v3.14.0

FEATURES

• New Resource: vcd_external_endpoint to manage External Endpoints (#1295, #1322)
• New Data Source: vcd_external_endpoint to read External Endpoints (#1295, #1322)
• New Resource: vcd_api_filter to manage API Filters (#1295, #1322)
• New Data Source: vcd_api_filter to read API Filters (#1295, #1322)
• New Data Source: vcd_nsxt_tier0_router_interface to read Tier-0 Router Interfaces that can
  be assigned to IP Space Uplinks (#1311)
• New Data Source: vcd_catalog_access_control to read Catalog access controls (#1315)
• New Resource: vcd_nsxt_alb_virtual_service_http_req_rules to manage ALB Virtual Service Request Rules (#1320)
• New Data Source: vcd_nsxt_alb_virtual_service_http_req_rules to read ALB Virtual Service Request Rules (#1320)
• New Resource: vcd_nsxt_alb_virtual_service_http_resp_rules to manage ALB Virtual Service Response Rules (#1320)
• New Data Source: vcd_nsxt_alb_virtual_service_http_resp_rules to read ALB Virtual Service Response Rules (#1320)
• New Resource: vcd_nsxt_alb_virtual_service_http_sec_rules to manage ALB Virtual Service Security Rules (#1320)
• New Data Source: vcd_nsxt_alb_virtual_service_http_sec_rules to read ALB Virtual Service Security Rules (#1320)

IMPROVEMENTS

• Add new argument execution_json to resources and data sources vcd_rde_interface_behavior and vcd_rde_type_behavior
  to define complex behavior executions that could not be specified with the execution map (#1131)
• Add new argument arguments_json and metadata_json to data source vcd_rde_behavior_invocation to be able to
  invoke behaviors that have complex execution definitions (#1131)
• Resources and data sources vcd_vapp_vm and vcd_vm support IPv6 via secondary_ip_allocation_mode
  and secondary_ip fields (#1292)
• Add vcd_nsxt_alb_edgegateway_service_engine_group and vcd_nsxt_alb_service_engine_group resource types to
  vcd_resource_list data source (#1296, #1322)
• Add support for NSX-T Non-distributed Org VDC networks via flags non_distributed_routing_enabled
  in vcd_nsxt_edgegateway and interface_type=non_distributed in vcd_network_routed_v2
  (#1297, #1322)
• Add provider option saml_adfs_cookie that can help lookup of ADFS server (#1298)
• Use Bearer token in SAML ADFS auth flow instead the old one (#1298)
• Resource vcd_nsxt_edgegateway adds support for Distributed-only deployment_mode (#1300)
• Add account_lockout block to vcd_org resource and data source, that specifies the account locking mechanism with the
  sub-arguments enabled, invalid_logins_before_lockout and lockout_interval_minutes (#1304)
• Add IP Space locks for vcd_ip_space_ip_allocation to prevent concurrent modification error in
  API (#1305)
• Resource vcd_ip_space_uplink adds support for managing IP Space Uplink Associated Interfaces via
  associated_interface_ids and new data source vcd_nsxt_tier0_interface (#1311)

BUG FIXES

• Fix Issue 1287 Read-only org sharing prevents sharing to users (#1291)
• Fix Issue 1183 where updates might
  fail for vcd_external_network_v2 when NSX-T edge gateway has dedicate_external_network=true
  (#1301)
• Fix Issue 1236:
  list_mode="import" of data source vcd_resource_list created wrong import statements when VCD items names have special
  characters (#1302)
• Fix Issue 1236:
  list_mode="hierarchy" of data source vcd_resource_list repeated the parent element twice when obtaining the hierarchy (#1302)
• Fix Issue 1243:
  Allow unlimited limit_in_mhz in vcd_vm_sizing_policy resource (#1303, #1318)
• Fix Issue 1307 in vcd_vapp_vm
  and vcd_vm resources where firmware=efi field wouldn't be applied for template based
  VMs with firmware=bios on creation (#1308)
• Fix Issue 1262: Panic when creating a VM with vcd_vm and vcd_vapp_vm
  when the VCD provider is configured with a user without "Organization vDC Disk: View/Edit IOPS" rights (#1312)
• Fix Issue 1216 in vcd_org_vdc
  which failed on creation when vm_placement_policy_ids were set but default_compute_policy_id
  was not declared (System default was used instead) (#1313)
• Fix Issue 1205 in vcd_vapp_vm
  and vcd_vm resources where not setting ip_allocation_mode in a network block would cause a 500 error (#1317)

DEPRECATIONS

• Data source vcd_rde_behavior_invocation deprecate arguments and metadata arguments in favor of arguments_json and
  metadata_json, that allow to invoke behaviors with complex execution definitions (#1131)
• Data source vcd_rde_interface_behavior deprecate execution in favor of execution_json, which allow to read
  complex execution definitions from an existing behavior (#1131)
• Data source vcd_rde_type_behavior deprecate execution in favor of execution_json, which allow to read
  complex execution definitions from an existing behavior (#1131)

