Skip to content

MESH-2092 terraform (deps): Bump hashicorp/aws from 6.51.0 to 6.52.0 in /stacks/localstack in the patch-and-minor group across 1 directory#277

Merged
shared-merge-writeback[bot] merged 1 commit into
developfrom
dependabot/terraform/stacks/localstack/patch-and-minor-cef90d0cab
Jul 2, 2026
Merged

MESH-2092 terraform (deps): Bump hashicorp/aws from 6.51.0 to 6.52.0 in /stacks/localstack in the patch-and-minor group across 1 directory#277
shared-merge-writeback[bot] merged 1 commit into
developfrom
dependabot/terraform/stacks/localstack/patch-and-minor-cef90d0cab

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the patch-and-minor group with 1 update in the /stacks/localstack directory: hashicorp/aws.

Updates hashicorp/aws from 6.51.0 to 6.52.0

Release notes

Sourced from hashicorp/aws's releases.

v6.52.0

6.52.0 (June 24, 2026)

NOTES:

  • resource/aws_lakeformation_permissions: Grants on aws_glue_catalog_table views (table_type = "VIRTUAL_VIEW") are now preserved when the view's view_definition is updated, as the underlying table is updated in place rather than recreated (#48532)
  • resource/aws_serverlessapplicationrepository_cloudformation_stack: Existing affected resources whose state still contains **** for NoEcho parameters or is missing default-matching parameters keys require a one-time manual reconciliation after upgrading. To recover: (1) add lifecycle { ignore_changes = [parameters] } temporarily, (2) pull state with terraform state pull, (3) correct the affected parameters values and increment serial, (4) push state back with terraform state push, (5) remove the ignore_changes block, and (6) confirm with terraform plan. For non-sensitive parameters you can instead temporarily set the parameter to a non-default value, apply, revert, and apply again (#46748)
  • resource/aws_serverlessapplicationrepository_cloudformation_stack: NoEcho parameter values are now persisted in Terraform state in plaintext rather than as ****. This is consistent with how Terraform stores other sensitive inputs (for example, aws_db_instance.password). Ensure your state backend is appropriately secured (#46748)

FEATURES:

  • New Data Source: aws_s3_bucket_notification (#31512)
  • New List Resource: aws_appautoscaling_target (#48449)
  • New List Resource: aws_bedrockagentcore_registry (#48314)
  • New List Resource: aws_dynamodb_table_item (#48520)
  • New Resource: aws_bedrockagentcore_registry (#48314)

ENHANCEMENTS:

  • data-source/aws_eks_cluster: Add control_plane_egress_mode attribute to vpc_config block (#48497)
  • provider: Generated names are now created using a cryptographically strong random generator instead of a timestamp and counter, so values are more uniformly distributed over the lowercase hexadecimal digit characters (#47995)
  • resource/aws_appautoscaling_target: Add resource identity support (#48449)
  • resource/aws_cloudwatch_log_account_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_anomaly_detector: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_data_protection_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery_destination: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery_destination_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery_source: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_destination: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_destination_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_index_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_resource_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_stream: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_query_definition: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_query_definition: Add arn attribute (#48502)
  • resource/aws_default_network_acl: Prevents error on creation when tag-based authorization in use. (#44798)
  • resource/aws_dynamodb_table_item: Add Resource Identity support (#48520)
  • resource/aws_dynamodb_table_item: Add import support (#48520)
  • resource/aws_eks_cluster: Add control_plane_egress_mode argument to vpc_config block (#48497)
  • resource/aws_mq_broker: Known endpoints in instances.0.endpoints are now returned in a deterministic order based on protocol prefix and port, including the new https://...:16001 Prometheus metrics endpoint introduced in RabbitMQ 4.2 and later; any unrecognized endpoint types are appended afterward in API order (#47777)
  • resource/aws_serverlessapplicationrepository_cloudformation_stack: Change capabilities from Required to Optional/Computed. Applications without required capabilities can now omit the argument and the value applied by AWS will be tracked in state (#46748)

BUG FIXES:

  • provider: Fix AWS API errors such as EC2's IdempotentParameterMismatch by generating client-supplied idempotency tokens using a cryptographically strong random generator and extended alphabet (#47995)
  • provider: Restore HTTP request and response body content in TF_LOG=DEBUG output for resources, data sources, and list resources. Redaction continues to apply to ephemeral resources and actions (#48463)
  • resource/aws_cloudwatch_log_delivery: Add mutex lock around create, update, and delete operations to prevent ConflictException errors (#48158)
  • resource/aws_cloudwatch_log_delivery: Fix Provided delivery configuration is invalid for the destination type errors when s3_delivery_configuration is unchanged (#46123)
  • resource/aws_elasticache_global_replication_group: Fix persistent automatic_failover_enabled diff by reading the value from the primary member (#47647)

... (truncated)

Changelog

Sourced from hashicorp/aws's changelog.

