This is a required release: v202312-1 (745)
Flexible Deployment Options
terraform-enterprise container manifest: amd64/linux
- You can now designate variable sets as a priority, marking all variables within the set as a priority. Priority variables overwrite any variables with the same key set at more specific scopes in the applied workspaces.
- Terraform Enterprise now supports saving plans and applying them later, with the standard
terraform plan -out <FILE>and
terraform apply <FILE>commands. This feature requires Terraform CLI v1.6.0 or newer. You can also create saved plan runs in the API with the
- The configuration versions API now includes a new
provisionalattribute. Provisional configurations delay becoming the configuration version for their workspace upon creation. Instead, provisional configurations only become current after you apply a run using that configuration. Use this attribute when creating
save-planruns via the API.
- Workload identity tokens now work natively with the Kubernetes and Helm providers.
- We have improved screen reader usability for the variable sets page.
- You can now configure auto-destroy runs to remove resources managed by a workspace after a period of workspace inactivity.
- When performing a request to the
/account/detailsAPI with an authentication token, you can now follow the
authenticated-resourcerelationship to access the underlying token holder.
- Policy evaluations (i.e. native OPA support) will now be able to once again run on remote agents after a regression was introduced in v202309-1.
- When a proxy is configured, it will be properly used during all jobs. Previously, in some situations, the proxy was not properly recognized and could lead to failures when accessing modules.
- Custom S3 endpoints will now work properly in all configurations.
- Project and registry module names could previously contain a newline as the final character due to an incorrect validation.
tfe-task-workerwill now properly recycle connections to the host Docker socket.
- Fixed a bug which cached administrative settings incorrectly: leading to the settings changes not applying until instance restart.
- Deleting an organization will no longer fail when that organization has a default agent pool
- Previously specifying multiple configurations for Vault-backed AWS or Vault-backed GCP authentication would return errors related to invalid auth types being specified in certain situations when the auth type specified was actually valid. This has been fixed and these errors should no longer be thrown when a valid auth type is specified.
- An organization could fail to delete if an API token had been generated for that organization’s owners team. Users should now be able to delete these organizations successfully.
- The workspace count is properly outputted from the
- We fixed an issue with a small number of assessments triggering “create” operations that would cause assessments to fail unnecessarily.
- The version of Ruby used has been upgraded to 3.1.4
- Container and binary updates address reported vulnerabilities (CVEs) in underlying base images, packages, and dependencies.