NOTES

• Bump go-vcloud-director to v2.26.0 (SDK this provider uses for low level access to the VCD) (#1325)
• Reduce memory usage of test TestAccVcdStandaloneVmWithVmSizing to avoid errors on tiny VCD testing setups (#1306)
• Correct a malformed HCL snippet in the "Connecting with a Service Account API token" section of the documentation (#1322)

v3.13.0

FEATURES

• Add support for VCD 10.6 (#1279)
• New Guide Data Solution Extension and Solution Add-On management (#1286)
• New Guide Site and Org associations to describe association operations for sites and organizations (#1260)
• New Resource: vcd_solution_landing_zone to manage Solution Add-On Landing Zone (#1251)
• New Data Source: vcd_solution_landing_zone to read Solution Add-On Landing Zone (#1251)
• New Resource: vcd_solution_add_on to manage Solution Add-Ons (#1256)
• New Data Source: vcd_solution_add_on to read Solution Add-Ons (#1256)
• New Resource: vcd_solution_add_on_instance to manage Solution Add-On Instances (#1272)
• New Data Source: vcd_solution_add_on_instance to read existing Solution Add-On Instances
  (#1272)
• New Resource: vcd_solution_add_on_instance_publish to manage publishing settings for
  Solution Add-On Instances (#1272)
• New Data Source: vcd_solution_add_on_instance_publish to read publishing settings for
  Solution Add-On Instances (#1272)
• New Resource: vcd_dse_registry_configuration to manage Data Solution Extension (DSE)
  Registry Configuration (#1284,#1286)
• New Data Source: vcd_dse_registry_configuration to read Data Solution Extension (DSE)
  Registry Configuration (#1284,#1286)
• New Resource: vcd_dse_solution_publish to manage DSE Solution publishing (#1284)
• New Data Source: vcd_dse_solution_publish to read DSE Solution publishing (#1284)
• New Data Source: vcd_multisite_site to read the state and associations of current site (#1260)
• New Data Source: vcd_multisite_site_data to produce the association data needed to start a site association (#1260)
• New Data Source: vcd_multisite_site_association to read the details of a site association (#1260)
• New Resource: vcd_multisite_site_association to associate the current site with a remote one (#1260)
• New Data Source: vcd_multisite_org_data to produce the association data needed to start an organization association (#1260)
• New Data Source: vcd_multisite_org_association to read the details of an organization association (#1260)
• New Resource: vcd_multisite_org_association to associate a local organization with a remote one (#1260)
• New Resource: vcd_org_oidc to manage the Open ID Connect settings for an Organization (#1263)
• New Data Source: vcd_org_oidc to read the Open ID Connect settings from an Organization (#1263)
• New Resource: vcd_org_vdc_template to manage VDC Templates (#1276, #1280)
• New Data Source: vcd_org_vdc_template to read VDC Templates (#1276)
• New Resource: vcd_org_vdc_template_instance to instantiate VDC Templates (#1280)

IMPROVEMENTS

• Resource and data source vcd_vapp add fields vm_names, vapp_network_names, vapp_org_network_names to list VMs and vApp networks. (#1235)
• Data source vcd_resource_list adds ability to list vcd_vapp_network, vcd_vapp_org_network, vcd_vapp_all_network to list vApp networks (#1235)
• Resource and data source vcd_external_network_v2 add support for Provider Gateway Topology
  intentions in VCD 10.5.1+ via fields nat_and_firewall_service_intention and
  route_advertisement_intention (#1239)
• Resource vcd_nsxt_firewall supports REJECT action (#1240)
• Resources vcd_vapp_vm and vcd_vm add property set_extra_config to add, modify, or remove VM extra configuration items (#1253, #1288)
• Resources and data sources vcd_vapp_vm and vcd_vm add property extra_config to read existing VM extra configuration (#1253, #1288)
• Resource and data source vcd_catalog_media exposed additional attribute catalog_item_id to
  expose catalog item ID (#1256)
• Data source vcd_resource_list can now list site and organization associations (#1260)
• The worker_pool block from vcd_cse_kubernetes_cluster resource allows to configure the
  cluster autoscaler with
  autoscaler_max_replicas and autoscaler_min_replicas arguments (#1269)
• Data source vcd_resource_list can list VDC Templates (#1276)
• Improve rde_type_behavior_acl documentation to state that redundant access levels should be avoided, especially
  in VCD 10.6+ to prevent undesired updates-in-place during plans (#1277)

BUG FIXES

• Fix a missing Edge Gateway filter bug in vcd_nsxt_alb_edgegateway_service_engine_group resource
  (issue #1245) (#1246)
• Fix Issue #1258: vcd_cse_kubernetes_cluster fails
  during creation when the chosen network belongs to a VDC Group (#1266)
• Fix Issue #1265: The kubeconfig attribute from
  vcd_cse_kubernetes_cluster resource and data source is now marked as sensitive (#1266)
• Fix a bug where vcd_nsxt_distributed_firewall_rule resource could report incorrect firewall rule
  when using above_rule_id (issue
  #1202) (#1268)
• Fix vcd_catalog_media resource so it doesn't wait indefinitely to the upload task to reach 100% progress,
  by checking also its status, to decide that the upload is complete or aborted (#1273)
• Fix Issue 1170 where an imported VM complains about missing or altered fields and Terraform tries to re-create the resource (#1274)
• Fix Issue #1202 - Resource and
  data source vcd_nsxt_edgegateway may crash due to exhausting memory while counting huge IPv6
  subnets by adding count limit defined inip_count_read_limit field (#1275)
• Fix vcd_nsxt_ipsec_vpn_tunnel update operations, that failed in VCD 10.6+ when a security_profile_customization block is added
  to the IPSec VPN tunnel (#1282)
• Fix resource vcd_nsxt_alb_settings so update operations don't fail in VCD 10.6+ (#1283)

NOTES

• Bump terraform-plugin-sdk to v2.34.0 (#1271)
• Amend the test TestAccVcdRdeDuplicate so it doesn't fail on VCD 10.6+. Since this version, whenever a RDE is created
  in a tenant by the System Administrator, the owner is not "administrator" anymore, but "system" (#1278)
• Tests for FLEX Org VDC must set memory_guaranteed when include_vm_memory_overhead=true
  ([#1281](#128...

v3.12.1

IMPROVEMENTS

• Improve page links for authentication methods in main documentation page (#1241)
• Rename VMware NSX Advanced Load Balancer (Avi) to VMware Avi Load Balancer (#1241)

BUG FIXES

• Fix Issue #1242: panic when edge gateway IP count returns empty (#1244)
• Fix Issue #1248 that prevents CSE Kubernetes clusters from being upgraded to an OVA with higher Kubernetes version but same TKG version, and to an OVA with a higher patch version of Kubernetes (#1247)
• Fix Issue #1248 that prevents CSE Kubernetes clusters from being upgraded to TKG v2.5.0 with Kubernetes v1.26.11 as it performed an invalid upgrade of CoreDNS (#1247)
• Fix Issue #1252 that prevents reading the SSH Public Key from provisioned CSE Kubernetes clusters (#1247)

NOTES

• Bump go-vcloud-director to v2.24.0 (SDK this provider uses for low level access to the VCD) (#1247)

v3.12.0

FEATURES

• New Resource: vcd_cse_kubernetes_cluster to create and manage Kubernetes clusters in a VCD with Container Service Extension 4.2.1, 4.2.0, 4.1.1 or 4.1.0 installed and running (#1195, #1218, #1222)
• New Data Source: vcd_cse_kubernetes_cluster to read Kubernetes clusters from a VCD with Container Service Extension 4.2.1, 4.2.0, 4.1.1 or 4.1.0 installed and running (#1195, #1218, #1222)
• New Data Source: vcd_version to get the VCD version and perform additional checks with version constraints (#1195, #1218)

IMPROVEMENTS

• Resource vcd_provider_vdc adds ability of creating a provider VDC without network pool or NSX-T manager (issue #1186) (#1220)
• Add route advertisement support to vcd_network_routed_v2 via field route_advertisement_enabled
  (#1203)
• vcd_vapp_vm and vcd_vm add field consolidate_disks_on_create that helps to change template
  disk sizes using override_template_disk in fast provisioned VDCs (#1206)
• vcd_vapp_vm and vcd_vm add support for VM Copy operation by using copy_from_vm_id field
  (#1210, #1218, #1219)
• Resources and data sources vcd_vapp_vm/vcd_vm expose computed field vapp_id (#1215)
• Resource vcd_catalog_vapp_template supports creating templates from existing vApps and
  standalone VMs using new capture_vapp configuration block (#1215)
• Resource vcd_catalog_vapp_template exposes attribute catalog_item_id for related Catalog Item
  ID (#1215, #1219)

BUG FIXES

• Fix Issue #1121 Portgroup backed network pool can't have a data source (#1220)

DEPRECATIONS

• Resource vcd_cse_kubernetes_cluster deprecates the Container Service Extension cluster management guide,
  so users should not use vcd_rde resources to create a Kubernetes cluster anymore (#1195)

NOTES

• Bump terraform-plugin-sdk to v2.31.0 (#1193)
• Bump go-vcloud-director to v2.23.0 (SDK this provider uses for low level access
  to the VCD) (#1225)

v3.11.0

FEATURES

• Add support for VMware Cloud Director 10.5.1
• Add support for Container Service Extension 4.1 by updating both the installation and the cluster management
  guides (#1063, #1139)
• New Resource: vcd_network_pool to create and manage network pools (#1115)
• New Data Source: vcd_nsxt_segment_ip_discovery_profile to read NSX-T IP Discovery Segment Profiles (#1120)
• New Data Source: vcd_nsxt_segment_mac_discovery_profile to read NSX-T MAC Discovery Segment Profiles (#1120)
• New Data Source: vcd_nsxt_segment_spoof_guard_profile to read NSX-T Spoof Guard Profiles (#1120)
• New Data Source: vcd_nsxt_segment_qos_profile to read NSX-T QoS Profiles (#1120)
• New Data Source: vcd_nsxt_segment_security_profile to read NSX-T Segment Security Profiles (#1120)
• New Resource: vcd_nsxt_segment_profile_template to manage NSX-T Segment Profile Templates (#1120)
• New Data Source: vcd_nsxt_segment_profile_template to read NSX-T Segment Profile Templates (#1120)
• New Resource: vcd_nsxt_global_default_segment_profile_template to manage NSX-T Global Default Segment Profile Templates (#1120)
• New Data Source: vcd_nsxt_global_default_segment_profile_template to read NSX-T Global Default Segment Profile Templates (#1120)
• New Resource: vcd_org_vdc_nsxt_network_profile to manage default Segment Profile Templates for NSX-T VDCs (#1120)
• New Data Source: vcd_org_vdc_nsxt_network_profile to read default Segment Profile Templates for NSX-T VDCs (#1120)
• New Resource: vcd_nsxt_network_segment_profile to manage individual Segment Profiles or Segment Profile Templates for NSX-T Org VDC Networks (#1120)
• New Data Source: vcd_nsxt_network_segment_profile to read individual Segment Profiles or Segment Profile Templates for NSX-T Org VDC Networks (#1120)
• New Resource: vcd_nsxt_edgegateway_l2_vpn_tunnel to manage Edge Gateway L2 VPN Tunnel sessions (#1061)
• New Data Source: vcd_nsxt_edgegateway_l2_vpn_tunnel to read Edge Gateway L2 VPN Tunnel sessions (#1061)
• New Resource: vcd_nsxt_edgegateway_dns to manage Edge Gateway DNS forwarder configuration (#1154)
• New Data Source: vcd_nsxt_edgegateway_dns to read Edge Gateway DNS forwarder configuration (#1154)

EXPERIMENTAL FEATURES

• New guide Importing resources on how to import resources with new experimental Terraform import blocks (#1104)
• New example Importing catalog contents showing how to import shared catalogs (#1104)
• New example Importing cloned vApps showing how to import vApps and VMs from cloned vApps (#1104)
• New Data Source: vcd_rde_behavior_invocation to invoke a Behavior of a given RDE (#1117, #1136)
• New Resource: vcd_vm_vgpu_policy to manage VM vGPU compute policy configuration (#1167)
• New Data Source: vcd_vm_vgpu_policy to read VM vGPU compute policies (#1167)

IMPROVEMENTS

• Add metadata_entry attribute to vcd_rde resource and data source to manage metadata entries of type
  String, Number and Bool in Runtime Defined Entities (#1018, #1164)
• Resource vcd_catalog_access_control adds property read_only_shared_with_all_orgs to share the catalog as read-only with all organizations (#1020)
• Resource and data source vcd_org add properties number_of_vdcs, number_of_catalogs, list_of_vdcs, list_of_catalogs (#1020)
• Resources vcd_vapp_network and vcd_vapp_org_network will additionally check if vApp is in
  RESOLVED (in addition to already checked POWERED_OFF) state before attempting a reboot when
  reboot_vapp_on_removal flag is set to true (#1092)
• Resource vcd_vdc_group supports force deletion using new parameter force_delete (#1071)
• Add fields name_regex and import_file_name to vcd_resource_list to facilitate creation of import blocks (#1104)
• Properties delete_force and delete_recursive in vcd_org, vcd_org_vdc, and vcd_catalog are now optional, to facilitate import operations (#1104)
• Properties ova_path and ovf_url in vcd_catalog_item and vcd_vapp_template are now optional, to facilitate import operations (#1104)
• Property ova_path in vcd_catalog_media is now optional, to facilitate import operations (#1104)
• Add field ssl_enabled to resource and data source vcd_nsxt_alb_pool to set SSL support on demand (#1108)
• Introduce new attributes firmware and boot_options to vcd_vm and vcd_vapp_vm, allowing to specify boot options of a VM (VCD 10.4.1+) (#1109)
• Resource and data source vcd_nsxt_edgegateway support attachment of NSX-T Segment backed
  External Networks via external_network block (#1111, #1172)
• Data source vcd_resource_list can now list network pools, vCenters, NSX-T transfer zones, distributed switches, and importable port groups (#1115)
• Data source vcd_network_pool includes all properties of the corresponding resource (#1115)
• Field rde_type_id from resource vcd_rde does not force a deletion when updated, to allow easier RDE Type version upgrades (#1117)
• Resource vcd_rde_type supports Behavior hooks with the new hook blocks, that allow to automatically invoke
  Behaviors on certain RDE lifecycle events (#1122)
• Data source vcd_rde_type supports reading Behavior hooks from VCD and store their information in the new hook blocks (#1122)
• Add property upload_any_file to resource vcd_catalog_media to allow uploading any file as catalog media item (#1123)
• Add property download_to_file to data source vcd_catalog_media to allow downloading a catalog media item into a file (#1124)
• Resource vcd_provider_vdc supports metadata with metadata_entry blocks (#1126)
• Resource and data source vcd_catalog_vapp_template add property lease with field storage_lease_in_sec to handle
  the VApp Template lease (#1130)
• Add property custom_user_ou to vcd_org_ldap to specify custom attributes when ldap_mode = "SYSTEM" (#1142)
• Add support to the metadata that gets automatically created on vcd_vapp_vm and vcd_vm when they are created by a VM from a vApp Template in VCD 10.5.1+, with the new inherited_metadata computed map. Example of metadata entries of this kind: vm.origin.id, vm.origin.name, vm.origin.type (#1146, #1173)
• Add support to the metadata that gets automatically created on vcd_vapp when it is created by a vApp Template or another vApp in VCD 10.5.1+, with the new inherited_metadata computed map. Example of metadata entries of this kind: vapp.origin.id, vapp.origin.name, vapp.origin.type ([#1146]...

