connections field on google_sql_database_instance resource (#​24201)
• storagetransfer: added service_account field to google_storage_transfer_job resource (#​24193)
• storagetransfer: added transfer_spec.aws_s3_data_source.credentials_secret to google_storage_transfer_job resource (#​24152)

BUG FIXES:

• compute: fixed certain spurious diffs for google_compute_region_backend_service.backend.group (#​24157)
• compute: fixed permadiff on google_compute_region_network_endpoint_group when no network is specified (#​24182)
• memorystore: fixed permadiffs that cause destroy+recreate on new google_memorystore_instance when desired_psc_auto_connections is set (#​24212)
• netapp: fixed a permadiff on total_iops in google_netapp_storage_pool resource (#​24207)
• oracledatabase: fixed permadiffs on google_oracle_database_autonomous_database resource for the odb_network and odb_subnet fields (#​24184)

v7.0.1

Compare Source

BUG FIXES:

• storage: fixed a conversion crash in google_storage_bucket state migration #​24186

v7.0.0

Compare Source

Terraform Google Provider 7.0.0 Upgrade Guide

BREAKING RESOURCE REMOVALS:

• beyondcorp: removed google_beyondcorp_application, its associated IAM resources google_beyondcorp_application_iam_binding, google_beyondcorp_application_iam_member, and google_beyondcorp_application_iam_policy, and the google_beyondcorp_application_iam_policy datasource. Use google_beyondcorp_security_gateway_application instead. #​23999
• notebooks: removed google_notebooks_location #​23607
• tpu: removed google_tpu_node. Use google_tpu_v2_vm instead. #​23964

BREAKING FIELD REMOVALS:

• cloudrunv2: removed template.containers.depends_on within resource google_cloud_run_v2_worker_pool #​23815
• colab: removed post_startup_script_config field from from google_colab_runtime_template resource #​24026
• compute: removed field enable_flow_logs from google_compute_subnetwork #​23704
• gkehub: removed configmanagement.binauthz field in google_gke_hub_feature_membership #​24076
• gkehub: removed description field in google_gke_hub_membership #​23587
• memorystore: removed allow_fewer_zones_deployment field from google_memorystore_instance resource because it isn't user-configurable #​24079
• redis: removed allow_fewer_zones_deployment field from google_redis_cluster resource because it isn't user-configurable #​24079
• resourcemanager: removed non-functional project field from google_service_account_key datasource #​24000
• vertexai: removed enable_secure_private_service_connect in google_vertex_ai_endpoint #​23843

BREAKING INCREASED VALIDATION:

• cloudfunctions2: made event_type a required field for event_trigger in google_cloudfunctions2_function #​23918
• networkservices: made load_balancing_scheme required in google_network_services_lb_traffic_extension #​23748
• sql: made password_wo_version required when password_wo is set in google_sql_user #​24083
• storage: added validation requiring the topic field to be in the form "projects//topics/" in google_storage_notification #​24135
• storagetransfer: added path validation for GCS path source and sink in google_storage_transfer_job #​23493
• vertexai: made metadata, and metadata.config required in google_vertex_ai_index. Resource creation would fail without these attributes already, so no change is necessary to existing configurations. #​23971

OTHER BREAKING CHANGES:

• alloydb: added deletion_protection field with a default value of true to google_alloydb_cluster resource #​24024
• apigee: changed certs_info field in google_apigee_keystores_aliases_key_cert_file to be output-only #​24135
• apigee: migrated google_apigee_keystores_aliases_key_cert_file to the plugin framework #​24135
• artifactregistry: removed the default values for public_repository fields in google_artifact_registry_repository. If your state is reliant on them, they will now need to be manually included in your configuration. #​23970
• bigquery: removed the default value of view.use_legacy_sql in google_bigquery_table #​24065
• bigtable: renamed instance to instance_name for bigtable_table_iam objects #​23399
• billing: made budget_filter.credit types and budget_filter.subaccounts no longer optional+computed, only optional, in google_billing_budget resource #​24078
• cloudfunctions2: changed service_config.service field in google_cloudfunctions2_function resource to be output-only #​23790
• compute: subnetworks and instances fields in google_compute_packet_mirroring have been converted from arrays to sets #​24021
• compute: advertised_ip_ranges field group in google_compute_router has been converted from a list to a set #​24030
• compute: disk.type, disk.mode and disk.interface no longer use provider configured default values and instead will be set by the API in google_compute_instance_template and google_compute_region_instance_template resources #​24055
• provider: fixed many import functions throughout the provider that erroneously matched a subset of the provided input, leading to unclear error messages when using terraform input with invalid resource IDs. #​24010
• resourcemanager: changed disable_on_destroy default value to false in google_project_service #​23951
• securesourcemanager: changed deletion_policy default value from DELETE to PREVENT #​23963
• storage: retention_period field in google_storage_bucket has been converted from int to string data type #​23535
• storage: migrated google_storage_notification to the plugin framework #​24135