6.52.0 (June 24, 2026)

NOTES:

  • resource/aws_lakeformation_permissions: Grants on aws_glue_catalog_table views (table_type = "VIRTUAL_VIEW") are now preserved when the view's view_definition is updated, as the underlying table is updated in place rather than recreated (#48532)
  • resource/aws_serverlessapplicationrepository_cloudformation_stack: Existing affected resources whose state still contains **** for NoEcho parameters or is missing default-matching parameters keys require a one-time manual reconciliation after upgrading. To recover: (1) add lifecycle { ignore_changes = [parameters] } temporarily, (2) pull state with terraform state pull, (3) correct the affected parameters values and increment serial, (4) push state back with terraform state push, (5) remove the ignore_changes block, and (6) confirm with terraform plan. For non-sensitive parameters you can instead temporarily set the parameter to a non-default value, apply, revert, and apply again (#46748)
  • resource/aws_serverlessapplicationrepository_cloudformation_stack: NoEcho parameter values are now persisted in Terraform state in plaintext rather than as ****. This is consistent with how Terraform stores other sensitive inputs (for example, aws_db_instance.password). Ensure your state backend is appropriately secured (#46748)

FEATURES:

  • New Data Source: aws_s3_bucket_notification (#31512)
  • New List Resource: aws_appautoscaling_target (#48449)
  • New List Resource: aws_bedrockagentcore_registry (#48314)
  • New List Resource: aws_dynamodb_table_item (#48520)
  • New Resource: aws_bedrockagentcore_registry (#48314)

ENHANCEMENTS:

  • data-source/aws_eks_cluster: Add control_plane_egress_mode attribute to vpc_config block (#48497)
  • provider: Generated names are now created using a cryptographically strong random generator instead of a timestamp and counter, so values are more uniformly distributed over the lowercase hexadecimal digit characters (#47995)
  • resource/aws_appautoscaling_target: Add resource identity support (#48449)
  • resource/aws_cloudwatch_log_account_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_anomaly_detector: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_data_protection_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery_destination: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery_destination_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_delivery_source: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_destination: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_destination_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_index_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_resource_policy: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_log_stream: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_query_definition: Add Resource Identity support (#48502)
  • resource/aws_cloudwatch_query_definition: Add arn attribute (#48502)
  • resource/aws_default_network_acl: Prevents error on creation when tag-based authorization in use. (#44798)
  • resource/aws_dynamodb_table_item: Add Resource Identity support (#48520)
  • resource/aws_dynamodb_table_item: Add import support (#48520)
  • resource/aws_eks_cluster: Add control_plane_egress_mode argument to vpc_config block (#48497)
  • resource/aws_mq_broker: Known endpoints in instances.0.endpoints are now returned in a deterministic order based on protocol prefix and port, including the new https://...:16001 Prometheus metrics endpoint introduced in RabbitMQ 4.2 and later; any unrecognized endpoint types are appended afterward in API order (#47777)
  • resource/aws_serverlessapplicationrepository_cloudformation_stack: Change capabilities from Required to Optional/Computed. Applications without required capabilities can now omit the argument and the value applied by AWS will be tracked in state (#46748)

BUG FIXES:

  • provider: Fix AWS API errors such as EC2's IdempotentParameterMismatch by generating client-supplied idempotency tokens using a cryptographically strong random generator and extended alphabet (#47995)
  • provider: Restore HTTP request and response body content in TF_LOG=DEBUG output for resources, data sources, and list resources. Redaction continues to apply to ephemeral resources and actions (#48463)
  • resource/aws_cloudwatch_log_delivery: Add mutex lock around create, update, and delete operations to prevent ConflictException errors (#48158)
  • resource/aws_cloudwatch_log_delivery: Fix Provided delivery configuration is invalid for the destination type errors when s3_delivery_configuration is unchanged (#46123)
  • resource/aws_elasticache_global_replication_group: Fix persistent automatic_failover_enabled diff by reading the value from the primary member (#47647)
  • resource/aws_elasticache_replication_group: Fix persistent automatic_failover_enabled diff on member replication groups of an aws_elasticache_global_replication_group (#47647)

... (truncated)

Commits
  • 5367b73 Merge pull request #48552 from hashicorp/t-update-changelog-version
  • 896521c Prepare release v6.52.0
  • 6f1fc40 Update CHANGELOG.md (Manual Trigger)
  • 2c84b11 Merge pull request #46748 from bendrucker/f-serverlessrepo-no-change-update
  • 3b4f28c docs: update resource counts (#48546)
  • 3db9c0e serverlessapplicationrepository_cloudformation_stack: drop misleading NoEcho ...
  • f885497 serverlessapplicationrepository_cloudformation_stack: soften NoEcho warning
  • 352e1a2 Merge remote-tracking branch 'origin/main' into f-serverlessrepo-no-change-up...
  • 52c2926 Merge branch 'f-serverlessrepo-no-change-update' of https://github.com/bendru...
  • 49f591e Docs cleanups
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the patch-and-minor group with 1 update in the /stacks/localstack directory: [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws).


Updates `hashicorp/aws` from 6.51.0 to 6.52.0
- [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases)
- [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-provider-aws@v6.51.0...v6.52.0)

---
updated-dependencies:
- dependency-name: hashicorp/aws
  dependency-version: 6.52.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file terraform Pull requests that update terraform code labels Jul 2, 2026
@dependabot dependabot Bot requested review from a team and matt-mercer as code owners July 2, 2026 07:43
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file terraform Pull requests that update terraform code labels Jul 2, 2026
@shared-merge-writeback shared-merge-writeback Bot enabled auto-merge (squash) July 2, 2026 07:43
@shared-merge-writeback shared-merge-writeback Bot merged commit 216a473 into develop Jul 2, 2026
8 of 10 checks passed
@shared-merge-writeback shared-merge-writeback Bot deleted the dependabot/terraform/stacks/localstack/patch-and-minor-cef90d0cab branch July 2, 2026 07:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file terraform Pull requests that update terraform code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants