feat(deps): update terraform oci (7.26.1 → 7.28.0)

[the-iron-giant]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
oci (source)	required_provider	minor	7.26.1 -> 7.28.0

---

Release Notes

oracle/terraform-provider-oci (oci)

v7.28.0

Compare Source

Added

• max_attempts configuration option in retry configuration
• Log Analytics Entity Associations CRUD operations support
• Support for Project Flash
• ListMulticloudsubscriptions and ListMulticloudResources APIs for Multicloud service
• Support for ADB-S: Display Elastic Pool Cost Savings in OCI Console
• Changes to Resource Discovery flow for context aware SIGINT

Bug Fix

• oci_ocvp_sddc system_tag fix
• Support for Resource Analytics with OBO tokens
• terraform bugfix for adbs switchover doc
• Added data source support for ML Application Implementation Version resource

v7.27.0

Compare Source

Added

• Support for Marketplace Service Catalog Access Control feature
• Support for Compute: GPU Memory Fabric API - Firmware Pinning
• Support for Refresh Exa Dataguard Health
• Support for AWS integration for DB@​AWS - DBMCI
• Support for Private Service Access
• Support for GGS Zero ETL Usability Improvements
• Support for Zero-Trust Packet Routing (ZPR) Security Attribute Onboarding for bastion service
• Support for IPv6 and Reserved IPs in API Gateway
• Support for IoT actions APIs and spec bug fixes
• Support for [Terraform] Support AWS KMS integration for DB@​AWS
• Support for Data Catalog - ZPR Intercom
• Revert SIGINT changes for ODSC
• config for retries

Bug Fix

• added support for real resource for Autonomous CC

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[the-iron-giant]

📝 Terraform Plan for terraform/oci

→ Resource Changes: 22 to create, 1 to update, 0 to re-create, 0 to delete.

✨ Create

oci_core_image.talos-arm64

+ agent_features           = (known after apply)
+ base_image_id            = (known after apply)
+ billable_size_in_gbs     = (known after apply)
+ compartment_id           = (sensitive value)
+ create_image_allowed     = (known after apply)
+ defined_tags             = (known after apply)
+ display_name             = "talos-arm64"
+ freeform_tags            = (known after apply)
+ id                       = (known after apply)
+ launch_mode              = "PARAVIRTUALIZED"
+ launch_options           = (known after apply)
+ listing_type             = (known after apply)
+ operating_system         = (known after apply)
+ operating_system_version = (known after apply)
+ size_in_mbs              = (known after apply)
+ state                    = (known after apply)
+ time_created             = (known after apply)

+ image_source_details {
+     bucket_name    = "kubernetes-oci-images"
+     namespace_name = "sdoudjhg8koz"
+     object_name    = "oracle-arm64.oci"
+     source_type    = "objectStorageTuple"
  }

oci_core_instance.controlplane

+ availability_domain                 = "SkDm:AP-SYDNEY-1-AD-1"
+ boot_volume_id                      = (known after apply)
+ capacity_reservation_id             = (known after apply)
+ compartment_id                      = (sensitive value)
+ compute_cluster_id                  = (known after apply)
+ dedicated_vm_host_id                = (known after apply)
+ defined_tags                        = (known after apply)
+ display_name                        = "controlplane-01"
+ extended_metadata                   = (known after apply)
+ fault_domain                        = (known after apply)
+ freeform_tags                       = (known after apply)
+ hostname_label                      = (known after apply)
+ id                                  = (known after apply)
+ image                               = (known after apply)
+ instance_configuration_id           = (known after apply)
+ ipxe_script                         = (known after apply)
+ is_ai_enterprise_enabled            = (known after apply)
+ is_cross_numa_node                  = (known after apply)
+ is_pv_encryption_in_transit_enabled = (known after apply)
+ launch_mode                         = (known after apply)
+ metadata                            = (known after apply)
+ private_ip                          = (known after apply)
+ public_ip                           = (known after apply)
+ region                              = (known after apply)
+ security_attributes                 = (known after apply)
+ security_attributes_state           = (known after apply)
+ shape                               = "VM.Standard.A1.Flex"
+ state                               = (known after apply)
+ subnet_id                           = (known after apply)
+ system_tags                         = (known after apply)
+ time_created                        = (known after apply)
+ time_maintenance_reboot_due         = (known after apply)

+ agent_config {
+     are_all_plugins_disabled = true
+     is_management_disabled   = true
+     is_monitoring_disabled   = true

+     plugins_config (known after apply)
  }

+ availability_config (known after apply)