v3.10.0

FEATURES

• Add a new guide to create and manage Kubernetes Clusters using Container Service Extension v4.0 (#1030)
• New Resource: vcd_nsxt_edgegateway_dhcp_forwarding to manage NSX-T Edge Gateway DHCP Forwarding configuration (#1056)
• New Data Source: vcd_nsxt_edgegateway_dhcp_forwarding to read NSX-T Edge Gateway DHCP Forwarding configuration (#1056)
• New Resource: vcd_ui_plugin to programmatically install and manage UI Plugins (#1059)
• New Data Source: vcd_ui_plugin to fetch existing UI Plugins (#1059)
• New Resource: vcd_ip_space to manage IP Spaces in VCD 10.4.1+ (#1061)
• New Data Source: vcd_ip_space to read IP Spaces in VCD 10.4.1+ (#1061)
• New Resource: vcd_ip_space_uplink to manage IP Space Uplinks for External Networks (Provider
  gateways) in VCD 10.4.1+ (#1062)
• New Data Source: vcd_ip_space_uplink to read IP Space Uplinks for External Networks
  (Provider gateways) in VCD 10.4.1+ (#1062)
• New Resource: vcd_ip_space_ip_allocation to manage IP Space IP Allocations in VCD 10.4.1+
  (#1062)
• New Data Source: vcd_ip_space_ip_allocation to read IP Space IP Allocations in VCD 10.4.1+
  (#1062)
• New Resource: vcd_ip_space_custom_quota to manage Custom IP Space Quotas for individual
  Organizations in VCD 10.4.1+ (#1062)
• New Data Source: vcd_ip_space_custom_quota to read Custom IP Space Quotas for individual
  Organizations in VCD 10.4.1+ (#1062)
• New Resource: vcd_org_saml to manage an organization SAML configuration (#1064)
• New Data Source: vcd_org_saml to read an organization SAML configuration (#1064)
• New Data Source: vcd_org_saml_metadata to read an organization SAML service provider metadata (#1064)
• New Resource: vcd_api_token to manage API tokens (#1070)
• New Resource: vcd_service_account to manage Service Accounts (#1070)
• New Data Source: vcd_service_account to read Service Accounts (#1070)
• New Resource: vcd_nsxt_edgegateway_dhcpv6 to manage NSX-T Edge Gateway DHCPv6 configuration
  (#1071,#1083)
• New Data Source: vcd_nsxt_edgegateway_dhcpv6 to read NSX-T Edge Gateway DHCPv6 configuration
  (#1071,#1083)
• New Resource: vcd_provider_vdc to manage provider VDCs (#1073)
• New Data Source: vcd_resource_pool to read vCenter Resource Pools (#1073)
• New Data Source: vcd_network_pool to read Network Pools (#1073)
• New Resource: vcd_rde_interface_behavior to manage RDE Interface Behaviors, which can be invoked by RDEs and
  overridden by RDE Types (#1074)
• New Data Source: vcd_rde_interface_behavior to read RDE Interface Behaviors, so they can be used
  in RDE Type Behavior overrides (#1074)
• New Resource: vcd_rde_type_behavior to manage Behaviors in RDE Types, which can override those defined
  in RDE Interfaces (#1074)
• New Data Source: vcd_rde_type_behavior to read RDE Type Behaviors (#1074)
• New Resource: vcd_rde_type_behavior_acl to manage the access to Behaviors in RDE Types and RDE Interfaces (#1074)
• New Data Source: vcd_rde_type_behavior_acl to read Access Levels from Behaviors of RDE Types and RDE Interfaces (#1074)
• New Resource: vcd_nsxt_edgegateway_static_route to manage NSX-T Edge Gateway Static Routes
  on VCD 10.4.0+ (#1075)
• New Data Source: vcd_nsxt_edgegateway_static_route to read NSX-T Edge Gateway Static Routes
  on VCD 10.4.0+ (#1075)
• New Resource: vcd_nsxt_distributed_firewall_rule to manage NSX-T Distributed Firewall one by
  one. Rules will not be created in parallel because the API provides no direct endpoint to create
  a single rule and this functionality uses a custom-made function that abstracts the "update all"
  endpoint (#1076)
• New Data Source: vcd_nsxt_distributed_firewall_rule to read NSX-T Distributed Firewall one
  by one (#1076)
• New Resource: vcd_cloned_vapp to create a vApp from either a vApp template or another vApp (#1081)

EXPERIMENTAL

(Experimental features and improvements may change in future releases, until declared stable.)

