Documentation Index
Fetch the complete documentation index at: https://docs.formal.ai/llms.txt
Use this file to discover all available pages before exploring further.
4.16.2
Removed
- Remove
owner and notification fields on the formal_policy resource.
4.16.1
New
- Add
s3_bucket_prefix to formal_integration_log AWS S3 configuration to write logs under a specific bucket prefix
Changed
- Update
formal_sidecar_resource_link deprecation message to reference formal_connector_listener with connector_id
4.16.0
New
- Add
formal_inventory_object resource to register inventory objects (database, schema, table, column) directly, instead of relying on discovery
- Add
input_json field on formal_form options source command for payloads with non-string JSON values
Removed
- Remove
formal_integration_data_catalog resource (deprecated since 4.12.7)
4.15.2
New
- Add
autodiscovery_regions to formal_integration_cloud AWS config to enable multi-region resource autodiscovery
4.15.1
Changed
- Bump generated protobuf dependency
4.15.0
New
- Allow
llm as a technology in formal_connector_listener_rule
Removed
- Remove
formal_data_domain resource (data domains have been removed)
4.14.13
New
- Add
formal_connector_ai_provider resource for managing hosted AI providers
- Add hosted AI provider fields to
formal_connector_configuration
4.14.12
New
- Support formal_form resources
4.14.11
New
- Add support for resource aliases
4.14.10
Changed
- Store the Formal IAM role ARN in the Terraform state for AWS cloud integration resources.
4.14.9
Changed
- Add validation for write-only attribute version for native users
4.14.8
New
- Add support for
ai satellite type to formal_connector_satellite_link resource
4.14.7
Changed
- Support
status on formal_workflow resources.
4.14.6
New
- Add the
formal_workflow resource.
- Add
resources_health_checks_frequency_seconds to control resource health check frequency.
- Introduce
connector and space data sources.
4.14.1
New
- Add
otel_endpoint_hostname and otel_endpoint_port fields to formal_connector_configuration resource to support custom OpenTelemetry collector endpoints
4.14.0
Changed
- Deprecate
data_classifier satellite type in favor of ai satellite type
4.13.2
New
- Add satellite link resource
4.13.1
New
- Add policy_eval_input_retention attributes to log configuration resources
4.13.0
New
- Add write-only attributes (
native_user_secret_wo, native_user_secret_wo_version) for native users to avoid storing secrets in Terraform state (requires Terraform 1.11+)
4.12.8
Changed
- Require ai_analysis_timeout_seconds to avoid stalled AI analyses and ensure predictable timeouts
4.12.7
New
- Add S3 autodiscovery option for Cloud integration to discover buckets
Changed
- Deprecate Data Catalog integration resource to signal phase-out
- Require specific fields in Sidecar, Sidecar Link, MFA, and TLS to prevent invalid configs
4.12.6
Fixed
- Fix formal_integration_mdm creation to prevent apply crashes and use the resource name
4.12.5
Changed
- Make decryptor_uri optional for encryption_key to avoid unnecessary configuration
4.12.2
New
- Add S3 bucket autodiscovery to integration_cloud to reduce manual setup
Changed
- Update RPC library to latest version for improved stability and compatibility
- Update documentation generator to latest version for clearer provider docs
4.11.3
New
- Add optional connector_id to connector_listener to link on create
4.11.2
New
- Add AI timeout and strict result count to resource_classifier_configuration
4.11.1
Changed
- Require satellite_type on satellite resource; use data_discovery, data_classifier, or policy_data_loader
4.11.0
New
- Add no-sync mode for Metabase integrations; create integrations without Metabase credentials
- Add support for customer-managed TLS certificates
4.10.4
Changed
- Revert self-supplied TLS on connector_hostname; remove certificate/private_key args to restore prior behavior
4.10.3
New
- Add satellite_hostname and connector_satellite_link resources to manage satellites
Fixed
- Set default log payload size limit to -1 for consistent log behavior
Changed
- Remove health check port from connector_configuration
4.10.2
New
- Add option to set customer AWS role ARN in integration_cloud to simplify setup without CloudFormation
4.10.1
Fixed
- Make technology_provider optional unless using SSH with SSM, reducing config errors
4.10.0
Changed
- Redesign log_configuration with request/response/scope blocks for clearer control
- Require name and encryption_key_id; remove legacy encryption and size settings for clarity
4.9.1
Changed
- Require decryptor_uri on encryption_key resource for frontend decryption
4.9.0
New
- Add formal_group data source to reference existing groups by name
Fixed
- Block creating connector listeners on healthcheck port 8080 to avoid conflicts
Changed
- Update dependencies to improve stability and compatibility
4.8.0
New
- Add per-resource classifier preference for fine-grained control
4.7.2
Fixed
- Prevent forced recreation when updating provider field, allowing in-place updates
4.7.1
Changed
- Require provider for SSH resources using SSM (aws-ec2 or aws-ecs)
- Switch KMS encryption key input to use key ARN instead of key ID
- Update TLS validation options for clearer, safer configuration
4.7.0
New
- Add formal_resource data source to fetch a resource by name for easier lookups
4.6.2
Fixed
- Improve permission update errors to reflect ‘code’ field name
Changed
- Update permission resource to use ‘code’ and remove timestamps to prevent plan drift
4.6.1
New
- Add optional path to Data Discovery to limit scans to a specific subpath
4.6.0
New
- Add resource formal_inventory_object_data_label_link to link data labels to inventory objects
- Add EC2 and ECS autodiscovery to cloud integration, with computed status fields
4.5.3
New
- Add formal_connector_configuration to set connector log level and health check port for better monitoring
4.5.2
Changed
- Allow in-place updates to primary hostname to reduce downtime
4.5.1
New
- Add plan-time validation for policy Rego code to catch errors before apply
4.5.0
New
- Added support for version 1.2.0 of CloudFormation template with new Cloud Integration fields in the
aws configuration block of formal_integration_cloud resources:
enable_eks_autodiscovery toggles EKS clusters autodiscoveryenable_rds_autodiscovery toggles RDS instances (PostgreSQL, MySQL, MongoDB) autodiscoveryenable_redshift_autodiscovery toggles Redshift clusters autodiscoveryallow_s3_access allows Formal to send logs to S3 buckets in your AWS account through Log Integrations
- Added read-only fields to the root level of
formal_integration_cloud resources for CloudFormation stack parameters:
aws_enable_eks_autodiscovery provides the value for the EnableEKSAutodiscovery parameteraws_enable_rds_autodiscovery provides the value for the EnableRDSAutodiscovery parameteraws_enable_redshift_autodiscovery provides the value for the EnableRedshiftAutodiscovery parameteraws_allow_s3_access provides the value for the AllowS3Access parameteraws_s3_bucket_arn provides the value for the S3BucketARN parameter
4.4.1
Changed
- Bumped Formal Go SDK from 2.8.1 to 2.8.2
Fixed
- Brought back the
type field of formal_integration_cloud resources, which was mistakenly removed in version 4.4.0
4.4.0
New
- Added
aws configuration block to formal_integration_cloud resources for AWS CloudFormation template version and S3 bucket ARN configuration
Changed
- Provider now uses version 2.8.1 of the Formal Go SDK and version 2025-02-24 of the API
- The
type field of formal_integration_cloud resources is now deprecated in favor of aws
4.3.2
Changed
- Bumped to version 2.7.0 of the Formal SDK
4.3.1
New
- Added encryption keys and log configurations resources
Changed
- Added deprecated notification for
managed_tls field in formal_connector_hostname
- Deprecated
managed_tls field in formal_connector_hostname
Fixed
- Fixed the list of update-able resource fields for formal resources
4.3.0
New
- Added
dns_record to formal_connector_hostname
Changed
- Removed ForceNew for
formal_resource_hostname.hostname
4.2.2
New
- Added
resource_hostname as supported identity type for native_user_link
4.2.1
New
- Added
formal_resource_hostname resource
4.2.0
New
- Support for new form cloud integrations and log integrations
