chore(deps): update hashicorp/aws requirement from ~> 5.30.0 to ~> 5.41.0

[dependabot]

Updates the requirements on hashicorp/aws to permit the latest version.

Release notes

Sourced from hashicorp/aws's releases.

v5.41.0

FEATURES:

• New Data Source: aws_apprunner_hosted_zone_id (#36288)
• New Data Source: aws_medialive_input (#36307)
• New Resource: aws_lakeformation_data_cells_filter (#36264)
• New Resource: aws_securityhub_configuration_policy (#35752)
• New Resource: aws_securityhub_configuration_policy_association (#35752)
• New Resource: aws_securitylake_subscriber_notification (#36323)

ENHANCEMENTS:

• data-source/aws_ec2_transit_gateway_peering_attachment: Add state attribute (#36304)
• data-source/aws_lakeformation_permissions: Add data_cells_filter attribute (#36264)
• data-source/aws_ram_resource_share: name is Optional (#36062)
• resource/aws_cognito_user_pool: Add pre_token_generation_config configuration block (#35236)
• resource/aws_ec2_transit_gateway_peering_attachment: Add state attribute (#36304)
• resource/aws_ecs_cluster: Add default value (DEFAULT) for configuration.execute_command_configuration.logging (#36341)
• resource/aws_lakeformation_permissions: Add data_cells_filter attribute (#36264)
• resource/aws_ram_resource_association: Add plan-time validation of resource_arn and resource_share_arn (#36062)
• resource/aws_route53domains_registered_domain: Add billing_contact and billing_privacy arguments (#36285)
• resource/aws_securityhub_organization_configuration: Add organization_configuration configuration block to support central configuration (#35752)
• resource/aws_securityhub_organization_configuration: Set auto_enable to false, auto_enable_standards to NONE, and organization_configuration.configuration_type to LOCAL on resource Delete (#35752)

BUG FIXES:

• data-source/aws_iam_policy_document: Fix Failed to marshal state to json: unsupported attribute "override_json" and Failed to marshal state to json: unsupported attribute "source_json" errors when running terraform show -json or terraform state rm (#36383)
• data-source/aws_opensearch_domain : Add auto_tune_options.use_off_peak_window attribute. This fixes a regression introduced in v5.40.0 causing Invalid address to set errors (#36298)
• resource/aws_cognito_identity_pool: Fix handling of resources deleted out of band (#36100)
• resource/aws_cognito_identity_provider: Fix InvalidParameterException: ActiveEncryptionCertificate is not a valid key for SAML identity provider details errors on resource Update (#36311)
• resource/aws_ec2_instance: Remove ForceNew from ipv6_address_count (#36308)
• resource/aws_ecs_cluster: Fix panic: interface conversion: interface {} is nil, not map[string]interface {} when configuration, configuration.execute_command_configuration, or configuration.execute_command_configuration.log_configuration are empty (#36341)
• resource/aws_ecs_service: Fix panic: interface conversion: interface {} is nil, not map[string]interface {} when service_connect_configuration.service.timeout is empty (#36309)
• resource/aws_ecs_service: service_connect_configuration.service.tls.issuer_cert_authority.aws_pca_authority_arn is Required (#36309)
• resource/aws_elasticache_replication_group: Fix bugs causing errors like InvalidReplicationGroupState: Cluster not in available state to perform tagging operations. (#36310)
• resource/aws_finspace_kx_cluster: Prevent command_line_arguments and initialization_script updates from overwriting one another (#36361)
• resource/aws_network_acl_rule: Fix InvalidNetworkAclID.NotFound errors on resource Delete (#36326)
• resource/aws_network_acl_rule: Prevent creation of duplicate Terraform resources (#36326)
• resource/aws_ram_principal_association: Prevent creation of duplicate Terraform resources (#36062)
• resource/aws_ram_principal_association: Remove from state on resource Read if principal is disassociated outside of Terraform (#36062)
• resource/aws_ram_resource_association: Prevent creation of duplicate Terraform resources (#36062)
• resource/aws_route: Prevent creation of duplicate Terraform resources (#36326)
• resource/aws_route_table: Fix couldn't find resource errors on resource Delete (#36326)
• resource/aws_vpn_connection: Correct plan-time validation of tunnel1_inside_ipv6_cidr and tunnel2_inside_ipv6_cidr (#36236)

Changelog

Sourced from hashicorp/aws's changelog.

