chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
aws (source)	required_provider	minor	6.37.0 → 6.40.0
pypa/gh-action-pypi-publish	action	minor	v1.13.0 → v1.14.0

---

Release Notes

hashicorp/terraform-provider-aws (aws)

v6.40.0

Compare Source

FEATURES:

• New Data Source: aws_opensearchserverless_collection_group (#​46308)
• New Data Source: aws_opensearchserverless_collection_groups (#​46308)
• New Data Source: aws_s3files_access_point (#​47352)
• New Data Source: aws_s3files_file_system (#​47344)
• New Data Source: aws_s3files_file_systems (#​47344)
• New Data Source: aws_s3files_mount_target (#​47347)
• New List Resource: aws_config_config_rule (#​47319)
• New List Resource: aws_glue_job (#​47266)
• New List Resource: aws_opensearchserverless_collection_group (#​46308)
• New List Resource: aws_s3files_access_point (#​47352)
• New List Resource: aws_s3files_file_system (#​47325)
• New List Resource: aws_s3files_file_system_policy (#​47355)
• New List Resource: aws_s3files_mount_target (#​47347)
• New List Resource: aws_s3files_synchronization_configuration (#​47353)
• New List Resource: aws_ssm_association (#​47321)
• New List Resource: aws_ssm_patch_group (#​47329)
• New Resource: aws_opensearchserverless_collection_group (#​46308)
• New Resource: aws_s3files_access_point (#​47352)
• New Resource: aws_s3files_file_system (#​47325)
• New Resource: aws_s3files_file_system_policy (#​47355)
• New Resource: aws_s3files_mount_target (#​47347)
• New Resource: aws_s3files_synchronization_configuration (#​47353)
• New Resource: aws_servicequotas_auto_management (#​45968)

ENHANCEMENTS:

• data-source/aws_msk_cluster: Add broker_node_group_info.connectivity_info.network_type attribute (#​47279)
• resource/aws_cloudformation_stack_set: Add depends_on_stack_sets to auto_deployment configuration block (#​47269)
• resource/aws_config_config_rule: Add Resource Identity support (#​47286)
• resource/aws_config_configuration_aggregator: Add Resource Identity support (#​47286)
• resource/aws_config_configuration_recorder: Add Resource Identity support (#​47286)
• resource/aws_config_configuration_recorder_status: Add Resource Identity support (#​47286)
• resource/aws_config_conformance_pack: Add Resource Identity support (#​47286)
• resource/aws_config_delivery_channel: Add Resource Identity support (#​47286)
• resource/aws_config_organization_conformance_pack: Add Resource Identity support (#​47286)
• resource/aws_config_organization_custom_policy_rule: Add Resource Identity support (#​47286)
• resource/aws_config_organization_custom_rule: Add Resource Identity support (#​47286)
• resource/aws_config_organization_managed_rule: Add Resource Identity support (#​47286)
• resource/aws_config_remediation_configuration: Add Resource Identity support (#​47286)
• resource/aws_config_retention_configuration: Add Resource Identity support (#​47286)
• resource/aws_controltower_landing_zone: Add remediation_types attribute (#​46549)
• resource/aws_glue_job: Add Resource Identity support (#​47266)
• resource/aws_iam_instance_profile: Add resource identity support (#​47307)
• resource/aws_kinesisanalyticsv2_application: Support FLINK-2_2 as a valid value for runtime_environment (#​47207)
• resource/aws_msk_cluster: Add broker_node_group_info.connectivity_info.network_type argument (#​47279)
• resource/aws_opensearchserverless_access_policy: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_lifecycle_policy: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_security_config: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_security_policy: Add Resource Identity support (#​47262)
• resource/aws_opensearchserverless_vpc_endpoint: Add Resource Identity support (#​47262)
• resource/aws_s3control_storage_lens_configuration: Add storage_lens_configuration.data_export.storage_lens_table_destination argument (#​47152)
• resource/aws_ssm_patch_group: Add resource identity support (#​47318)

BUG FIXES:

• resource/aws_bcmdataexports_export: Allows empty values in export.data_query.table_configurations (#​47261)
• resource/aws_cloudwatch_log_metric_filter: Fix validation to count pattern length in UTF-8 characters (#​47287)
• resource/aws_config_configuration_recorder_status: Mark name as as ForceNew (#​47286)
• resource/aws_organizations_account: Fix AccountAlreadyClosedException error when deleting an account that has already been closed with close_on_deletion set to true (#​46627)
• resource/aws_s3_bucket_server_side_encryption_configuration: Change rule.apply_server_side_encryption_by_default.kms_master_key_id, rule.blocked_encryption_types, and rule.bucket_key_enabled to Optional and Computed, preventings diffs once SSE-C is disabled for all new general purpose buckets (#​47359)
• resource/aws_uxc_account_customizations: Fix inconsistent result error when visible_regions or visible_services is set to an explicit empty set ([]) (#​47290)

v6.39.0

Compare Source

NOTES:

