chore(deps): update all dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
actions/checkout	action	digest	1d96c77 -> 0ad4b8f
aws (source)	required_provider	minor	5.46.0 -> 5.47.0
boto3		patch	==1.34.91 -> ==1.34.95
botocore		patch	==1.34.91 -> ==1.34.95
random (source)	required_provider	patch	3.6.0 -> 3.6.1
terraform-aws-modules/vpc/aws (source)	module	minor	5.7.1 -> 5.8.1

---

Release Notes

hashicorp/terraform-provider-aws (aws)

v5.47.0

Compare Source

NOTES:

• provider: Updates to Go 1.22. This is the last Go release that will run on macOS 10.15 Catalina (#​36996)
• resource/aws_bedrockagent_knowledge_base: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#​36783)

FEATURES:

• New Data Source: aws_identitystore_groups (#​36993)
• New Resource: aws_bcmdataexports_export (#​36847)
• New Resource: aws_bedrockagent_agent (#​36851)
• New Resource: aws_bedrockagent_agent_action_group (#​36935)
• New Resource: aws_bedrockagent_agent_alias (#​36905)
• New Resource: aws_bedrockagent_knowledge_base (#​36783)
• New Resource: aws_globalaccelerator_cross_account_attachment (#​35991)
• New Resource: aws_verifiedpermissions_policy (#​35413)

ENHANCEMENTS:

• data-source/aws_eip: Add arn attribute (#​35991)
• resource/aws_api_gateway_rest_api: Correctly set root_resource_id on resource Read (#​37040)
• resource/aws_appmesh_mesh: Add spec.service_discovery argument (#​37042)
• resource/aws_cloudformation_stack_set: Adds guidance on permissions when using delegated administrator account (#​37069)
• resource/aws_db_instance: Add dedicated_log_volume argument (#​36503)
• resource/aws_eip: Add arn attribute (#​35991)
• resource/aws_elasticache_replication_group: Add transit_encryption_mode argument (#​30403)
• resource/aws_elasticache_replication_group: Changes to the transit_encryption_enabled argument can now be done in-place for engine versions > 7.0.5 (#​30403)
• resource/aws_kinesis_firehose_delivery_stream: Add snowflake_configuration argument (#​36646)
• resource/aws_memorydb_user: Support IAM authentication mode (#​32027)
• resource/aws_sagemaker_app_image_config: Add code_editor_app_image_config and jupyter_lab_image_config.jupyter_lab_image_config arguments (#​37059)
• resource/aws_sagemaker_app_image_config: Change kernel_gateway_image_config.kernel_spec MaxItems to 5 (#​37059)
• resource/aws_transfer_server: Add sftp_authentication_methods argument (#​37015)

BUG FIXES:

• resource/aws_batch_job_definition: Fix issues where changes causing a new revision do not trigger changes in dependent resources and/or cause an error, "Provider produced inconsistent final plan" (#​37111)
• resource/aws_ce_cost_category: Allow up to 3 levels of and, not and or operand nesting for the rule argument (#​30862)
• resource/aws_elasticache_replication_group: Fix excessive delay on read (#​30403)
• resource/aws_servicecatalog_portfolio: Fixes error where deletion fails if resource was deleted out of band. (#​37066)
• resource/aws_servicecatalog_provisioned_product: Fixes error where tag values are not applied to products when tag values don't change. (#​37066)

boto/boto3 (boto3)

v1.34.95

Compare Source

=======

• api-change:chime-sdk-voice: [botocore] Due to changes made by the Amazon Alexa service, GetSipMediaApplicationAlexaSkillConfiguration and PutSipMediaApplicationAlexaSkillConfiguration APIs are no longer available for use. For more information, refer to the Alexa Smart Properties page.
• api-change:codeartifact: [botocore] Add support for the Ruby package format.
• api-change:fms: [botocore] AWS Firewall Manager now supports the network firewall service stream exception policy feature for accounts within your organization.
• api-change:omics: [botocore] Add support for workflow sharing and dynamic run storage
• api-change:opensearch: [botocore] This release enables customers to create Route53 A and AAAA alias record types to point custom endpoint domain to OpenSearch domain's dualstack search endpoint.
• api-change:pinpoint-sms-voice-v2: [botocore] Amazon Pinpoint has added two new features Multimedia services (MMS) and protect configurations. Use the three new MMS APIs to send media messages to a mobile phone which includes image, audio, text, or video files. Use the ten new protect configurations APIs to block messages to specific countries.
• api-change:qbusiness: [botocore] This is a general availability (GA) release of Amazon Q Business. Q Business enables employees in an enterprise to get comprehensive answers to complex questions and take actions through a unified, intuitive web-based chat experience - using an enterprise's existing content, data, and systems.
• api-change:quicksight: [botocore] New Q embedding supporting Generative Q&A
• api-change:route53resolver: [botocore] Release of FirewallDomainRedirectionAction parameter on the Route 53 DNS Firewall Rule. This allows customers to configure a DNS Firewall rule to inspect all the domains in the DNS redirection chain (default) , such as CNAME, ALIAS, DNAME, etc., or just the first domain and trust the rest.
• api-change:sagemaker: [botocore] Amazon SageMaker Training now supports the use of attribute-based access control (ABAC) roles for training job execution roles. Amazon SageMaker Inference now supports G6 instance types.
• api-change:signer: [botocore] Documentation updates for AWS Signer. Adds cross-account signing constraint and definitions for cross-account actions.

v1.34.94

Compare Source

=======

• api-change:amplify: [botocore] Updating max results limit for listing any resources (Job, Artifacts, Branch, BackendResources, DomainAssociation) to 50 with the exception of list apps that where max results can be up to 100.
• api-change:connectcases: [botocore] This feature releases DeleteField, DeletedLayout, and DeleteTemplate API's
• api-change:inspector2: [botocore] Update Inspector2 to include new Agentless API parameters.
• api-change:timestream-query: [botocore] This change allows users to update and describe account settings associated with their accounts.
• api-change:transcribe: [botocore] This update provides error messaging for generative call summarization in Transcribe Call Analytics
• api-change:trustedadvisor: [botocore] This release adds the BatchUpdateRecommendationResourceExclusion API to support batch updates of Recommendation Resource exclusion statuses and introduces a new exclusion status filter to the ListRecommendationResources and ListOrganizationRecommendationResources APIs.

v1.34.93

Compare Source

=======

• api-change:codepipeline: [botocore] Add ability to manually and automatically roll back a pipeline stage to a previously successful execution.
• api-change:cognito-idp: [botocore] Add LimitExceededException to SignUp errors
• api-change:connectcampaigns: [botocore] This release adds support for specifying if Answering Machine should wait for prompt sound.
• api-change:marketplace-entitlement: [botocore] Releasing minor endpoint updates.
• api-change:oam: [botocore] This release introduces support for Source Accounts to define which Metrics and Logs to share with the Monitoring Account
• api-change:rds: [botocore] SupportsLimitlessDatabase field added to describe-db-engine-versions to indicate whether the DB engine version supports Aurora Limitless Database.
• api-change:support: [botocore] Releasing minor endpoint updates.

v1.34.92

Compare Source

=======

• api-change:appsync: [botocore] UpdateGraphQLAPI documentation update and datasource introspection secret arn update
• api-change:fms: [botocore] AWS Firewall Manager adds support for network ACL policies to manage Amazon Virtual Private Cloud (VPC) network access control lists (ACLs) for accounts in your organization.
• api-change:ivs: [botocore] Bug Fix: IVS does not support arns with the svs prefix
• api-change:ivs-realtime: [botocore] Bug Fix: IVS Real Time does not support ARNs using the svs prefix.
• api-change:rds: [botocore] Updates Amazon RDS documentation for setting local time zones for RDS for Db2 DB instances.
• api-change:stepfunctions: [botocore] Add new ValidateStateMachineDefinition operation, which performs syntax checking on the definition of a Amazon States Language (ASL) state machine.

boto/botocore (botocore)

v1.34.95

Compare Source

=======

• api-change:chime-sdk-voice: Due to changes made by the Amazon Alexa service, GetSipMediaApplicationAlexaSkillConfiguration and PutSipMediaApplicationAlexaSkillConfiguration APIs are no longer available for use. For more information, refer to the Alexa Smart Properties page.
• api-change:codeartifact: Add support for the Ruby package format.
• api-change:fms: AWS Firewall Manager now supports the network firewall service stream exception policy feature for accounts within your organization.
• api-change:omics: Add support for workflow sharing and dynamic run storage
• api-change:opensearch: This release enables customers to create Route53 A and AAAA alias record types to point custom endpoint domain to OpenSearch domain's dualstack search endpoint.
• api-change:pinpoint-sms-voice-v2: Amazon Pinpoint has added two new features Multimedia services (MMS) and protect configurations. Use the three new MMS APIs to send media messages to a mobile phone which includes image, audio, text, or video files. Use the ten new protect configurations APIs to block messages to specific countries.
• api-change:qbusiness: This is a general availability (GA) release of Amazon Q Business. Q Business enables employees in an enterprise to get comprehensive answers to complex questions and take actions through a unified, intuitive web-based chat experience - using an enterprise's existing content, data, and systems.
• api-change:quicksight: New Q embedding supporting Generative Q&A
• api-change:route53resolver: Release of FirewallDomainRedirectionAction parameter on the Route 53 DNS Firewall Rule. This allows customers to configure a DNS Firewall rule to inspect all the domains in the DNS redirection chain (default) , such as CNAME, ALIAS, DNAME, etc., or just the first domain and trust the rest.
• api-change:sagemaker: Amazon SageMaker Training now supports the use of attribute-based access control (ABAC) roles for training job execution roles. Amazon SageMaker Inference now supports G6 instance types.
• api-change:signer: Documentation updates for AWS Signer. Adds cross-account signing constraint and definitions for cross-account actions.

v1.34.94

Compare Source

=======

• api-change:amplify: Updating max results limit for listing any resources (Job, Artifacts, Branch, BackendResources, DomainAssociation) to 50 with the exception of list apps that where max results can be up to 100.
• api-change:connectcases: This feature releases DeleteField, DeletedLayout, and DeleteTemplate API's
• api-change:inspector2: Update Inspector2 to include new Agentless API parameters.
• api-change:timestream-query: This change allows users to update and describe account settings associated with their accounts.
• api-change:transcribe: This update provides error messaging for generative call summarization in Transcribe Call Analytics
• api-change:trustedadvisor: This release adds the BatchUpdateRecommendationResourceExclusion API to support batch updates of Recommendation Resource exclusion statuses and introduces a new exclusion status filter to the ListRecommendationResources and ListOrganizationRecommendationResources APIs.

v1.34.93

Compare Source

=======

• api-change:codepipeline: Add ability to manually and automatically roll back a pipeline stage to a previously successful execution.
• api-change:cognito-idp: Add LimitExceededException to SignUp errors
• api-change:connectcampaigns: This release adds support for specifying if Answering Machine should wait for prompt sound.
• api-change:marketplace-entitlement: Releasing minor endpoint updates.
• api-change:oam: This release introduces support for Source Accounts to define which Metrics and Logs to share with the Monitoring Account
• api-change:rds: SupportsLimitlessDatabase field added to describe-db-engine-versions to indicate whether the DB engine version supports Aurora Limitless Database.
• api-change:support: Releasing minor endpoint updates.

v1.34.92

Compare Source

=======

• api-change:appsync: UpdateGraphQLAPI documentation update and datasource introspection secret arn update
• api-change:fms: AWS Firewall Manager adds support for network ACL policies to manage Amazon Virtual Private Cloud (VPC) network access control lists (ACLs) for accounts in your organization.
• api-change:ivs: Bug Fix: IVS does not support arns with the svs prefix
• api-change:ivs-realtime: Bug Fix: IVS Real Time does not support ARNs using the svs prefix.
• api-change:rds: Updates Amazon RDS documentation for setting local time zones for RDS for Db2 DB instances.
• api-change:stepfunctions: Add new ValidateStateMachineDefinition operation, which performs syntax checking on the definition of a Amazon States Language (ASL) state machine.

hashicorp/terraform-provider-random (random)

v3.6.1

Compare Source

BUG FIXES:

• all: Prevent keepers from triggering an in-place update following import (#​385)
• resource/random_shuffle: Prevent inconsistent result after apply when result_count is set to 0 (#​409)
• provider/random_password: Fix bug which causes panic when special, upper, lower and number/numeric are all false (#​551)
• provider/random_string: Fix bug which causes panic when special, upper, lower and number/numeric are all false (#​551)

terraform-aws-modules/terraform-aws-vpc (terraform-aws-modules/vpc/aws)

v5.8.1

Compare Source

Bug Fixes

• Do not replace NAT gateways when additional subnets are added (#​1055) (cf18c37)

v5.8.0

Compare Source

Features

• Add support for multiple route tables to public and intra subnets (#​1051) (da05f24)

v5.7.2

Compare Source

Bug Fixes

• Create private_ipv6_egress routes only when having at least one private subnet (#​1062) (8701204)

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

Hey @renovate[bot]! 👋

Thank you for your contribution to the project. Please refer to the contribution rules for a quick overview of the process.

Make sure that this PR clearly explains:

• the problem being solved
• the best way a reviewer and you can test your changes

With submitting this PR you confirm that you hold the rights of the code added and agree that it will published under this LICENSE.

The following ChatOps commands are supported:

• /help: notifies a maintainer to help you out

Simply add a comment with the command in the first line. If you need to pass more information, separate it with a blank line from the command.

This message was generated automatically. You are welcome to improve it.

[kayman-mk]

Auto approved Renovate PR by organization

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	2		0	0.04s
✅ COPYPASTE	jscpd	yes		no	1.76s
✅ REPOSITORY	checkov	yes		no	14.47s
✅ REPOSITORY	dustilock	yes		no	0.2s
✅ REPOSITORY	gitleaks	yes		no	1.15s
✅ REPOSITORY	git_diff	yes		no	0.01s
✅ REPOSITORY	grype	yes		no	14.98s
✅ REPOSITORY	secretlint	yes		no	1.17s
✅ REPOSITORY	syft	yes		no	0.24s
✅ REPOSITORY	trivy-sbom	yes		no	1.1s
✅ REPOSITORY	trufflehog	yes		no	3.78s
✅ SPELL	cspell	14		0	2.71s
✅ TERRAFORM	terraform-fmt	11	0	0	0.95s
✅ YAML	prettier	2	0	0	0.65s
✅ YAML	v8r	2		0	3.41s
✅ YAML	yamllint	2		0	0.3s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by

[kayman-mk]

Auto approved Renovate PR by organization

[kayman-mk]

Auto approved Renovate PR by organization