feat: Add support for region resource level argument

Author: bryantbiggs

README.md

@@ -412,6 +412,7 @@ No modules.
 | <a name="input_preferred_maintenance_window"></a> [preferred\_maintenance\_window](#input\_preferred\_maintenance\_window) | The weekly time range during which system maintenance can occur, in (UTC) | `string` | `"sun:05:00-sun:06:00"` | no |
 | <a name="input_publicly_accessible"></a> [publicly\_accessible](#input\_publicly\_accessible) | Determines whether instances are publicly accessible. Default `false` | `bool` | `null` | no |
 | <a name="input_putin_khuylo"></a> [putin\_khuylo](#input\_putin\_khuylo) | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | `bool` | `true` | no |
+| <a name="input_region"></a> [region](#input\_region) | Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration | `string` | `null` | no |
 | <a name="input_replication_source_identifier"></a> [replication\_source\_identifier](#input\_replication\_source\_identifier) | ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica | `string` | `null` | no |
 | <a name="input_restore_to_point_in_time"></a> [restore\_to\_point\_in\_time](#input\_restore\_to\_point\_in\_time) | Map of nested attributes for cloning Aurora cluster | `map(string)` | `{}` | no |
 | <a name="input_s3_import"></a> [s3\_import](#input\_s3\_import) | Configuration map used to restore from a Percona Xtrabackup in S3 (only MySQL is supported) | `map(string)` | `{}` | no |

main.tf

@@ -25,6 +25,8 @@ locals {
 resource "aws_db_subnet_group" "this" {
   count = local.create && var.create_db_subnet_group ? 1 : 0
 
+  region = var.region
+
   name        = local.internal_db_subnet_group_name
   description = "For Aurora cluster ${var.name}"
   subnet_ids  = var.subnets
@@ -39,6 +41,8 @@ resource "aws_db_subnet_group" "this" {
 resource "aws_rds_cluster" "this" {
   count = local.create ? 1 : 0
 
+  region = var.region
+
   allocated_storage                   = var.allocated_storage
   allow_major_version_upgrade         = var.allow_major_version_upgrade
   apply_immediately                   = var.apply_immediately
@@ -172,6 +176,8 @@ resource "aws_rds_cluster" "this" {
 resource "aws_rds_cluster_instance" "this" {
   for_each = { for k, v in var.instances : k => v if local.create && !local.is_serverless }
 
+  region = var.region
+
   apply_immediately                     = try(each.value.apply_immediately, var.apply_immediately)
   auto_minor_version_upgrade            = try(each.value.auto_minor_version_upgrade, var.auto_minor_version_upgrade)
   availability_zone                     = try(each.value.availability_zone, null)
@@ -215,6 +221,8 @@ resource "aws_rds_cluster_instance" "this" {
 resource "aws_rds_cluster_endpoint" "this" {
   for_each = { for k, v in var.endpoints : k => v if local.create && !local.is_serverless }
 
+  region = var.region
+
   cluster_endpoint_identifier = each.value.identifier
   cluster_identifier          = aws_rds_cluster.this[0].id
   custom_endpoint_type        = each.value.type
@@ -234,6 +242,8 @@ resource "aws_rds_cluster_endpoint" "this" {
 resource "aws_rds_cluster_role_association" "this" {
   for_each = { for k, v in var.iam_roles : k => v if local.create }
 
+  region = var.region
+
   db_cluster_identifier = aws_rds_cluster.this[0].id
   feature_name          = each.value.feature_name
   role_arn              = each.value.role_arn
@@ -291,6 +301,8 @@ resource "aws_iam_role_policy_attachment" "rds_enhanced_monitoring" {
 resource "aws_appautoscaling_target" "this" {
   count = local.create && var.autoscaling_enabled && !local.is_serverless ? 1 : 0
 
+  region = var.region
+
   max_capacity       = var.autoscaling_max_capacity
   min_capacity       = var.autoscaling_min_capacity
   resource_id        = "cluster:${aws_rds_cluster.this[0].cluster_identifier}"
@@ -309,6 +321,8 @@ resource "aws_appautoscaling_target" "this" {
 resource "aws_appautoscaling_policy" "this" {
   count = local.create && var.autoscaling_enabled && !local.is_serverless ? 1 : 0
 
