chore(deps): update terraform-gcp to ~> 7.7.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
google (source)	required_provider	minor	~> 7.5.0 -> ~> 7.7.0
google (source)	required_provider	minor	7.5.0 -> 7.7.0
google-beta (source)	required_provider	minor	~> 7.5.0 -> ~> 7.7.0

---

Release Notes

hashicorp/terraform-provider-google (google)

v7.7.0

Compare Source

BREAKING CHANGES:

• discoveryengine: changed type of google_discovery_engine_data_connector.entities.params. Previously, it was a map of string keys to string values; now, it must be a JSON-encoded string containing an object. This change is being made in a minor release because the field wasn't usable as intended – specifically, all current valid uses require mapping strings to lists of strings. (#​24658)

FEATURES:

• New Data Source: google_network_management_connectivity_tests (#​24635)
• New Resource: google_apigee_developer_app (#​24625)
• New Resource: google_discovery_engine_license_config (#​24619)
• New Resource: google_iam_workforce_pool_provider_scim_tenant (#​24587)
• New Resource: google_kms_project_kaj_policy_config (#​24622)
• New Resource: google_saas_runtime_tenant (#​24608)

IMPROVEMENTS:

• apigee: updated the scopes argument in google_apigee_api_product resource to be order-insensitive. (#​24625)
• beyondcorp: added proxy_protocol_config and service_discovery fields to google_beyondcorp_security_gateway resource (#​24609)
• cloudrunv2: added default_uri_disabled field to google_cloud_run_v2_service resource. (GA promotion) (#​24602)
• cloudrunv2: added health_check_disabled field to google_cloud_run_v2_service resource. (#​24602)
• compute: added params field to google_compute_router resource (GA) (#​24611)
• discoveryengine: added connector_modes, sync_mode, incremental_refresh_interval, auto_run_disabled, and incremental_sync_disabled fields to google_discovery_engine_data_connector resource (#​24658)
• discoveryengine: added kms_key_name field to google_discovery_engine_search_engine resource (#​24658)
• dlp: added publish_to_dataplex_catalog field to discovery_config resource (#​24621)
• gkeonprem: made it possible to set the on_prem_version field on google_gkeonprem_vmware_node_pool (previously output-only) (#​24614)
• memcache: added deletion_protection field to memcache_instance to make deleting them require an explicit intent. memcache_instance resources now cannot be destroyed unless deletion_protection = false is set for the resource. (#​24613)
• metastore: added tags field to google_dataproc_metastore_service and 'google_dataproc_metastore_federation' resources to allow setting tags for services and federation at creation time (#​24633)
• networksecurity: added URL_FILTERING option to enum field type for google_network_security_security_profile resource (#​24583)
• networksecurity: added url_filtering_profile field to google_network_security_security_profile_group resource (beta) (#​24583)
• networksecurity: added url_filtering_profile field to google_network_security_security_profile resource (beta) (#​24583)
• sql: added source_instance_deletion_time field to google_sql_database_instance_latest_recovery_time data source (#​24576)
• sql: added source_instance_deletion_time field to google_sql_database_instance resource (#​24576)

BUG FIXES:

• bigqueryanalyticshub: fixed google_bigquery_analytics_hub_listing_subscription import (#​24634)
• discoveryengine: fixed bug where it wasn't possible to specify values for knowledgeBaseSysId or catalogSysId in google_discovery_engine_data_connector.entities.params. (#​24658)

v7.6.0

Compare Source

DEPRECATIONS:

• networksecurity: deprecated ignore_case, exact, prefix, suffix and contains fields in http_rules.from.not_sources.principals and http_rules.from.sources.principals blocks in google_network_security_authz_policy resource. Use the equivalent fields in http_rules.from.not_sources.principals.principal or http_rules.from.sources.principals.principal instead. (#​24543)

BREAKING CHANGES:

• container: node_config blocks that had set kubelet_config without explicitly setting cpu_cfs_quota implicitly set cfu_cfs_quota to false when unset. From this version onwards, an unset cpu_cfs_quota will instead match the API default of true true. Resources that are recreated will receive the new value; old resources are unaffected, and may change values by explicitly setting the intended one. (#​24569)
• storageinsights: removed activity_data_retention_period_days field from google_storage_insights_dataset_config resource due to a delayed launch. It will be readded when the feature launches. (#​24570)

FEATURES:

• New Resource: google_kms_folder_kaj_policy_config (#​24513)
• New Resource: google_vertex_ai_cache_config (#​24541)
• New Resource: google_vertex_ai_reasoning_engine (#​24512)

