Bump the version-updates group across 1 directory with 2 updates

[dependabot]

Bumps the version-updates group with 2 updates in the /groups/dps directory: hashicorp/aws and instance_profile::terraform-modules.

Updates hashicorp/aws from 5.86.0 to 5.88.0

Release notes

Sourced from hashicorp/aws's releases.

v5.88.0

NOTES:

• resource/aws_s3_bucket_lifecycle_configuration: A warning diagnostic has been added for configurations where rule.expiration.expired_object_delete_marker is set with either rule.expiration.date or rule.expiration.days. While historically the provider allowed this invalid configuration, the migration of this resource to the Terraform Plugin Framework in v5.86.0 resulted in this misconfiguration surfacing as a hard inconsistent result after apply error. This diagnostic aims to direct users how to resolve the issue at plan time. See this issue comment for additional context. (#41462)

FEATURES:

• New Data Source: aws_cloudwatch_contributor_managed_insight_rules (#41472)
• New Resource: aws_cloudwatch_contributor_managed_insight_rule (#41449)
• New Resource: aws_qbusiness_application (#35249)

ENHANCEMENTS:

• resource/aws_bedrock_model_invocation_logging_configuration: Add video_data_delivery_enabled argument (#41317)
• resource/aws_db_instance: Add password_wo write-only attribute (#41366)
• resource/aws_docdb_cluster: Add master_password_wo write-only attribute (#41413)
• resource/aws_glue_partition: Add storage_descriptor.additional_locations argument (#41434)
• resource/aws_redshift_cluster: Add master_password_wo write-only attribute (#41411)
• resource/aws_redshiftserverless_namespace: Add admin_user_password_wo write-only attribute (#41412)
• resource/aws_secretsmanager_secret_version: Add secret_string_wo write-only attribute (#41371)

BUG FIXES:

• data-source/aws_codebuild_fleet: Prevents panic when scaling_configuration is not empty. (#41377)
• resource/aws_amplify_domain_association: Prevents unexpected state error when creating with multiple sub_domain (#36961)
• resource/aws_bedrock_model_invocation_logging_configuration: Set embedding_data_delivery_enabled, image_data_delivery_enabled, and text_data_delivery_enabled arguments as optional with default value of true (#41317)
• resource/aws_cloudwatch_contributor_insight_rule: Fix enable/disable rule state (#41449)
• resource/aws_dynamodb_table: Fixes long delay in creation of replicas (#41451)

v5.87.0

FEATURES:

• New Resource: aws_cloudwatch_contributor_insight_rule (#41373)

ENHANCEMENTS:

• resource/aws_dynamodb_table_export: Add export_type and incremental_export_specification arguments (#41303)
• resource/aws_quicksight_data_source: Add parameters.s3.role_arn argument to allow override an account-wide role for a specific S3 data source (#41284)
• resource/aws_rds_cluster: Add master_password_wo write-only attribute (#41314)
• resource/aws_rekognition_stream_processor: Deprecates stream_processor_arn in favor of arn. (#41271)
• resource/aws_ssm_parameter: Add value_wo write-only attribute (#40952)
• resource/aws_vpclattice_access_log_subscription: Add service_network_log_type argument (#41304)

BUG FIXES:

• data-source/aws_dynamodb_table: Add missing on_demand_throughput and global_secondary_index.*.on_demand_throughput attributes to resolve read error (#41350)
• resource/aws_cloudformation_stack_set_instance: Prevents overly-long creation times and possible OperationInProgress errors (#41388)
• resource/aws_detective_member: No longer fails with unexpected status when adding Organization member accounts. (#41344)

... (truncated)

Changelog

Sourced from hashicorp/aws's changelog.

5.88.0 (February 20, 2025)

NOTES:

• resource/aws_s3_bucket_lifecycle_configuration: A warning diagnostic has been added for configurations where rule.expiration.expired_object_delete_marker is set with either rule.expiration.date or rule.expiration.days. While historically the provider allowed this invalid configuration, the migration of this resource to the Terraform Plugin Framework in v5.86.0 resulted in this misconfiguration surfacing as a hard inconsistent result after apply error. This diagnostic aims to direct users how to resolve the issue at plan time. See this issue comment for additional context. (#41462)

FEATURES:

• New Data Source: aws_cloudwatch_contributor_managed_insight_rules (#41472)
• New Resource: aws_cloudwatch_contributor_managed_insight_rule (#41449)
• New Resource: aws_qbusiness_application (#35249)

ENHANCEMENTS:

• resource/aws_bedrock_model_invocation_logging_configuration: Add video_data_delivery_enabled argument (#41317)
• resource/aws_db_instance: Add password_wo write-only attribute (#41366)
• resource/aws_docdb_cluster: Add master_password_wo write-only attribute (#41413)
• resource/aws_glue_partition: Add storage_descriptor.additional_locations argument (#41434)
• resource/aws_redshift_cluster: Add master_password_wo write-only attribute (#41411)
• resource/aws_redshiftserverless_namespace: Add admin_user_password_wo write-only attribute (#41412)
• resource/aws_secretsmanager_secret_version: Add secret_string_wo write-only attribute (#41371)

BUG FIXES:

• data-source/aws_codebuild_fleet: Prevents panic when scaling_configuration is not empty. (#41377)
• resource/aws_amplify_domain_association: Prevents unexpected state error when creating with multiple sub_domain (#36961)
• resource/aws_bedrock_model_invocation_logging_configuration: Set embedding_data_delivery_enabled, image_data_delivery_enabled, and text_data_delivery_enabled arguments as optional with default value of true (#41317)
• resource/aws_cloudwatch_contributor_insight_rule: Fix enable/disable rule state (#41449)
• resource/aws_dynamodb_table: Fixes long delay in creation of replicas (#41451)

5.87.0 (February 13, 2025)

FEATURES:

• New Resource: aws_cloudwatch_contributor_insight_rule (#41373)

ENHANCEMENTS:

• resource/aws_dynamodb_table_export: Add export_type and incremental_export_specification arguments (#41303)
• resource/aws_quicksight_data_source: Add parameters.s3.role_arn argument to allow override an account-wide role for a specific S3 data source (#41284)
• resource/aws_rds_cluster: Add master_password_wo write-only attribute (#41314)
• resource/aws_rekognition_stream_processor: Deprecates stream_processor_arn in favor of arn. (#41271)
• resource/aws_ssm_parameter: Add value_wo write-only attribute (#40952)
• resource/aws_vpclattice_access_log_subscription: Add service_network_log_type argument (#41304)

BUG FIXES:

• data-source/aws_dynamodb_table: Add missing on_demand_throughput and global_secondary_index.*.on_demand_throughput attributes to resolve read error (#41350)
• resource/aws_cloudformation_stack_set_instance: Prevents overly-long creation times and possible OperationInProgress errors (#41388)
• resource/aws_detective_member: No longer fails with unexpected status when adding Organization member accounts. (#41344)

... (truncated)

Commits

• c2fe7d5 Update CHANGELOG.md for #41489
• e1e9de8 Merge pull request #41489 from hashicorp/add_changelog_rules_ds
• cf800c4 Add changelog to datasource
• 000f297 Merge pull request #41472 from hashicorp/f-managed_ds
• 92ca667 Remove unnecessary check
• 001351c Update CHANGELOG.md for #41377
• 24c817c Merge pull request #41377 from hashicorp/td-inputs-in-heap-c
• 4715fce Review changes
• 6037d09 Update CHANGELOG.md for #41462
• f452645 Adds CHANGELOG entry
• Additional commits viewable in compare view

Updates instance_profile::terraform-modules from 1.0.297 to 1.0.300

Commits

• f7c35f4 Merge pull request #319 from companieshouse/feature/cloudwatch-s3
• 146d39c changing vault entry to match latest update
• a5e9903 ensuring role is created before creating subcription filter
• 3709e72 Merge pull request #318 from companieshouse/feature/cloudwatch-s3
• 30f4fcd adding acl permissions and prefix by account
• d8a2c2c adding acl permissions and prefix by account
• 9648f53 Merge pull request #317 from companieshouse/feature/cloudwatch-s3
• 310ddeb refactor output names
• 1d9cc68 redefining tags
• 61d4154 updating readme
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[ch-code-analysis]

CI: IaC Security warnings found!