FEATURES:

• New Data Source: google_artifact_registry_npm_package (#​24072)
• New Data Source: google_certificate_manager_dns_authorization (#​24009)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_binding (#​24041)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_member (#​24041)
• New Resource: google_iap_web_region_forwarding_rule_service_iam_policy (#​24041)
• New Resource: google_saas_runtime_saas (#​24028)

IMPROVEMENTS:

• cloudbuild: added developer_connect_event_config field to google_cloudbuild_trigger resource (#​24043)
• cloudtasks: added desired_state field to google_cloud_tasks_queue resource (#​24053)
• cloudrunv2: added max_instance_count field to google_cloud_run_v2_service resource. (#​24031)
• compute: added params.resourceManagerTags field to the google_compute_backend_service (#​24062)
• compute: added params.resource_manager_tags field to google_compute_backend_bucket (#​24068)
• compute: added short_name field to google_compute_organization_security_policy resource (#​24059)
• container: added cluster_autoscaling.default_compute_class_enabled field to google_container_cluster resource (#​24023)
• dialogflowcx: added enableMultiLanguageTraining, locked, answerFeedbackSettings, personalizationSettings, clientCertificateSettings, startPlaybook, satisfiesPzs, and satisfiesPzi to google_dialogflow_cx_agent resource. (#​24007)
• lustre: increased google_lustre_instance resource create timeout to 120m from 20m (#​24056)
• oracledatabase: enabled default_from_api flag for ODB Network related fields in google_oracle_database_cloud_vm_cluster resource (#​24045)
• sql: added feature to restore google_sql_database_instance using backupdr_backup (#​24066)
• ssm: made ca_pool argument optional for private instances that use Google-managed trusted certificates.tosecure_source_manager` resource (#​24039)

BUG FIXES:

• container: fixed issue where a failed creation on google_container_node_pool would result in an unrecoverable tainted state (#​24077)
• gkeonprem: set default_from_api in image field in google_vmware_node_pool (#​24022)
• workbench: made install-monitoring-agent metadata key settable for google_workbench_instance (#​24080)

v6.50.0

Compare Source

NOTES:

• bigtable: It is recommended for google_bigtable_table_iam_* resources to upgrade to v6.50.0 and switch from instance to instance_name in your configuration before upgrading to v7.X (#​24400)

DEPRECATIONS:

• bigtable: deprecated instance in favor of instance_name in google_bigtable_table_iam_* resources (#​24400)

IMPROVEMENTS:

• bigtable: added instance_name field to google_bigtable_table_iam_* resources (#​24400)

v6.49.3

Compare Source

BUG FIXES:

• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​24353)

hashicorp/terraform-provider-google-beta (google-beta)

v7.5.0

Compare Source

BREAKING CHANGES:

• netapp: changed peer_ip_addresses field type from String to Array in google_netapp_volume resource, as it was unusable otherwise (#​10757)

FEATURES:

• New Data Source: google_artifact_registry_maven_artifacts (#​10785)
• New Data Source: google_artifact_registry_npm_packages (#​10784)
• New Resource: google_apigee_api_deployment (#​10776)
• New Resource: google_discovery_engine_data_connector (#​10778)
• New Resource: google_kms_organization_kaj_policy_config (#​10777)
• New Resource: google_saas_runtime_rollout_kind (#​10764)

IMPROVEMENTS:

• cloudrunv2: added startup_probe and liveness_probe to google_cloud_run_v2_worker_pool resource (#​10749)
• compute: added bandwidth_allocation field to google_compute_wire_group resource (#​10770)
• compute: added shared_secret_wo and shared_secret_wo_version fields for google_compute_vpn_tunnel resource, enabling write-only management of the shared secret. (#​10788)
• dialogflow: added new_recognition_result_notification_config field to google_dialogflow_conversation_profile resource (#​10775)
• discoveryengine: added features field to google_discovery_engine_search_engine resource (#​10762)
• dlp: added other_cloud_target and other_cloud_starting_location to google_data_loss_prevention_discovery_config (#​10773)
• gkebackup: added backup_config.selected_namespace_labels field to google_gke_backup_backup_plan resource (#​10756)
• looker: added gemini_enabled field to google_looker_instance resource (#​10771)
• netapp: added hot_tier_size_used_gib fields to google_netapp_volume (#​10766)
• netapp: added cold_tier_size_used_gib and hot_tier_size_used_gib fields to google_netapp_storage_pool (#​10766)
• networksecurity: added type and mirroring_deployment_groups fields to google_network_security_mirroring_endpoint_group resource (#​10783)
• oracledatabase: added gcp_oracle_zone field to google_oracle_database_odb_network resource (#​10767)
• privilegedaccessmanager: added approval_workflow.steps.id field to google_privileged_access_manager_entitlement resource (#​10750)
• pubsub: added support for tags field to google_pubsub_topic and google_pubsub_subscription resources (#​10760)
• sql: added point_in_time_restore_context field to google_sql_database_instance (#​10786)
• storage: added force_destroy field to google_storage_insights_report_config resource (#​10772)
• storageinsights: added activity_data_retention_period_days field to google_storage_insights_dataset_config resource (#​10769)
• vertexai: added endpoint_config.private_service_connect_config block to google_vertex_ai_endpoint_with_model_garden_deployment resource (#​10754)
• vertexai: added encryption_spec.kms_key_name field to google_vertex_ai_index_endpoint resource (#​10787)
• vertexai: added encryption_spec.kms_key_name field to google_vertex_ai_index resource (#​10759)

BUG FIXES:

• apihub: fixed a permadiff on config_template in google_apihub_plugin resource (#​10758)
• storage: fixed a panic caused by empty cors blocks google_storage_bucket resource (#​10781)

v7.4.0

Compare Source

DEPRECATIONS:

• compute: deprecated the option to deploy a container during VM creation using the container startup agent in google_compute_instance. Use alternative services to run containers on your VMs. Learn more at https://cloud.google.com/compute/docs/containers/migrate-containers. (#​10725)

FEATURES:

• New Data Source: google_artifact_registry_maven_artifact (#​10718)
• New Data Source: google_compute_interconnect_location (#​10727)
• New Resource: google_network_services_wasm_plugin (#​10742)

IMPROVEMENTS:

• compute: added scheduling.0.skip_guest_os_shutdown field to google_compute_instance_template resource (#​10729)
• compute: added scheduling.0.skip_guest_os_shutdown field to google_compute_instance resource (#​10729)
• compute: added scheduling.0.skip_guest_os_shutdown field to google_compute_region_instance_template resource (#​10729)
• compute: added tunneling_config field to google_compute_service_attachment resource (#​10730)
• container: added auto_ipam_config to google_container_cluster resource. (#​10737)
• privilegedaccessmanager: added privileged_access.gcp_iam_access.role_bindings.id field to google_privileged_access_manager_entitlement resource (#​10743)
• storage: added support for timeouts to google_storage_bucket_iam_binding, google_storage_bucket_iam_member, google_storage_bucket_iam_policy resources (#​10726)

BUG FIXES:

• bigtable: fixed node_scaling_factor forcing new instance on google_bigtable_instance when adding new cluster (#​10744)
• cloudscheduler: fixed a type assertion panic in google_cloud_scheduler_job when processing HTTP headers with nil or unexpected data types (#​10720)
• compute: fixed the Network field cannot be modified issue in google_compute_region_backend_service. Now updating the network field will force the resource to be recreated (#​10738)
• netapp: fixed incorrect default value handling in google_netapp_volume for export_policy.rules attributes has_root_access and squash_mode. When not specified, these fields will now take on the API default value with no diff. (#​10736)
• netapp: updated google_netapp_storage_pool to source the default value for the qos_type field from the API. If not specified in the configuration, qos_type will now default to the value provided by the NetApp Volumes API. (#​10735)
• sql: fixed the permadiffs on disk_size when disk_autoresize is enabled in google_sql_database_instance (#​10739)
• workbench: added retry for unable to queue the operation 409 errors in google_workbench_instance resource. (#​10733)

v7.3.0

Compare Source

FEATURES:

• New Data Source: google_backup_dr_data_source_reference (#​10707)
• New Resource: google_bigquery_datapolicyv2_data_policy (#​10693)
• New Resource: google_saas_runtime_release (#​10685)
• New Resource: google_secure_source_manager_hook (#​10706)

IMPROVEMENTS:

• cloudrun: added sub_path field to google_cloud_run_service resource. (#​10705)
• cloudrunv2: added sub_path field to google_cloud_run_v2_service google_cloud_run_v2_job and google_cloud_run_v2_worker_pool resource. (#​10705)
• compute: added labels and label_fingerprint fields to google_compute_security_policy resource (#​10696)
• compute: labels under initialize_params are now updatable on google_compute_instance (#​10710)
• container: added new fields memory_manager and topology_manager to node_kubelet_config block (#​10681)
• datastream: added destination_config.bigquery_destination_config.source_hierarchy_datasets.project_id field to google_datastream_stream resource (#​10704)
• discoveryengine: added app_type field to google_discovery_engine_search_engine resource (#​10694)
• gkeonprem: added proxy field to google_gkeonprem_vmware_admin_cluster resource (#​10702)
• healthcare: added validation_config to google_healthcare_fhir_store resource (#​10700)
• iamworkforcepool: added extended_attributes field to workforce_pool_provider resource (#​10688)
• netapp: added export_policy.rules.squash_mode field to google_netapp_volume resource. (#​10711)
• privateca: added encryption_spec field to google_privateca_ca_pool resource (#​10699)
• run: added connector to vpcAccess on google_cloud_run_v2_worker_pool resource (#​10701)
• tags: added the DATA_GOVERNANCE value to google_tags_tag_key.purpose (#​10687)

BUG FIXES:

• bigquery: updated the schema change detection for google_bigquery_table to take into account presence of row access policy (#​10683)
• compute: fixed allow_global_access to correctly be immutable for google_compute_forwarding_rule resources with load balancing scheme of INTERNAL_MANAGED (#​10692)
• compute: fixed a crash in google_compute_security_policy due to a changed API response for empty match.0.expr_options blocks (#​10715)
• dialogflow: added support for non-global endpoints for google_dialogflow_conversation_profile (#​10712)
• publicca: use RawURLEncoding instead of URLEncoding for unpadded base64 encoding (#​10682)
• secretmanager: fixed a panic in google_secret_manager_secret_version in a secret_manager (#​10698)
• workbench: fixed issue that resource creation with computed labels field fails in google_workbench_instance resource (#​10691)
• workbench: made report-notebook-metrics metadata key settable for google_workbench_instance (#​10690)

v7.2.0

Compare Source

FEATURES:

• New Data Source: google_artifact_registry_python_package (#​10671)
• New Data Source: google_backup_dr_data_source_references (#​10672)
• New Resource: google_discovery_engine_acl_config (#​10680)
• New Resource: google_saas_runtime_unit_kind (#​10652)

IMPROVEMENTS:

• chronicle: made the scope_info field in google_chronicle_reference_list configurable (#​10663)
• compute: added header_action to path_matcher and default_service level on google_compute_region_url_map resource (#​10665)
• container: added secret_manager_config.rotation_config field to google_container_cluster resource (#​10659)
• container: added new fields memory_manager and topology_manager to google_container_cluster.node_config.kubelet_config and google_container_node_pool.node_config.kubelet_config (#​10681)
• healthcare: added consent_config field to google_healthcare_fhir_store resource (#​10666)
  New Resource: google_network_management_organization_vpc_flow_logs_config (#​10660)
• sql: added final_backup_description and `fin

---

Configuration

📅 Schedule: Branch creation - On day 1 and 15 of the month ( * * 1,15 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.