IMPROVEMENTS:

• backupdr: added data_source and rules_config_info fields to google_backup_dr_backup_plan_associations datasource (#​24517)
• beyondcorp: added external, proxy_protocol, and schema fields to google_beyondcorp_security_gateway_application resource (#​24542)
• beyondcorp: changed endpoint_matchers field to not be required anymore in the google_beyondcorp_security_gateway_application resource (#​24542)
• cloudrunv2: added default_uri_disabled field to google_cloud_run_v2_service resource (#​24556)
• compute: added shared_secret_wo and shared_secret_wo_version fields to google_compute_vpn_tunnel resource, enabling write-only management of the shared secret. (#​24491)
• dlp: added SENSITIVITY_UNKNOWN as possible enum value for actions.tag_resources.tag_conditions.sensitivity_score.score in google_data_loss_prevention_discovery_config resource (#​24564)
• dlp: added actions.save_findings.output_config.storage_path field to google_data_loss_prevention_job_trigger resource (#​24558)
• filestore: added file_shares.nfs_export_options.network and networks.psc_config.endpoint_project fields to google_filestore_instance resource (#​24567)
• lustre: increased creation timeout from 20min to 40min for google_lustre_instance resource (#​24559)
• netapp: added hybrid_replication_user_commands field with subfield commands to google_netapp_volume_replication resource (#​24554)
• netapp: added replication_schedule, hybrid_replication_type, large_volume_constituent_count fields to hybrid_replication_parameters field in google_netapp_volume resource (#​24554)
• networksecurity: added ip_blocks field to google_network_security_authz_policy resource (#​24543)
• secretmanager: added ephemeral support for google_secret_manager_secret_version resource (#​24566)
• sql: added source_instance_deletion_time field to google_sql_database_instance_latest_recovery_time data source (#​24576)
• sql: added source_instance_deletion_time field to google_sql_database_instance resource (#​24576)
• storagetransfer: added user_project_override and billing_project fields to google_storage_transfer_job resource (#​24504)

BUG FIXES:

• container: fixed the default for node_config.kubelet_config.cpu_cfs_quota on google_container_cluster, google_container_node_pool, google_container_cluster.node_pool to align with the API. Terraform will now send a true value when the field is unset on creation, and preserve any previously set value when unset. Explicitly set values will work as defined in configuration. (#​24569)

hashicorp/terraform-provider-google-beta (google-beta)

v7.7.0

Compare Source

BREAKING CHANGES:

• discoveryengine: changed type of google_discovery_engine_data_connector.entities.params. Previously, it was a map of string keys to string values; now, it must be a JSON-encoded string containing an object. This change is being made in a minor release because the field wasn't usable as intended – specifically, all current valid uses require mapping strings to lists of strings. (#​10863)

FEATURES:

• New Data Source: google_network_management_connectivity_tests (#​10856)
• New Resource: google_apigee_developer_app (#​10851)
• New Resource: google_discovery_engine_license_config (#​10848)
• New Resource: google_iam_workforce_pool_provider_scim_tenant (#​10834)
• New Resource: google_kms_project_kaj_policy_config (#​10850)
• New Resource: google_saas_runtime_tenant (#​10841)

IMPROVEMENTS:

• apigee: updated the scopes argument in google_apigee_api_product resource to be order-insensitive. (#​10851)
• beyondcorp: added proxy_protocol_config and service_discovery fields to google_beyondcorp_security_gateway resource (#​10842)
• cloudrunv2: added health_check_disabled field to google_cloud_run_v2_service resource. (#​10839)
• compute: added params field to google_compute_router resource (GA) (#​10844)
• discoveryengine: added connector_modes, sync_mode, incremental_refresh_interval, auto_run_disabled, and incremental_sync_disabled fields to google_discovery_engine_data_connector resource (#​10863)
• discoveryengine: added kms_key_name field to google_discovery_engine_search_engine resource (#​10863)
• dlp: added publish_to_dataplex_catalog field to discovery_config resource (#​10849)
• gkeonprem: made it possible to set the on_prem_version field on google_gkeonprem_vmware_node_pool (previously output-only) (#​10847)
• memcache: added deletion_protection field to memcache_instance to make deleting them require an explicit intent. memcache_instance resources now cannot be destroyed unless deletion_protection = false is set for the resource. (#​10846)
• metastore: added tags field to google_dataproc_metastore_service and 'google_dataproc_metastore_federation' resources to allow setting tags for services and federation at creation time (#​10854)
• networksecurity: added URL_FILTERING option to enum field type for google_network_security_security_profile resource (#​10829)
• networksecurity: added url_filtering_profile field to google_network_security_security_profile_group resource (#​10829)
• networksecurity: added url_filtering_profile field to google_network_security_security_profile resource (#​10829)
• sql: added source_instance_deletion_time field to google_sql_database_instance_latest_recovery_time data source (#​10827)
• sql: added source_instance_deletion_time field to google_sql_database_instance resource (#​10827)

