Bump hashicorp/aws from 6.15.0 to 6.22.1 in /examples/basic_usage

[dependabot]

Bumps hashicorp/aws from 6.15.0 to 6.22.1.

Release notes

Sourced from hashicorp/aws's releases.

v6.22.1

6.22.1 (November 21, 2025)

ENHANCEMENTS:

• resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
• resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

• provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
• provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
• resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
• resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

v6.22.0

6.22.0 (November 20, 2025)

NOTES:

• resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

• New Ephemeral Resource: aws_ecr_authorization_token (#44949)
• New Guide: Tag Policy Compliance (#45143)
• New Resource: aws_billing_view (#45097)
• New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

• data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
• data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
• data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
• provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
• resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
• resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
• resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
• resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
• resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
• resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
• resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
• resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
• resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
• resource/aws_lambda_invocation: Add import support (#41240)
• resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
• resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
• resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
• resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
• resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)

... (truncated)

Changelog

Sourced from hashicorp/aws's changelog.

6.22.1 (November 21, 2025)

ENHANCEMENTS:

• resource/aws_fsx_openzfs_file_system: Support INTELLIGENT_TIERING storage type and add read_cache_configuration argument (#45159)
• resource/aws_msk_cluster: Add rebalancing configuration block to support intelligent rebalancing for Express broker clusters (#45073)

BUG FIXES:

• provider: Fix crash in required tag validation interceptor when tag values are unknown. This addresses a regression introduced in v6.22.0. (#45201)
• provider: Fix early return logic in the required tag validation interceptor. This addresses a performance regression introduced in v6.22.0. (#45201)
• resource/aws_accessanalyzer_analyzer: Fix interface conversion: interface {} is nil, not map[string]interface {} panics when configuration.unused_access.analysis_rule.exclusion.resource_tags contains null values (#45202)
• resource/aws_odb_cloud_vm_cluster: Fix incorrect validation error when arguments are configured using variables. This addresses a regression introduced in v6.22.0 (#45205)

6.22.0 (November 20, 2025)

NOTES:

• resource/aws_s3_bucket_server_side_encryption_configuration: Starting in March 2026, Amazon S3 will introduce a new default bucket security setting by automatically disabling server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the blocked_encryption_types argument to manage this behavior for specific buckets. (#45105)

FEATURES:

• New Ephemeral Resource: aws_ecr_authorization_token (#44949)
• New Guide: Tag Policy Compliance (#45143)
• New Resource: aws_billing_view (#45097)
• New Resource: aws_vpclattice_domain_verification (#45085)

ENHANCEMENTS:

• data-source/aws_lb_listener: Add default_action.jwt_validation attribute (#45089)
• data-source/aws_lb_listener_rule: Add action.jwt_validation attribute (#45089)
• data-source/aws_route53_zone: Support filtering by tags only or by vpc_id only (#39671)
• provider: Add support for enforcing tag policy compliance. This opt-in feature can be enabled via the new tag_policy_compliance provider argument, or the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. When enabled, the principal executing Terraform must have the tags:ListRequiredTags IAM permission. (#45143)
• resource/aws_backup_logically_air_gapped_vault: Add encryption_key_arn argument (#45020)
• resource/aws_bedrock_guardrail: Add input_action, input_enabled, input_modalities, output_action, output_enabled, and output_modalities arguments to the content_policy_config.filters_config block (#45104)
• resource/aws_bedrockagent_knowledge_base: Add storage_configuration.rds_configuration.field_mapping.custom_metadata_field argument (#45075)
• resource/aws_bedrockagentcore_agent_runtime: Add agent_runtime_artifact.code_configuration block (#45091)
• resource/aws_bedrockagentcore_agent_runtime: Make agent_runtime_artifact.container_configuration block optional (#45091)
• resource/aws_dynamodb_table: Add global_table_witness argument (#43908)
• resource/aws_emr_managed_scaling_policy: Add scaling_strategy and utilization_performance_index arguments (#45132)
• resource/aws_fis_experiment_template: Add plan-time validation of log_configuration.cloudwatch_logs_configuration.log_group_arn (#35941)
• resource/aws_fis_experiment_template: Add support for Functions to action.*.target (#41209)
• resource/aws_lambda_invocation: Add import support (#41240)
• resource/aws_lb_listener: Support jwt-validation as a valid default_action.type and add default_action.jwt_validation configuration block (#45089)
• resource/aws_lb_listener_rule: Support jwt-validation as a valid action.type and add action.jwt_validation configuration block (#45089)
• resource/aws_odb_cloud_vm_cluster: vm cluster creation using odb network ARN and exadata infrastructure ARN for resource sharing model. (#45003)
• resource/aws_organizations_organization: Add SECURITYHUB_POLICY as a valid value for enabled_policy_types argument (#45135)
• resource/aws_prometheus_query_logging_configuration: Add plan-time validation of destination.cloudwatch_logs.log_group_arn (#35941)
• resource/aws_prometheus_workspace: Add plan-time validation of logging_configuration.log_group_arn (#35941)
• resource/aws_s3_bucket_server_side_encryption_configuration: Add rule.blocked_encryption_types argument (#45105)

... (truncated)

Commits

• b770a49 chore: v6.22.1 release prep (#45207)
• 3c1ebd3 Update CHANGELOG.md for #45205
• ee5b715 Merge pull request #45205 from hashicorp/b-odb_vm_cluster_validation
• 432fd5e Merge pull request #45201 from hashicorp/b-tag-policy-interceptor
• 01dba23 linter fix
• f84529a Update CHANGELOG.md for #45202
• 83fb37e Merge pull request #45202 from hashicorp/b-aws_accessanalyzer_analyzer.resour...
• 67b49e2 update CHANGELOG entry
• f256ec5 add CHANGELOG entry
• c44ab7f linter fix
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #270.