+ create_vnic_details {
+     assign_ipv6ip          = (known after apply)
+     assign_public_ip       = "true"
+     defined_tags           = (known after apply)
+     display_name           = (known after apply)
+     freeform_tags          = (known after apply)
+     hostname_label         = (known after apply)
+     nsg_ids                = (known after apply)
+     private_ip             = "10.0.0.10"
+     security_attributes    = (known after apply)
+     skip_source_dest_check = (known after apply)
+     subnet_cidr            = (known after apply)
+     subnet_id              = (known after apply)
+     vlan_id                = (known after apply)

+     ipv6address_ipv6subnet_cidr_pair_details (known after apply)
  }

+ instance_options (known after apply)

+ launch_options {
+     boot_volume_type                    = "PARAVIRTUALIZED"
+     firmware                            = "UEFI_64"
+     is_consistent_volume_naming_enabled = (known after apply)
+     is_pv_encryption_in_transit_enabled = (known after apply)
+     network_type                        = "PARAVIRTUALIZED"
+     remote_data_volume_type             = "PARAVIRTUALIZED"
  }

+ launch_volume_attachments (known after apply)

+ licensing_configs (known after apply)

+ placement_constraint_details (known after apply)

+ platform_config (known after apply)

+ preemptible_instance_config (known after apply)

+ shape_config {
+     baseline_ocpu_utilization     = (known after apply)
+     gpu_description               = (known after apply)
+     gpus                          = (known after apply)
+     local_disk_description        = (known after apply)
+     local_disks                   = (known after apply)
+     local_disks_total_size_in_gbs = (known after apply)
+     max_vnic_attachments          = (known after apply)
+     memory_in_gbs                 = 24
+     networking_bandwidth_in_gbps  = (known after apply)
+     nvmes                         = (known after apply)
+     ocpus                         = 4
+     processor_description         = (known after apply)
+     resource_management           = (known after apply)
+     vcpus                         = (known after apply)
  }

+ source_details {
+     boot_volume_size_in_gbs = "200"
+     boot_volume_vpus_per_gb = (known after apply)
+     source_id               = (known after apply)
+     source_type             = "image"

+     instance_source_image_filter_details (known after apply)
  }

oci_core_internet_gateway.main

+ compartment_id = (sensitive value)
+ defined_tags   = (known after apply)
+ display_name   = (known after apply)
+ enabled        = true
+ freeform_tags  = (known after apply)
+ id             = (known after apply)
+ route_table_id = (known after apply)
+ state          = (known after apply)
+ time_created   = (known after apply)
+ vcn_id         = (known after apply)

oci_core_network_security_group.main

+ compartment_id = (sensitive value)
+ defined_tags   = (known after apply)
+ display_name   = (known after apply)
+ freeform_tags  = (known after apply)
+ id             = (known after apply)
+ state          = (known after apply)
+ time_created   = (known after apply)
+ vcn_id         = (known after apply)

oci_core_network_security_group_security_rule.main

+ description               = (known after apply)
+ destination               = "0.0.0.0/0"
+ destination_type          = "CIDR_BLOCK"
+ direction                 = "EGRESS"
+ id                        = (known after apply)
+ is_valid                  = (known after apply)
+ network_security_group_id = (known after apply)
+ protocol                  = "all"
+ source_type               = (known after apply)
+ stateless                 = false
+ time_created              = (known after apply)

oci_core_route_table.main

+ compartment_id = (sensitive value)
+ defined_tags   = (known after apply)
+ display_name   = "kubernetes"
+ freeform_tags  = (known after apply)
+ id             = (known after apply)
+ state          = (known after apply)
+ time_created   = (known after apply)
+ vcn_id         = (known after apply)

+ route_rules {
+     cidr_block        = (known after apply)
+     description       = (known after apply)
+     destination       = "0.0.0.0/0"
+     destination_type  = "CIDR_BLOCK"
+     network_entity_id = (known after apply)
+     route_type        = (known after apply)
  }

oci_core_security_list.main

+ compartment_id = (sensitive value)
+ defined_tags   = (known after apply)
+ display_name   = (known after apply)
+ freeform_tags  = (known after apply)
+ id             = (known after apply)
+ state          = (known after apply)
+ time_created   = (known after apply)
+ vcn_id         = (known after apply)

+ egress_security_rules {
+     description      = (known after apply)
+     destination      = "0.0.0.0/0"
+     destination_type = (known after apply)
+     protocol         = "all"
+     stateless        = false
  }