+  region = var.region
+
   name               = var.autoscaling_policy_name
   policy_type        = "TargetTrackingScaling"
   resource_id        = "cluster:${aws_rds_cluster.this[0].cluster_identifier}"
@@ -337,6 +351,8 @@ resource "aws_appautoscaling_policy" "this" {
 resource "aws_security_group" "this" {
   count = local.create && var.create_security_group ? 1 : 0
 
+  region = var.region
+
   name        = var.security_group_use_name_prefix ? null : local.security_group_name
   name_prefix = var.security_group_use_name_prefix ? "${local.security_group_name}-" : null
   vpc_id      = var.vpc_id
@@ -352,6 +368,8 @@ resource "aws_security_group" "this" {
 resource "aws_security_group_rule" "this" {
   for_each = { for k, v in var.security_group_rules : k => v if local.create && var.create_security_group }
 
+  region = var.region
+
   # required
   type              = try(each.value.type, "ingress")
   from_port         = try(each.value.from_port, local.port)
@@ -375,6 +393,8 @@ resource "aws_security_group_rule" "this" {
 resource "aws_rds_cluster_parameter_group" "this" {
   count = local.create && var.create_db_cluster_parameter_group ? 1 : 0
 
+  region = var.region
+
   name        = var.db_cluster_parameter_group_use_name_prefix ? null : local.cluster_parameter_group_name
   name_prefix = var.db_cluster_parameter_group_use_name_prefix ? "${local.cluster_parameter_group_name}-" : null
   description = var.db_cluster_parameter_group_description
@@ -404,6 +424,8 @@ resource "aws_rds_cluster_parameter_group" "this" {
 resource "aws_db_parameter_group" "this" {
   count = local.create && var.create_db_parameter_group ? 1 : 0
 
+  region = var.region
+
   name        = var.db_parameter_group_use_name_prefix ? null : local.db_parameter_group_name
   name_prefix = var.db_parameter_group_use_name_prefix ? "${local.db_parameter_group_name}-" : null
   description = var.db_parameter_group_description
@@ -434,6 +456,8 @@ resource "aws_db_parameter_group" "this" {
 resource "aws_cloudwatch_log_group" "this" {
   for_each = toset([for log in var.enabled_cloudwatch_logs_exports : log if local.create && var.create_cloudwatch_log_group && !var.cluster_use_name_prefix])
 
+  region = var.region
+
   name              = "/aws/rds/cluster/${var.name}/${each.value}"
   retention_in_days = var.cloudwatch_log_group_retention_in_days
   kms_key_id        = var.cloudwatch_log_group_kms_key_id
@@ -450,6 +474,8 @@ resource "aws_cloudwatch_log_group" "this" {
 resource "aws_rds_cluster_activity_stream" "this" {
   count = local.create && var.create_db_cluster_activity_stream ? 1 : 0
 
+  region = var.region
+
   resource_arn                        = aws_rds_cluster.this[0].arn
   mode                                = var.db_cluster_activity_stream_mode
   kms_key_id                          = var.db_cluster_activity_stream_kms_key_id
@@ -471,6 +497,8 @@ resource "aws_rds_cluster_activity_stream" "this" {
 resource "aws_secretsmanager_secret_rotation" "this" {
   count = local.create && var.manage_master_user_password && var.manage_master_user_password_rotation ? 1 : 0
 
+  region = var.region
+
   secret_id          = aws_rds_cluster.this[0].master_user_secret[0].secret_arn
   rotate_immediately = var.master_user_password_rotate_immediately
 
@@ -488,6 +516,8 @@ resource "aws_secretsmanager_secret_rotation" "this" {
 resource "aws_rds_shard_group" "this" {
   count = local.create && var.create_shard_group ? 1 : 0
 