5.41.0 (March 14, 2024)

FEATURES:

• New Data Source: aws_apprunner_hosted_zone_id (#36288)
• New Data Source: aws_medialive_input (#36307)
• New Resource: aws_lakeformation_data_cells_filter (#36264)
• New Resource: aws_securityhub_configuration_policy (#35752)
• New Resource: aws_securityhub_configuration_policy_association (#35752)
• New Resource: aws_securitylake_subscriber_notification (#36323)

ENHANCEMENTS:

• data-source/aws_ec2_transit_gateway_peering_attachment: Add state attribute (#36304)
• data-source/aws_lakeformation_permissions: Add data_cells_filter attribute (#36264)
• data-source/aws_ram_resource_share: name is Optional (#36062)
• resource/aws_cognito_user_pool: Add pre_token_generation_config configuration block (#35236)
• resource/aws_ec2_transit_gateway_peering_attachment: Add state attribute (#36304)
• resource/aws_ecs_cluster: Add default value (DEFAULT) for configuration.execute_command_configuration.logging (#36341)
• resource/aws_lakeformation_permissions: Add data_cells_filter attribute (#36264)
• resource/aws_ram_resource_association: Add plan-time validation of resource_arn and resource_share_arn (#36062)
• resource/aws_route53domains_registered_domain: Add billing_contact and billing_privacy arguments (#36285)
• resource/aws_securityhub_organization_configuration: Add organization_configuration configuration block to support central configuration (#35752)
• resource/aws_securityhub_organization_configuration: Set auto_enable to false, auto_enable_standards to NONE, and organization_configuration.configuration_type to LOCAL on resource Delete (#35752)

BUG FIXES:

• data-source/aws_iam_policy_document: Fix Failed to marshal state to json: unsupported attribute "override_json" and Failed to marshal state to json: unsupported attribute "source_json" errors when running terraform show -json or terraform state rm (#36383)
• data-source/aws_opensearch_domain : Add auto_tune_options.use_off_peak_window attribute. This fixes a regression introduced in v5.40.0 causing Invalid address to set errors (#36298)
• resource/aws_cognito_identity_pool: Fix handling of resources deleted out of band (#36100)
• resource/aws_cognito_identity_provider: Fix InvalidParameterException: ActiveEncryptionCertificate is not a valid key for SAML identity provider details errors on resource Update (#36311)
• resource/aws_ec2_instance: Remove ForceNew from ipv6_address_count (#36308)
• resource/aws_ecs_cluster: Fix panic: interface conversion: interface {} is nil, not map[string]interface {} when configuration, configuration.execute_command_configuration, or configuration.execute_command_configuration.log_configuration are empty (#36341)
• resource/aws_ecs_service: Fix panic: interface conversion: interface {} is nil, not map[string]interface {} when service_connect_configuration.service.timeout is empty (#36309)
• resource/aws_ecs_service: service_connect_configuration.service.tls.issuer_cert_authority.aws_pca_authority_arn is Required (#36309)
• resource/aws_elasticache_replication_group: Fix bugs causing errors like InvalidReplicationGroupState: Cluster not in available state to perform tagging operations. (#36310)
• resource/aws_finspace_kx_cluster: Prevent command_line_arguments and initialization_script updates from overwriting one another (#36361)
• resource/aws_network_acl_rule: Fix InvalidNetworkAclID.NotFound errors on resource Delete (#36326)
• resource/aws_network_acl_rule: Prevent creation of duplicate Terraform resources (#36326)
• resource/aws_ram_principal_association: Prevent creation of duplicate Terraform resources (#36062)
• resource/aws_ram_principal_association: Remove from state on resource Read if principal is disassociated outside of Terraform (#36062)
• resource/aws_ram_resource_association: Prevent creation of duplicate Terraform resources (#36062)
• resource/aws_route: Prevent creation of duplicate Terraform resources (#36326)
• resource/aws_route_table: Fix couldn't find resource errors on resource Delete (#36326)
• resource/aws_vpn_connection: Correct plan-time validation of tunnel1_inside_ipv6_cidr and tunnel2_inside_ipv6_cidr (#36236)

5.40.0 (March 7, 2024)

FEATURES:

... (truncated)

Commits

• 16ba1d3 Update CHANGELOG.md for #36383
• 7dcf701 Merge pull request #36383 from hashicorp/b-d/aws_iam_policy_document-override...
• 31891a2 Merge pull request #36382 from stefanfreitag/d-aws_elasticache_serverless_cac...
• 503da31 Correct CHANGELOG enty file name.
• 5c92dc8 Merge pull request #36379 from hashicorp/dependabot/github_actions/actions/se...
• f47006f iam: Reduce resources visibility.
• f723ffd r/aws_iam_access_key: Handle 'NoSuchEntity' on Delete.
• 90c2f89 aws_iam_access_keys: Tidy up.
• 235597b iam: Reduce data sources visibility.
• 938d899 Add CHANGELOG entry.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Terraform plan in .

Plan: 5 to add, 2 to change, 3 to destroy.