BUG FIXES:

• bigqueryanalyticshub: fixed google_bigquery_analytics_hub_listing_subscription import (#​10855)
• discoveryengine: fixed bug where it wasn't possible to specify values for knowledgeBaseSysId or catalogSysId in google_discovery_engine_data_connector.entities.params. (#​10863)

v7.6.0

Compare Source

DEPRECATIONS:

• networksecurity: deprecated ignore_case, exact, prefix, suffix and contains fields in http_rules.from.not_sources.principals and http_rules.from.sources.principals blocks in google_network_security_authz_policy resource. Use the equivalent fields in http_rules.from.not_sources.principals.principal or http_rules.from.sources.principals.principal instead. (#​10809)

BREAKING CHANGES:

• container: node_config blocks that had set kubelet_config without explicitly setting cpu_cfs_quota implicitly set cfu_cfs_quota to false when unset. From this version onwards, an unset cpu_cfs_quota will instead match the API default of true true. Resources that are recreated will receive the new value; old resources are unaffected, and may change values by explicitly setting the intended one. (#​10823)
• storageinsights: removed activity_data_retention_period_days field from google_storage_insights_dataset_config resource due to a delayed launch. It will be readded when the feature launches. (#​10824)

FEATURES:

• New Resource: google_kms_folder_kaj_policy_config (#​10798)
• New Resource: google_vertex_ai_cache_config (#​10807)
• New Resource: google_vertex_ai_reasoning_engine (#​10797)

IMPROVEMENTS:

• backupdr: added data_source and rules_config_info fields to google_backup_dr_backup_plan_associations datasource (#​10802)
• beyondcorp: added external, proxy_protocol, and schema fields to google_beyondcorp_security_gateway_application resource (#​10808)
• beyondcorp: changed endpoint_matchers field to not be required anymore in the google_beyondcorp_security_gateway_application resource (#​10808)
• bigquery: added reservation field to google_bigquery_job resource (#​10796)
• compute: added backend.max_in_flight_requests, backend.max_in_flight_requests_per_instance, backend.max_in_flight_requests_per_endpoint and backend.traffic_duration fields to google_compute_backend_service resource (#​10799)
• compute: added shared_secret_wo and shared_secret_wo_version fields to google_compute_vpn_tunnel resource, enabling write-only management of the shared secret. (#​10788)
• dlp: added SENSITIVITY_UNKNOWN as possible enum value for actions.tag_resources.tag_conditions.sensitivity_score.score in google_data_loss_prevention_discovery_config resource (#​10820)
• dlp: added actions.save_findings.output_config.storage_path field to google_data_loss_prevention_job_trigger resource (#​10816)
• lustre: increased creation timeout from 20min to 40min for google_lustre_instance resource (#​10817)
• netapp: added hybrid_replication_user_commands field with subfield commands to google_netapp_volume_replication resource (#​10813)
• netapp: added replication_schedule, hybrid_replication_type, large_volume_constituent_count fields to hybrid_replication_parameters field in google_netapp_volume resource (#​10813)
• networksecurity: added ip_blocks field to google_network_security_authz_policy resource (#​10809)
• secretmanager: added ephemeral support for google_secret_manager_secret_version resource (#​10821)
• sql: added source_instance_deletion_time field to google_sql_database_instance_latest_recovery_time data source (#​10827)
• sql: added source_instance_deletion_time field to google_sql_database_instance resource (#​10827)
• storagetransfer: added user_project_override and billing_project fields to google_storage_transfer_job resource (#​10790)

BUG FIXES:

• container: fixed the default for node_config.kubelet_config.cpu_cfs_quota on google_container_cluster, google_container_node_pool, google_container_cluster.node_pool to align with the API. Terraform will now send a true value when the field is unset on creation, and preserve any previously set value when unset. Explicitly set values will work as defined in configuration. (#​10823)

---

Configuration

📅 Schedule: Branch creation - On day 1 and 15 of the month ( * * 1,15 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.