+  region = var.region
+
   compute_redundancy        = var.compute_redundancy
   db_cluster_identifier     = aws_rds_cluster.this[0].id
   db_shard_group_identifier = var.db_shard_group_identifier

modules/dsql/README.md

@@ -66,6 +66,7 @@ No modules.
 | <a name="input_create_cluster_peering"></a> [create\_cluster\_peering](#input\_create\_cluster\_peering) | Whether to create cluster peering | `bool` | `false` | no |
 | <a name="input_deletion_protection_enabled"></a> [deletion\_protection\_enabled](#input\_deletion\_protection\_enabled) | Whether deletion protection is enabled in this cluster | `bool` | `null` | no |
 | <a name="input_kms_encryption_key"></a> [kms\_encryption\_key](#input\_kms\_encryption\_key) | The ARN of the AWS KMS key that encrypts data in the DSQL Cluster, or `AWS_OWNED_KMS_KEY` | `string` | `null` | no |
+| <a name="input_region"></a> [region](#input\_region) | Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to be associated with the AWS DSQL Cluster resource | `map(string)` | `{}` | no |
 | <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | Create timeout configuration for the cluster | `any` | `{}` | no |
 | <a name="input_witness_region"></a> [witness\_region](#input\_witness\_region) | Witness region for the multi-region clusters. Setting this makes this cluster a multi-region cluster. Changing it recreates the cluster | `string` | `null` | no |

modules/dsql/main.tf

@@ -1,6 +1,8 @@
 resource "aws_dsql_cluster" "this" {
   count = var.create ? 1 : 0
 
+  region = var.region
+
   deletion_protection_enabled = var.deletion_protection_enabled
   kms_encryption_key          = var.kms_encryption_key
 
@@ -17,6 +19,8 @@ resource "aws_dsql_cluster" "this" {
 resource "aws_dsql_cluster_peering" "this" {
   count = var.create && var.create_cluster_peering ? 1 : 0
 
+  region = var.region
+
   clusters       = var.clusters
   identifier     = aws_dsql_cluster.this[0].identifier
   witness_region = var.witness_region

modules/dsql/variables.tf

@@ -4,6 +4,12 @@ variable "create" {
   default     = true
 }
 
+variable "region" {
+  description = "Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration"
+  type        = string
+  default     = null
+}
+
 variable "deletion_protection_enabled" {
   description = "Whether deletion protection is enabled in this cluster"
   type        = bool

variables.tf

@@ -4,6 +4,12 @@ variable "create" {
   default     = true
 }
 
+variable "region" {
+  description = "Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration"
+  type        = string
+  default     = null
+}
+
 variable "name" {
   description = "Name used across resources created"
   type        = string

wrappers/dsql/main.tf

@@ -8,6 +8,7 @@ module "wrapper" {
   create_cluster_peering      = try(each.value.create_cluster_peering, var.defaults.create_cluster_peering, false)
   deletion_protection_enabled = try(each.value.deletion_protection_enabled, var.defaults.deletion_protection_enabled, null)
   kms_encryption_key          = try(each.value.kms_encryption_key, var.defaults.kms_encryption_key, null)
+  region                      = try(each.value.region, var.defaults.region, null)
   tags                        = try(each.value.tags, var.defaults.tags, {})
   timeouts                    = try(each.value.timeouts, var.defaults.timeouts, {})
   witness_region              = try(each.value.witness_region, var.defaults.witness_region, null)

wrappers/main.tf

@@ -120,6 +120,7 @@ module "wrapper" {
   preferred_maintenance_window                           = try(each.value.preferred_maintenance_window, var.defaults.preferred_maintenance_window, "sun:05:00-sun:06:00")
   publicly_accessible                                    = try(each.value.publicly_accessible, var.defaults.publicly_accessible, null)
   putin_khuylo                                           = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true)
+  region                                                 = try(each.value.region, var.defaults.region, null)
   replication_source_identifier                          = try(each.value.replication_source_identifier, var.defaults.replication_source_identifier, null)
   restore_to_point_in_time                               = try(each.value.restore_to_point_in_time, var.defaults.restore_to_point_in_time, {})
   s3_import                                              = try(each.value.s3_import, var.defaults.s3_import, {})