+ ingress_security_rules {
+     description = (known after apply)
+     protocol    = "all"
+     source      = "0.0.0.0/0"
+     source_type = (known after apply)
+     stateless   = false
  }

oci_core_subnet.kubernetes

+ availability_domain        = (known after apply)
+ cidr_block                 = (known after apply)
+ compartment_id             = (sensitive value)
+ defined_tags               = (known after apply)
+ dhcp_options_id            = (known after apply)
+ display_name               = "kubernetes"
+ dns_label                  = (known after apply)
+ freeform_tags              = (known after apply)
+ id                         = (known after apply)
+ ipv4cidr_blocks            = (known after apply)
+ ipv6cidr_block             = (known after apply)
+ ipv6cidr_blocks            = (known after apply)
+ ipv6virtual_router_ip      = (known after apply)
+ prohibit_internet_ingress  = (known after apply)
+ prohibit_public_ip_on_vnic = (known after apply)
+ route_table_id             = (known after apply)
+ security_list_ids          = (known after apply)
+ state                      = (known after apply)
+ subnet_domain_name         = (known after apply)
+ time_created               = (known after apply)
+ vcn_id                     = (known after apply)
+ virtual_router_ip          = (known after apply)
+ virtual_router_mac         = (known after apply)

oci_core_vcn.main

+ byoipv6cidr_blocks               = (known after apply)
+ cidr_block                       = (known after apply)
+ cidr_blocks                      = [
+     "10.0.0.0/16",
  ]
+ compartment_id                   = (sensitive value)
+ default_dhcp_options_id          = (known after apply)
+ default_route_table_id           = (known after apply)
+ default_security_list_id         = (known after apply)
+ defined_tags                     = (known after apply)
+ display_name                     = "main"
+ dns_label                        = "kubernetes"
+ freeform_tags                    = (known after apply)
+ id                               = (known after apply)
+ ipv6cidr_blocks                  = (known after apply)
+ ipv6private_cidr_blocks          = (known after apply)
+ is_ipv6enabled                   = true
+ is_oracle_gua_allocation_enabled = (known after apply)
+ security_attributes              = (known after apply)
+ state                            = (known after apply)
+ time_created                     = (known after apply)
+ vcn_domain_name                  = (known after apply)

+ byoipv6cidr_details (known after apply)

oci_identity_dynamic_group.ccm

+ compartment_id = (sensitive value)
+ defined_tags   = (known after apply)
+ description    = "Instance access for CCM"
+ freeform_tags  = (known after apply)
+ id             = (known after apply)
+ inactive_state = (known after apply)
+ matching_rule  = (sensitive value)
+ name           = "oci-ccm"
+ state          = (known after apply)
+ time_created   = (known after apply)

oci_identity_policy.ccm

+ ETag           = (known after apply)
+ compartment_id = (sensitive value)
+ defined_tags   = (known after apply)
+ description    = "Instance access for CCM"
+ freeform_tags  = (known after apply)
+ id             = (known after apply)
+ inactive_state = (known after apply)
+ lastUpdateETag = (known after apply)
+ name           = "oci-ccm"
+ policyHash     = (known after apply)
+ state          = (known after apply)
+ statements     = [
+     "Allow dynamic-group oci-ccm to manage load-balancers in compartment kubernetes-oci",
+     "Allow dynamic-group oci-ccm to manage security-lists in compartment kubernetes-oci",
+     "Allow dynamic-group oci-ccm to read instance-family in compartment kubernetes-oci",
+     "Allow dynamic-group oci-ccm to use virtual-network-family in compartment kubernetes-oci",
  ]
+ time_created   = (known after apply)
+ version_date   = (known after apply)

oci_network_load_balancer_backend.controlplane

+ backend_set_name         = "controlplane"
+ id                       = (known after apply)
+ ip_address               = (known after apply)
+ is_backup                = (known after apply)
+ is_drain                 = (known after apply)
+ is_offline               = (known after apply)
+ name                     = "controlplane-01"
+ network_load_balancer_id = (known after apply)
+ port                     = 6443
+ target_id                = (known after apply)
+ weight                   = (known after apply)

oci_network_load_balancer_backend.talos

+ backend_set_name         = "talos"
+ id                       = (known after apply)
+ ip_address               = (known after apply)
+ is_backup                = (known after apply)
+ is_drain                 = (known after apply)
+ is_offline               = (known after apply)
+ name                     = "talos-01"
+ network_load_balancer_id = (known after apply)
+ port                     = 50000
+ target_id                = (known after apply)
+ weight                   = (known after apply)

oci_network_load_balancer_backend_set.controlplane

+ are_operationally_active_backends_preferred = (known after apply)
+ backends                                    = (known after apply)
+ id                                          = (known after apply)
+ ip_version                                  = (known after apply)
+ is_fail_open                                = (known after apply)
+ is_instant_failover_enabled                 = (known after apply)
+ is_instant_failover_tcp_reset_enabled       = (known after apply)
+ is_preserve_source                          = false
+ name                                        = "controlplane"
+ network_load_balancer_id                    = (known after apply)
+ policy                                      = "TWO_TUPLE"