• data-source/aws_eks_access_entry: The tags_all attribute is deprecated and will be removed in a future major version (#​47133)

FEATURES:

• New Data Source: aws_iam_role_policies (#​46936)
• New Data Source: aws_iam_role_policy_attachments (#​47119)
• New Data Source: aws_networkmanager_core_network (#​45798)
• New Data Source: aws_uxc_services (#​47115)
• New List Resource: aws_eks_cluster (#​47133)
• New List Resource: aws_organizations_aws_service_access (#​46993)
• New List Resource: aws_sagemaker_training_job (#​46892)
• New List Resource: aws_workmail_group (#​47131)
• New List Resource: aws_workmail_user (#​47131)
• New Resource: aws_organizations_aws_service_access (#​46993)
• New Resource: aws_sagemaker_training_job (#​46892)
• New Resource: aws_uxc_account_customizations (#​47115)
• New Resource: aws_workmail_group (#​47131)
• New Resource: aws_workmail_user (#​47131)

ENHANCEMENTS:

• data-source/aws_outposts_asset: Add instance_families attribute (#​47153)
• resource/aws_eks_cluster: Add resource identity support (#​47133)
• resource/aws_eks_cluster: Support tier-8xl as a valid value for control_plane_scaling_config.tier (#​46976)
• resource/aws_network_acl_rule: Add Resource Identity support (#​47090)
• resource/aws_observabilityadmin_centralization_rule_for_organization: Add source.source_logs_configuration.data_source_selection_criteria argument. Change source.source_logs_configuration.log_group_selection_criteria to Optional (#​47154)
• resource/aws_prometheus_scraper: Add source.vpc argument. Change source.eks to Optional (#​47155)
• resource/aws_s3_bucket_metric: Support bucket metrics for directory buckets (#​47184)
• resource/aws_s3control_storage_lens_configuration: Add storage_lens_configuration.account_level.advanced_performance_metrics and storage_lens_configuration.account_level.bucket_level.advanced_performance_metrics arguments (#​46865)

BUG FIXES:

• data-source/aws_eks_access_entry: Fixed tags not being returned (#​47133)
• data-source/aws_service_principal: Fix service principal names for EC2 and S3 in the aws-cn partition (#​47141)
• resource/aws_config_organization_conformance_pack: Fix creation timeout when using a delegated administrator account (#​47072)
• resource/aws_dynamodb_table: Fix Error: waiting for creation AWS DynamoDB Table (xxxxx): couldn't find resource in highly active accounts by restoring 5s delay before polling for table status. This fixes a regression introduced in v6.28.0. (#​47143)
• resource/aws_eks_cluster: Set bootstrap_self_managed_addons to true when importing (#​47133)
• resource/aws_elasticache_serverless_cache: Fix InvalidParameterCombination error when cache_usage_limits is removed (#​46134)
• resource/aws_glue_catalog_table: Detect and report failed view creation (#​47101)

v6.38.0

Compare Source

FEATURES:

• New Action: aws_dms_start_replication_task_assessment_run (#​47058)
• New Data Source: aws_dynamodb_backups (#​47036)
• New Data Source: aws_msk_topic (#​46490)
• New Data Source: aws_savingsplans_offerings (#​47081)
• New List Resource: aws_msk_cluster (#​46490)
• New List Resource: aws_msk_serverless_cluster (#​46490)
• New List Resource: aws_msk_topic (#​46490)
• New List Resource: aws_route53_resolver_rule (#​47063)
• New List Resource: aws_sagemaker_algorithm (#​47051)
• New List Resource: aws_ssm_document (#​46974)
• New List Resource: aws_ssoadmin_account_assignment (#​47067)
• New List Resource: aws_vpc_endpoint (#​46977)
• New List Resource: aws_workmail_domain (#​46931)
• New Resource: aws_msk_topic (#​46490)
• New Resource: aws_observabilityadmin_telemetry_enrichment (#​47089)
• New Resource: aws_sagemaker_algorithm (#​47051)
• New Resource: aws_workmail_default_domain (#​46931)
• New Resource: aws_workmail_domain (#​46931)

ENHANCEMENTS:

• data-source/aws_networkfirewall_firewall_policy: Add firewall_policy.enable_tls_session_holding attribute (#​47065)
• resource/aws_bedrockagentcore_agent_runtime: Add authorizer_configuration.custom_jwt_authorizer.custom_claim configuration block (#​47049)
• resource/aws_bedrockagentcore_gateway: Add authorizer_configuration.custom_jwt_authorizer.custom_claim configuration block (#​47049)
• resource/aws_bedrockagentcore_gateway_target: Add target_configuration.mcp.api_gateway configuration block (#​46916)
• resource/aws_dynamodb_table: Add restore_backup_arn argument (#​47068)
• resource/aws_fis_experiment_template: Support KinesisStreams as a value for action.target.key (#​47010)
• resource/aws_fis_experiment_template: Support VPCEndpoints as a value for action.target.key (#​47045)
• resource/aws_mq_broker: Change user block to Optional (#​46883)
• resource/aws_msk_cluster: Add resource identity support (#​46490)
• resource/aws_msk_serverless_cluster: Add resource identity support (#​46490)
• resource/aws_networkfirewall_firewall_policy: Add firewall_policy.enable_tls_session_holding argument (#​47065)
• resource/aws_securityhub_insight: Add filters.aws_account_name configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_associated_standards_id configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_security_control_id configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_security_control_parameters_name configuration block (#​47027)
• resource/aws_securityhub_insight: Add filters.compliance_security_control_parameters_value configuration block (#​47027)
• resource/aws_ssoadmin_account_assignment: Add Resource Identity support (#​47067)

BUG FIXES:

• resource/aws_api_gateway_method: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_apigatewayv2_integration: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_apigatewayv2_route: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_apigatewayv2_stage: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_gateway_route: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_route: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_gateway: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_node: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_router: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_appmesh_virtual_service: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_cloudfront_distribution_tenant: Fix panic when managed certificate is not found during creation (#​46982)
• resource/aws_controltower_control: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_default_route_table: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_gateway_association: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_private_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_private_virtual_interface_accepter: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_public_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_public_virtual_interface_accepter: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_transit_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_hosted_transit_virtual_interface_accepter: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_private_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_public_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_dx_transit_virtual_interface: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_ecs_express_gateway_service: Fix Provider produced inconsistent result after apply error when environment variables are defined in non-alphabetical order (#​46771)
• resource/aws_elasticache_reserved_cache_node: Fix Provider returned invalid result object after apply errors where computed attributes remained unknown after create (#​47012)
• resource/aws_kinesis_stream: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_mq_broker: Fix non-idempotent behavior for RabbitMQ brokers with user block (#​46883)
• resource/aws_network_acl: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_network_interface_sg_attachment: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_opensearch_domain: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_route53recoverycontrolconfig_routing_control: Fix panic on concurrent creates when API returns ConflictException (#​47038)
• resource/aws_route_table_association: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_serverlessapplicationrepository_cloudformation_stack: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_servicecatalog_product: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_ses_active_receipt_rule_set: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_ssm_default_patch_baseline: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_vpc_dhcp_options_association: Fix import to honor @region suffix when using resource-level region attribute (#​47043)
• resource/aws_wafv2_web_acl_rule: Fix Unable to unmarshal DynamicValue error when statement.managed_rule_group_statement.rule_action_override block is specified (#​46998)
• resource/aws_wafv2_web_acl_rule_group_association: Fix WAFOptimisticLockException errors when multiple associations target the same Web ACL (#​47037)

pypa/gh-action-pypi-publish (pypa/gh-action-pypi-publish)

v1.14.0

Compare Source

Audit your supply chain regularly!

✨ What's Changed

The main change in this release is that verbose and print-hash inputs are now on by default. This was contributed by @​whitequark💰 in #​397.

📝 Docs

@​woodruffw💰 updated the mentions of PEP 740 to stop implying that it might be experimental (it hasn't been for quite a while!) in #​388 and @​him2him2💰 brushed up some grammar in the README and SECURITY docs via #​395.

🛠️ Internal Updates

@​woodruffw💰 bumped sigstore and pypi-attestations in the lock file (#​391) and @​webknjaz💰 added infra for using type annotations in the project (#​381).

💪 New Contributors

• @​him2him2 made their first contribution in #​395
• @​whitequark made their first contribution in #​397

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.13.0...v1.14.0

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​facutuesca💰 and @​woodruffw💰 for helping maintain this project when I can't!

💬 Discuss on Bluesky 🦋, on Mastodon 🐘 and on GitHub.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review.

_{Tip: disable this comment in your organization's Code Review settings.}