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+   create
!~  update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # aws_ecs_service.service will be updated in-place
!~  resource "aws_ecs_service" "service" {
        id                                 = "arn:aws:ecs:us-east-1:950012193416:service/co-boomi-atom-cluster/co-boomi-atom-service"
        name                               = "co-boomi-atom-service"
        tags                               = {}
!~      task_definition                    = "arn:aws:ecs:us-east-1:950012193416:task-definition/co-boomi-atom:10" -> (known after apply)
#        (15 unchanged attributes hidden)

#        (3 unchanged blocks hidden)
    }

  # aws_ecs_task_definition.task_definition must be replaced
-/+ resource "aws_ecs_task_definition" "task_definition" {
!~      arn                      = "arn:aws:ecs:us-east-1:950012193416:task-definition/co-boomi-atom:10" -> (known after apply)
!~      arn_without_revision     = "arn:aws:ecs:us-east-1:950012193416:task-definition/co-boomi-atom" -> (known after apply)
!~      container_definitions    = (sensitive value) # forces replacement
!~      id                       = "*************" -> (known after apply)
!~      revision                 = 10 -> (known after apply)
-       tags                     = {} -> null
#        (10 unchanged attributes hidden)
    }

  # module.lambda.aws_lambda_function.this[0] will be updated in-place
!~  resource "aws_lambda_function" "this" {
!~      filename                       = "builds/241b1f7ae462f4a8751a57746e74c31eec966a480a4e274ea96d313b1cf5ce53.zip" -> "builds/83ace95f82ac31221505b27cd6963e0ba8332a24750c2ba81e27cad01d7ce431.zip"
        id                             = "co-boomi-atom-secret-install-lambda"
!~      last_modified                  = "2023-12-13T22:49:34.000+0000" -> (known after apply)
!~      qualified_arn                  = "arn:aws:lambda:us-east-1:950012193416:function:co-boomi-atom-secret-install-lambda:26" -> (known after apply)
!~      qualified_invoke_arn           = "arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:950012193416:function:co-boomi-atom-secret-install-lambda:26/invocations" -> (known after apply)
        tags                           = {}
!~      version                        = "26" -> (known after apply)
#        (18 unchanged attributes hidden)

#        (5 unchanged blocks hidden)
    }

  # module.lambda.aws_lambda_permission.current_version_triggers["secrets"] must be replaced
-/+ resource "aws_lambda_permission" "current_version_triggers" {
!~      id                  = "*******" -> (known after apply)
!~      qualifier           = "26" # forces replacement -> (known after apply) # forces replacement
+       statement_id_prefix = (known after apply)
#        (4 unchanged attributes hidden)
    }

  # module.lambda.local_file.archive_plan[0] will be created
+   resource "local_file" "archive_plan" {
+       content              = jsonencode(
            {
+               artifacts_dir = "builds"
+               build_plan    = [
+                   [
+                       "zip",
+                       "./lambda/rotate_install_token.py",
+                       null,
                    ],
+                   [
+                       "zip",
+                       "./lambda/package/",
+                       null,
                    ],
                ]
+               filename      = "builds/83ace95f82ac31221505b27cd6963e0ba8332a24750c2ba81e27cad01d7ce431.zip"
+               runtime       = "python3.11"
            }
        )
+       content_base64sha256 = (known after apply)
+       content_base64sha512 = (known after apply)
+       content_md5          = (known after apply)
+       content_sha1         = (known after apply)
+       content_sha256       = (known after apply)
+       content_sha512       = (known after apply)
+       directory_permission = "0755"
+       file_permission      = "0644"
+       filename             = "builds/83ace95f82ac31221505b27cd6963e0ba8332a24750c2ba81e27cad01d7ce431.plan.json"
+       id                   = (known after apply)
    }

  # module.lambda.null_resource.archive[0] must be replaced
-/+ resource "null_resource" "archive" {
!~      id       = "*******************" -> (known after apply)
!~      triggers = { # forces replacement
!~          "filename"  = "builds/241b1f7ae462f4a8751a57746e74c31eec966a480a4e274ea96d313b1cf5ce53.zip" -> "builds/83ace95f82ac31221505b27cd6963e0ba8332a24750c2ba81e27cad01d7ce431.zip"
!~          "timestamp" = "1702508765622397800" -> "1710455069531987000"
        }
    }

  # module.secrets_manager.aws_secretsmanager_secret_version.ignore_changes[0] will be created
+   resource "aws_secretsmanager_secret_version" "ignore_changes" {
+       arn            = (known after apply)
+       id             = (known after apply)
+       secret_id      = "***************************************************************************************************"
+       secret_string  = (sensitive value)
+       version_id     = (known after apply)
+       version_stages = (known after apply)
    }

Plan: 5 to add, 2 to change, 3 to destroy.

📝 Plan generated in Create terraform plan #70