+ health_checker {
+     interval_in_millis  = 10000
+     port                = 6443
+     protocol            = "HTTPS"
+     request_data        = (known after apply)
+     response_body_regex = (known after apply)
+     response_data       = (known after apply)
+     retries             = (known after apply)
+     return_code         = 401
+     timeout_in_millis   = (known after apply)
+     url_path            = "/readyz"

+     dns (known after apply)
  }

oci_network_load_balancer_backend_set.talos

+ are_operationally_active_backends_preferred = (known after apply)
+ backends                                    = (known after apply)
+ id                                          = (known after apply)
+ ip_version                                  = (known after apply)
+ is_fail_open                                = (known after apply)
+ is_instant_failover_enabled                 = (known after apply)
+ is_instant_failover_tcp_reset_enabled       = (known after apply)
+ is_preserve_source                          = false
+ name                                        = "talos"
+ network_load_balancer_id                    = (known after apply)
+ policy                                      = "TWO_TUPLE"

+ health_checker {
+     interval_in_millis  = 10000
+     port                = 50000
+     protocol            = "TCP"
+     request_data        = (known after apply)
+     response_body_regex = (known after apply)
+     response_data       = (known after apply)
+     retries             = (known after apply)
+     return_code         = (known after apply)
+     timeout_in_millis   = (known after apply)
+     url_path            = (known after apply)

+     dns (known after apply)
  }

oci_network_load_balancer_listener.controlplane

+ default_backend_set_name = "controlplane"
+ id                       = (known after apply)
+ ip_version               = (known after apply)
+ is_ppv2enabled           = (known after apply)
+ l3ip_idle_timeout        = (known after apply)
+ name                     = "controlplane"
+ network_load_balancer_id = (known after apply)
+ port                     = 6443
+ protocol                 = "TCP"
+ tcp_idle_timeout         = (known after apply)
+ udp_idle_timeout         = (known after apply)

oci_network_load_balancer_listener.talos

+ default_backend_set_name = "talos"
+ id                       = (known after apply)
+ ip_version               = (known after apply)
+ is_ppv2enabled           = (known after apply)
+ l3ip_idle_timeout        = (known after apply)
+ name                     = "talos"
+ network_load_balancer_id = (known after apply)
+ port                     = 50000
+ protocol                 = "TCP"
+ tcp_idle_timeout         = (known after apply)
+ udp_idle_timeout         = (known after apply)

oci_network_load_balancer_network_load_balancer.controlplane-lb

+ compartment_id                 = (sensitive value)
+ defined_tags                   = (known after apply)
+ display_name                   = "controlplane-lb"
+ freeform_tags                  = (known after apply)
+ id                             = (known after apply)
+ ip_addresses                   = (known after apply)
+ is_preserve_source_destination = false
+ is_private                     = false
+ is_symmetric_hash_enabled      = (known after apply)
+ lifecycle_details              = (known after apply)
+ nlb_ip_version                 = (known after apply)
+ security_attributes            = (known after apply)
+ state                          = (known after apply)
+ subnet_id                      = (known after apply)
+ system_tags                    = (known after apply)
+ time_created                   = (known after apply)
+ time_updated                   = (known after apply)

+ reserved_ips (known after apply)

talos_cluster_kubeconfig.this

+ certificate_renewal_duration    = "720h"
+ client_configuration            = (known after apply)
+ endpoint                        = (known after apply)
+ id                              = (known after apply)
+ kubeconfig_raw                  = (sensitive value)
+ kubernetes_client_configuration = (known after apply)
+ node                            = (known after apply)

talos_machine_bootstrap.controlplane

+ client_configuration = (known after apply)
+ endpoint             = (known after apply)
+ id                   = (known after apply)
+ node                 = (known after apply)

talos_machine_configuration_apply.controlplane

+ apply_mode                  = "auto"
+ client_configuration        = (known after apply)
+ config_patches              = [
+     (known after apply),
  ]
+ endpoint                    = (known after apply)
+ id                          = (known after apply)
+ machine_configuration       = (sensitive value)
+ machine_configuration_input = (sensitive value)
+ node                        = (known after apply)

talos_machine_secrets.this

+ client_configuration = (known after apply)
+ id                   = (known after apply)
+ machine_secrets      = (known after apply)
+ talos_version        = "v1.10.3"

♻️ Update

oci_objectstorage_bucket.images

# Warning: this attribute value will be marked as sensitive and will not
# display in UI output after applying this change. The value is unchanged.
! compartment_id        = (sensitive value)
  id                    = "n/sdoudjhg8koz/b/kubernetes-oci-images"
  name                  = "kubernetes-oci-images"
! versioning            = "Suspended" -> "Enabled"
  # (16 unchanged attributes hidden)

---

Triggered by @the-iron-giant[bot], Commit: 3a0e0d3a6b2c41d6241506d882d7e4ef48ebacee