Bump the terraform-all-dependencies group in /infra/shared with 2 updates

[dependabot]

Bumps the terraform-all-dependencies group in /infra/shared with 2 updates: hashicorp/aws and hashicorp/awscc.

Updates hashicorp/aws from 6.36.0 to 6.37.0

Release notes

Sourced from hashicorp/aws's releases.

v6.37.0

6.37.0 (March 18, 2026)

BREAKING CHANGES:

• resource/aws_lakeformation_opt_in: Rename resource_data.lf_tag.value to resource_data.lf_tag.values and change to a set of string values (#46788)

NOTES:

• data-source/aws_savingsplan_savingsplan: The offering_id attribute is deprecated. Use savings_plan_offering_id instead. (#46959)
• resource/aws_savingsplan_savingsplan: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#46959)
• resource/aws_savingsplan_savingsplan: The offering_id attribute is deprecated. Use savings_plan_offering_id instead. (#46959)

FEATURES:

• New List Resource: aws_ec2_transit_gateway_metering_policy (#46812)
• New List Resource: aws_iam_user (#46869)
• New List Resource: aws_s3_bucket_ownership_controls (#46832)
• New List Resource: aws_wafv2_web_acl_rule (#46682)
• New List Resource: aws_workmail_organization (#46692)
• New Resource: aws_ec2_transit_gateway_metering_policy (#46812)
• New Resource: aws_ec2_transit_gateway_metering_policy_entry (#46812)
• New Resource: aws_wafv2_web_acl_rule (#46682)
• New Resource: aws_workmail_organization (#46692)

ENHANCEMENTS:

• resource/aws_datasync_task: Add schedule.status argument (#46037)
• resource/aws_docdbelastic_cluster: Add shard_instance_count argument (#46938)
• resource/aws_iam_user: Add resource identity support (#46869)
• resource/aws_s3_bucket: Add bucket_namespace argument in support of account regional namespaces for general purpose buckets (#46917)

BUG FIXES:

• data-source/aws_savingsplan_savingsplan: Properly set savings_plan_offering_id during read (#46959)
• resource/aws_bedrockagentcore_gateway: Fix "Unable to Convert Configuration" error caused by schema/model mismatch in authorizer_configuration.custom_jwt_authorizer. This fixes a regression introduced in v6.36.0 (#46908)
• resource/aws_cloudfrontkeyvaluestore_key: Fix issue where values were incorrectly JSON-encoded, resulting in extra quotes being stored in AWS (#46898)
• resource/aws_cloudfrontkeyvaluestore_keys_exclusive: Fix issue where values were incorrectly JSON-encoded, resulting in extra quotes being stored in AWS (#46899)
• resource/aws_datasync_agent: Support activation of advanced mode agents. Previously, attempting to activate advanced mode agents would result in EOF errors when retrieving the activation key (#46958)
• resource/aws_dynamodb_table: Fix GSI removal with key_schema syntax deleting all GSIs (#46602)
• resource/aws_instance: Fix MissingParameter: When specifying CpuOptions you must specify both CoreCount and ThreadsPerCore errors when updating cpu_options.core_count or cpu_options.threads_per_core (#46879)
• resource/aws_lakeformation_opt_in: Rename resource_data.lf_tag.value to resource_data.lf_tag.values and change to a set of string values. Previously, attempting to use resource_data.lf_tag.value would result in missing required field errors (#46788)
• resource/aws_msk_cluster: Properly handle removal of the client_authentication.sasl block (#42163)
• resource/aws_msk_cluster: Properly handle removal of the client_authentication.tls block (#42163)
• resource/aws_msk_cluster: Suppress persistent differences in unset client_authentication.sasl blocks (#42163)
• resource/aws_msk_cluster: Suppress persistent differences in unset client_authentication.tls blocks (#42163)
• resource/aws_s3_bucket_lifecycle_configuration: Fix "Missing Resource Identity After Read" error when resource created with provider version < 6.34.0 is deleted outside Terraform (#46674)
• resource/aws_savingsplan_savingsplan: Properly set savings_plan_offering_id during read to prevent forced replacement following import (#46959)
• resource/aws_wafv2_web_acl: Fix enable_machine_learning in aws_managed_rules_bot_control_rule_set incorrectly defaulting to false instead of reflecting the AWS default of true (#46682)

Changelog

Sourced from hashicorp/aws's changelog.

6.37.0 (March 18, 2026)

BREAKING CHANGES:

• resource/aws_lakeformation_opt_in: Rename resource_data.lf_tag.value to resource_data.lf_tag.values and change to a set of string values (#46788)

NOTES:

• data-source/aws_savingsplan_savingsplan: The offering_id attribute is deprecated. Use savings_plan_offering_id instead. (#46959)
• resource/aws_savingsplan_savingsplan: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing (#46959)
• resource/aws_savingsplan_savingsplan: The offering_id attribute is deprecated. Use savings_plan_offering_id instead. (#46959)

FEATURES:

• New List Resource: aws_ec2_transit_gateway_metering_policy (#46812)
• New List Resource: aws_iam_user (#46869)
• New List Resource: aws_s3_bucket_ownership_controls (#46832)
• New List Resource: aws_wafv2_web_acl_rule (#46682)
• New List Resource: aws_workmail_organization (#46692)
• New Resource: aws_ec2_transit_gateway_metering_policy (#46812)
• New Resource: aws_ec2_transit_gateway_metering_policy_entry (#46812)
• New Resource: aws_wafv2_web_acl_rule (#46682)
• New Resource: aws_workmail_organization (#46692)

ENHANCEMENTS:

• resource/aws_datasync_task: Add schedule.status argument (#46037)
• resource/aws_docdbelastic_cluster: Add shard_instance_count argument (#46938)
• resource/aws_iam_user: Add resource identity support (#46869)
• resource/aws_s3_bucket: Add bucket_namespace argument in support of account regional namespaces for general purpose buckets (#46917)

BUG FIXES:

• data-source/aws_savingsplan_savingsplan: Properly set savings_plan_offering_id during read (#46959)
• resource/aws_bedrockagentcore_gateway: Fix "Unable to Convert Configuration" error caused by schema/model mismatch in authorizer_configuration.custom_jwt_authorizer. This fixes a regression introduced in v6.36.0 (#46908)
• resource/aws_cloudfrontkeyvaluestore_key: Fix issue where values were incorrectly JSON-encoded, resulting in extra quotes being stored in AWS (#46898)
• resource/aws_cloudfrontkeyvaluestore_keys_exclusive: Fix issue where values were incorrectly JSON-encoded, resulting in extra quotes being stored in AWS (#46899)
• resource/aws_datasync_agent: Support activation of advanced mode agents. Previously, attempting to activate advanced mode agents would result in EOF errors when retrieving the activation key (#46958)
• resource/aws_dynamodb_table: Fix GSI removal with key_schema syntax deleting all GSIs (#46602)
• resource/aws_instance: Fix MissingParameter: When specifying CpuOptions you must specify both CoreCount and ThreadsPerCore errors when updating cpu_options.core_count or cpu_options.threads_per_core (#46879)
• resource/aws_lakeformation_opt_in: Rename resource_data.lf_tag.value to resource_data.lf_tag.values and change to a set of string values. Previously, attempting to use resource_data.lf_tag.value would result in missing required field errors (#46788)
• resource/aws_msk_cluster: Properly handle removal of the client_authentication.sasl block (#42163)
• resource/aws_msk_cluster: Properly handle removal of the client_authentication.tls block (#42163)
• resource/aws_msk_cluster: Suppress persistent differences in unset client_authentication.sasl blocks (#42163)
• resource/aws_msk_cluster: Suppress persistent differences in unset client_authentication.tls blocks (#42163)
• resource/aws_s3_bucket_lifecycle_configuration: Fix "Missing Resource Identity After Read" error when resource created with provider version < 6.34.0 is deleted outside Terraform (#46674)
• resource/aws_savingsplan_savingsplan: Properly set savings_plan_offering_id during read to prevent forced replacement following import (#46959)
• resource/aws_wafv2_web_acl: Fix enable_machine_learning in aws_managed_rules_bot_control_rule_set incorrectly defaulting to false instead of reflecting the AWS default of true (#46682)

Commits

• b19b357 Update CHANGELOG.md for #46978
• e98fb9a Merge pull request #46978 from hashicorp/prepare6.37.0
• e4d655a Prepare for v6.37.0 release.
• 1e4312b Merge pull request #46938 from tabito-hara/f-aws_docdbelastic_cluster-add_sha...
• 37ba4ad Merge pull request #46972 from tabito-hara/d-aws_networkfirewall_vpc_endpoint...
• 72daa5a Merge pull request #46970 from hashicorp/resource-counts
• 9e143a1 docs: update resource counts
• e20c226 Update CHANGELOG.md for #46964
• 4056cf8 Merge pull request #46964 from hashicorp/b-resource-identity-s3-bucket-lc
• 54f2f28 Add acceptance test
• Additional commits viewable in compare view

Updates hashicorp/awscc from 1.75.0 to 1.76.0

Release notes

Sourced from hashicorp/awscc's releases.

v1.76.0

1.76.0 (March 18, 2026)

FEATURES:

• New Data Source: awscc_elementalinference_feed
• New Data Source: awscc_elementalinference_feeds
• New Data Source: awscc_glue_catalog
• New Data Source: awscc_glue_catalogs
• New Data Source: awscc_observabilityadmin_telemetry_enrichment
• New Data Source: awscc_observabilityadmin_telemetry_enrichments
• New List Resource: awscc_elementalinference_feed
• New List Resource: awscc_glue_catalog
• New List Resource: awscc_observabilityadmin_telemetry_enrichment
• New Resource: awscc_elementalinference_feed
• New Resource: awscc_glue_catalog
• New Resource: awscc_observabilityadmin_telemetry_enrichment

Changelog

Sourced from hashicorp/awscc's changelog.

1.76.0 (March 18, 2026)

FEATURES:

• New Data Source: awscc_elementalinference_feed
• New Data Source: awscc_elementalinference_feeds
• New Data Source: awscc_glue_catalog
• New Data Source: awscc_glue_catalogs
• New Data Source: awscc_observabilityadmin_telemetry_enrichment
• New Data Source: awscc_observabilityadmin_telemetry_enrichments
• New List Resource: awscc_elementalinference_feed
• New List Resource: awscc_glue_catalog
• New List Resource: awscc_observabilityadmin_telemetry_enrichment
• New Resource: awscc_elementalinference_feed
• New Resource: awscc_glue_catalog
• New Resource: awscc_observabilityadmin_telemetry_enrichment

Commits

• bbd6a35 Merge pull request #3075 from hashicorp/2026-03-18-schema-updates
• 71290aa Prepare for v1.76.0 release.
• d436aed 2026-03-18 Documentation; Update generated documentation
• a3f1fc1 2026-03-18 CloudFormation schemas in us-east-1; Generate Terraform data sourc...
• 25356a8 2026-03-18 CloudFormation schemas in us-east-1; Generate Terraform resource s...
• 14efafa 2026-03-18 CloudFormation schemas in us-east-1; New schemas
• 03bc965 2026-03-18 CloudFormation schemas in us-east-1; Refresh existing schemas
• d25ef99 build(deps): bump the aws-sdk-go group with 5 updates (#3074)
• 8508136 build(deps): bump slackapi/slack-github-action from 2.1.1 to 3.0.1 (#3073)
• 39e02cd build(deps): bump actions/create-github-app-token from 2.2.1 to 3.0.0 (#3072)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Note

Provider lock files have been automatically updated

This Dependabot PR modified infra/shared/versions.tf, so the corresponding
.terraform.lock.hcl files have been automatically updated and committed.

The changes are ready for review and merge.

Important

The actions have not been run on this PR since the lock files were updated, because GHA won't run push actions when the commit has been made by a bot.
To get the CI checks to run, you will need to amend the PR:

1. Check out the PR branch locally: git checkout dependabot/terraform/infra/shared/main/terraform-all-dependencies-2b2e459f31
2. Pull the latest changes: git pull
3. Make a no-op amendment: git commit --amend --no-edit
4. Push the amended commit: git push --force-with-lease

This will trigger the CI checks to run with the updated lock files.

Warning

If dependabot has attempted to modify the PR (i.e. if there are new dependency updates available), comment @dependabot recreate and it'll recreate the PR from scratch (allowing the lock files to be updated correctly).