• Add ignore_metadata_changes argument to the Provider configuration to be able to specify metadata entries that should not
  be managed by Terraform when using metadata_entry configuration blocks (#1057, #1089)

IMPROVEMENTS

• The guide to install the Container Service Extension v4.0 now additionally explains how to install the
  Kubernetes Container Clusters UI Plugin (#1059)
• vcd_external_network_v2 resource and data source support IP Spaces on VCD 10.4.1+ by adding
  use_ip_spaces and dedicated_org_id fields (#1062)
• vcd_nsxt_edgegateway resource supports IP Spaces by not requiring subnet specification
  (#1062)
• Resource and data source vcd_nsxt_alb_virtual_service support IPv6 on VCD 10.4.0+ via new field
  ipv6_virtual_ip_address (#1071)
• Resource and data source vcd_network_routed_v2 support Dual-Stack mode using
  dual_stack_enabled and secondary_gateway, secondary_prefix_length,
  secondary_static_ip_pool fields (#1071)
• Resource and data source vcd_network_isolated_v2 support Dual-Stack mode using
  dual_stack_enabled and secondary_gateway, secondary_prefix_length,
  secondary_static_ip_pool fields (#1071)
• Resource and data source vcd_nsxt_network_imported support Dual-Stack mode using
  dual_stack_enabled and secondary_gateway, secondary_prefix_length,
  secondary_static_ip_pool fields (#1071)
• Resource and data source vcd_nsxt_network_dhcp_binding support dhcp_v6_config config (#1071)
• Validate possibility to perform end to end IPv6 configuration via additional tests (#1071)
• Resource vcd_vdc_group adds new field remove_default_firewall_rule to remove default
  Distributed Firewall Rule after creation (#1076)
• The attribute description of vcd_vm_placement_policy is now Computed, as latest VCD versions set a default description
  automatically if it is not set (#1082)

BUG FIXES

• Fix Issue #1058 - Multiple SYSTEM scope data source vcd_nsxt_app_port_profile when multiple NSX-T managers are configured (#1065)
• Fix Issue #1069 - Inconsistent security_profile_customization field during vcd_nsxt_ipsec_vpn_tunnel update (#1072)
• Fix Issue #1066 - Not possible to handle more than 128 storage profiles (#1073)
• Fix a bug that caused vcd_catalog creation to fail if it is created with depreca...

v3.9.0

FEATURES

• New guide to install Container Service Extension (CSE) v4.0 in VCD 10.4+ (#1003, #1053)
• New Resource: vcd_rde_interface to manage Runtime Defined Entity Interfaces
  which are required for using Runtime Defined Entity (RDE) types (#965)
• New Data Source: vcd_rde_interface to fetch existing Runtime Defined Entity Interfaces (#965)
• New Resource: vcd_rde_type to manage Runtime Defined Entity Types
  which are required for using Runtime Defined Entities (RDEs) (#973)
• New Data Source: vcd_rde_type to fetch existing Runtime Defined Entity Types (#973)
• New Resource: vcd_rde to manage Runtime Defined Entities (#977)
• New Data Source: vcd_rde to fetch existing Runtime Defined Entities (#977)
• New Resource: vcd_nsxv_distributed_firewall to create and manage NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_distributed_firewall to fetch existing NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_application_finder to search applications and application groups to use with a NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_application to fetch existing application to use with a NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_application_group to fetch existing application_group to use with a NSX-V distributed firewall (#988)
• New Resource: vcd_nsxt_network_dhcp_binding to manage NSX-T DHCP Bindings (#1039)
• New Data Source: vcd_nsxt_network_dhcp_binding to read NSX-T DHCP Bindings (#1039)
• New Resource: vcd_nsxt_edgegateway_rate_limiting to manage NSX-T Edge Gateway Rate Limiting (#1042)
• New Data Source: vcd_nsxt_edgegateway_rate_limiting to read NSX-T Edge Gateway Rate Limiting (#1042)
• New Data Source: vcd_nsxt_edgegateway_qos_profile to read QoS profiles available for
  vcd_nsxt_edgegateway_rate_limiting resource (#1042)

