- Vaults module
- Virtual private vaults can now be configured for cross-region replication via the newly added replica-region attribute. Only applicable to virtual private vaults (VPVs).
- Security Zones module
- tenancy_ocid attribute, once required in the security_zones_configuration, becomes a variable of its own.
- reporting_region attribute of security_zones_configuration defaults to tenancy home region if not defined.
- VSS module
- dynamic runtime dependency issue in local.target_host_scan_cmps. Issue 541.
- Cloud Guard module: ability to use "TENANCY-ROOT" key for referring to tenancy OCID in cloud_guard_configuration. tenancy_ocid becomes a variable of its own.
- All modules: all dependency variables are now strongly typed, enhancing usage guidance.
- Bastion module, with support for managed SSH and port forwarding sessions.
- Examples code in all modules updated with remote source references.
- Examples documentation in all modules updated with remote link references.
- All modules now accept null value as the input variable assignment. This allows for easier automation of composed solutions.
- image_count attribute in container_recipes defaulted to 1.
- Pre condition check added for container scan targets without an existing repository.
- For host scan targets, the module outputs whether or not the Vulnerability Scanning cloud agent plugin is enabled for target instances.
- host_recipe_key and container_recipe_key attributes renamed to host_recipe_id and container_recipe_id, respectively.
- host_recipe_id can be assigned either a literal OCID or a referring key from host_recipes.
- container_recipe_id can be assigned either a literal OCID or a referring key from container_recipes.
Modules for Cloud Guard, Security Zones, Vault (a.k.a KMS), and Vulnerability Scanning services.