IMPROVEMENTS

• vcd_external_network_v2 allows setting DNS fields dns1, dns2 and dns_suffix for NSX-T
  backed entities so that it can be inherited by direct Org VDC networks (#984)
• vcd_org_vdc includes a property enable_nsxv_distributed_firewall to enable or disable a NSX-V distributed firewall (#988)
• vcd_nsxt_edgegateway resource and data source got automatic IP allocation support using new
  configuration fields subnet_with_total_ip_count, subnet_with_ip_count and total_allocated_ip_count fields (#991)
• vcd_nsxt_edgegateway resource and data source expose used_ip_count and unused_ip_count
  attributes (#991, #1047)
• vcd_nsxt_alb_settings resource and data source adds two new fields is_transparent_mode_enabled
  and ipv6_service_network_specification (#996)
• Resources vcd_vapp_network and vcd_vapp_org_network add convenience flag
  reboot_vapp_on_removal. When enabled, it will power off parent vApp (and power back on after
  if it was before) during vApp network removal. This improves workflows with VCD 10.4.1+ which
  returns an error when removing vApp networks from powered on vApps (#1004)
• vcd_vapp_vm and vcd_vm resources support security tag management via new field security_tags (#1006, #1046)
• Resource vcd_nsxt_ipsec_vpn_tunnel adds support for custom remote_id field and certificate
  based auth via fields authentication_mode, certificate_id, ca_certificate_id (#1010)
• vcd_org_group adds OAUTH as an option to argument provider_type (#1013)
• Resource and data source vcd_nsxt_alb_virtual_service add support for Transparent mode in VCD
  10.4.1+ via field is_transparent_mode_enabled (#1024)
• Resource and data source vcd_nsxt_alb_pool add support for Pool Group Membership via field
  member_group_id (#1024)
• Resource and data source vcd_nsxt_network_imported support Distributed Virtual Port Group (DVPG)
  backed Org VDC network (#1043)
• Support provider authentication using Active Service Accounts (#1040)

BUG FIXES

• Fix a bug that prevented returning a specific error while authenticating provider with invalid
  password (#962)
• Add prefix_length field to vcd_vapp_network as creating IPv6 vApp networks was not supported due to the lack of a suitable subnet representation (Issue #999) (#1007, #1031)
• Remove incorrect default value from vcd_vapp_network netmask field, as it prevents using IPv6 networks. Users of already defined resources need to add a netmask = "255.255.255.0" when using IPv4 (#1007)

DEPRECATIONS

• Deprecate netmask in favor of prefix_length for vcd_vapp_network (#1007)

NOTES

• Add missing test name fields for TestAccVcdNsxtEdgeBgpConfigIntegrationVdc and
  TestAccVcdNsxtEdgeBgpConfigIntegrationVdcGroup (#958)
• Create TestAccVcdCatalogRename, which checks that renaming a catalog works correctly (#992)
• Removed disk update steps from TestAccVcdIndependentDiskBasic, as it was sometimes failing due to a bug in VCD. Created a new one TestAccVcdIndependentDiskBasicWithUpdates which will be run only on new releases of VCD (>=v10.4.1) (#1014)
• Increased sleep in between testing steps in TestAccVcdNsxtDynamicSecurityGroupVdcGroupCriteriaWithVms from 15s to 25s to let VMs get created (#1014)
• Added skipping of TestAccVcdVsphereSubscriber and TestAccVcdSubscribedCatalog if VCD version is older than v10.4.0 as there was a bug with catalog sharing rights that caused the tests to fail (#1014)
• Update CODING_GUIDELINES.md with documentation notes (#1015)
• Bump terraform-plugin-sdk to v2.26.1 (#1002, #1023)
• Bump golang.org/x/net to v0.7.0 to address vulnerability reports (#1002)
• Add support for Go 1.20 in testing workflows (#1034)
• Bump staticcheck to 2023.1.3 (#1034)

v3.9.0-beta.2

DOCUMENTATION IMPROVEMENTS

• v3.9.0-beta.2 has only Terraform registry documentation improvements over v3.9.0-beta.1

FEATURES

• New Resource: vcd_rde_interface to manage Runtime Defined Entity Interfaces
  which are required for using Runtime Defined Entity (RDE) Types (#965)
• New Data Source: vcd_rde_interface to fetch existing Runtime Defined Entity Interfaces (#965)
• New Resource: vcd_rde_type to manage Runtime Defined Entity Types
  which are required for using Runtime Defined Entities (RDEs) (#973)
• New Data Source: vcd_rde_type to fetch existing Runtime Defined Entity Types (#973)
• New Resource: vcd_rde to manage Runtime Defined Entities (#977)
• New Data Source: vcd_rde to fetch existing Runtime Defined Entities (#977)
• New Resource: vcd_nsxv_distributed_firewall to create and manage NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_distributed_firewall to fetch existing NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_application_finder to search applications and application groups to use with a NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_application to fetch existing application to use with a NSX-V distributed firewall (#988)
• New Data Source: vcd_nsxv_application_group to fetch existing application_group to use with a NSX-V distributed firewall (#988)

IMPROVEMENTS

• vcd_external_network_v2 allows setting DNS fields dns1, dns2 and dns_suffix for NSX-T
  backed entities so that it can be inherited by direct Org VDC networks (#984]
• vcd_org_vdc includes a property enable_nsxv_distributed_firewall to enable or disable a NSX-V distributed firewall [#988)
• vcd_nsxt_edgegateway resource and data source got automatic IP allocation support using new
  configuration fields subnet_with_total_ip_count, subnet_with_ip_count and total_allocated_ip_count fields (#991)
• vcd_nsxt_edgegateway resource and data source expose used_ip_count and unused_ip_count
  attributes (#991)
• vcd_nsxt_alb_settings resource and data source adds two new fields is_transparent_mode_enabled
  and ipv6_service_network_specification (#996)
• Resources vcd_vapp_network and vcd_vapp_org_network add convenience flag
  reboot_vapp_on_removal. When enabled, it will power off parent vApp (and power back on after
  if it was before) during vApp network removal. This improves workflows with VCD 10.4.1+ which
  returns an error when removing vApp networks from powered on vApps (#1004)
• vcd_org_group adds OAUTH as an option to argument provider_type (#1013)

BUG FIXES

• Fix a bug that prevented returning a specific error while authenticating provider with invalid
  password (#962)
• Add prefix_length field to vcd_vapp_network as creating IPv6 vApp networks was not supported due to the lack of a suitable subnet representation (Issue #999) (#1007)
• Remove incorrect default value from vcd_vapp_network netmask field, as it prevents using IPV6 networks. Users of already defined resources need to add a netmask = "255.255.255.0" when using Ipv4 (#1007)

DEPRECATIONS

• Deprecate netmask in vcd_vapp_network (#1007)

NOTES

• Add missing test name fields for TestAccVcdNsxtEdgeBgpConfigIntegrationVdc and
  TestAccVcdNsxtEdgeBgpConfigIntegrationVdcGroup (#958)
• Create TestAccVcdCatalogRename, which checks that renaming a catalog works correctly (#992)
• Bump terraform-plugin-sdk to v2.25.0 (#1002)
• Bump golang.org/x/net to v0.7.0 to address vulnerability reports (#1002)
• Removed disk update steps from TestAccVcdIndependentDiskBasic, as it was sometimes failing due to a bug in VCD. Created a new one TestAccVcdIndependentDiskBasicWithUpdates which will be run only on new releases of VCD (>=v10.4.1) (#1014)
• Increased sleep in between testing steps in TestAccVcdNsxtDynamicSecurityGroupVdcGroupCriteriaWithVms from 15s to 25s to let VMs get created (#1014)
• Added skipping of TestAccVcdVsphereSubscriber and TestAccVcdSubscribedCatalog if VCD version is older than v10.4.0 as there was a bug with catalog sharing rights that caused the tests to fail (#1014]
• Update CODING_GUIDELINES.md with documentation notes [#1015)

v3.8.2

IMPROVEMENTS

• Add catalog_id to resource and data source vcd_catalog_media to allow handling similarly to vcd_catalog_vapp_template (#972)

BUG FIXES

• Change vcd_catalog, vcd_catalog_media, vcd_catalog_vapp_template, and vcd_catalog_item to access their entities without the need to use a full Org object, thus allowing the access to shared catalogs from other organizations (Issue #960) (#972)
• Fix a bug that caused inconsistent plan when using group_id in vcd_catalog_access_control,
  vcd_org_vdc_access_control and vcd_vapp_access_control resources (#963)
• Remove unnecessary URL checks from vcd_subscribed_catalog creation, to allow subscribing to non-VCD entities, such as vSphere shared library (#972)
• Remove unnecessary validation that prevents attaching NSX-T Org network to vApp using
  org_network_name field in vcd_vapp_network resource (#975)

DEPRECATIONS

• Deprecate usage of catalog in favor of catalog_id in vcd_catalog_media (#972)

NOTES

• Add mini-framework for running tests with several Organizations (#972)
• Try to amend quirky test TestAccVcdNsxtDynamicSecurityGroupVdcGroupCriteriaWithVm that sometimes fails due to a bad filter.
  It now uses a shorter name for the Dynamic Security Groups to try to not break the resulting filter chain (#980)

v3.8.1

IMPROVEMENTS

• Add vdc_id to data source vcd_vm_placement_policy to allow tenant users to fetch VM Placement Policies from
  the ones assigned to VDCs (#948)
• Resource and data source vcd_catalog and vcd_subscribed_catalog introduce new computed field is_local to specify
  whether the catalog originated from the current org (#949)
• Improve usage of org field in vcd_catalog to accept sharing Org name for shared catalogs and improve error messages (#949)

BUG FIXES

• Fix a bug that caused vcd_vm_group data source to fail when the backing Provider VDC had multiple resource pools (#948)
• Fix issue #944 - shared catalog datasource not accessible to Org users (#949)
• Fix issue #672 - update Org with invalid or extended LDAP settings (#952, #955)