feat: Upgrade AWS provider to 6.0

Author: take-five

README.md

@@ -124,14 +124,14 @@ Examples codified under the [`examples`](https://github.com/terraform-aws-module
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 3.0 |
 
 ## Modules
@@ -170,6 +170,7 @@ No modules.
 | <a name="input_random_password_length"></a> [random\_password\_length](#input\_random\_password\_length) | The length of the generated random password | `number` | `32` | no |
 | <a name="input_random_password_override_special"></a> [random\_password\_override\_special](#input\_random\_password\_override\_special) | Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument | `string` | `"!@#$%&*()-_=+[]{}<>:?"` | no |
 | <a name="input_recovery_window_in_days"></a> [recovery\_window\_in\_days](#input\_recovery\_window\_in\_days) | Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30` | `number` | `null` | no |
+| <a name="input_region"></a> [region](#input\_region) | Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration | `string` | `null` | no |
 | <a name="input_replica"></a> [replica](#input\_replica) | Configuration block to support secret replication | `map(any)` | `{}` | no |
 | <a name="input_rotation_lambda_arn"></a> [rotation\_lambda\_arn](#input\_rotation\_lambda\_arn) | Specifies the ARN of the Lambda function that can rotate the secret | `string` | `""` | no |
 | <a name="input_rotation_rules"></a> [rotation\_rules](#input\_rotation\_rules) | A structure that defines the rotation configuration for this secret | `map(any)` | `{}` | no |
@@ -187,6 +188,7 @@ No modules.
 | <a name="output_secret_binary"></a> [secret\_binary](#output\_secret\_binary) | The secret binary |
 | <a name="output_secret_id"></a> [secret\_id](#output\_secret\_id) | The ID of the secret |
 | <a name="output_secret_name"></a> [secret\_name](#output\_secret\_name) | The name of the secret |
+| <a name="output_secret_region"></a> [secret\_region](#output\_secret\_region) | The region of the secret |
 | <a name="output_secret_replica"></a> [secret\_replica](#output\_secret\_replica) | Attributes of the replica created |
 | <a name="output_secret_string"></a> [secret\_string](#output\_secret\_string) | The secret string |
 | <a name="output_secret_version_id"></a> [secret\_version\_id](#output\_secret\_version\_id) | The unique identifier of the version of the secret |

examples/complete/README.md

@@ -29,20 +29,21 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_lambda"></a> [lambda](#module\_lambda) | terraform-aws-modules/lambda/aws | ~> 6.0 |
 | <a name="module_secrets_manager"></a> [secrets\_manager](#module\_secrets\_manager) | ../.. | n/a |
+| <a name="module_secrets_manager_another_region"></a> [secrets\_manager\_another\_region](#module\_secrets\_manager\_another\_region) | ../.. | n/a |
 | <a name="module_secrets_manager_disabled"></a> [secrets\_manager\_disabled](#module\_secrets\_manager\_disabled) | ../.. | n/a |
 | <a name="module_secrets_manager_rotate"></a> [secrets\_manager\_rotate](#module\_secrets\_manager\_rotate) | ../.. | n/a |
 

examples/complete/main.tf

@@ -123,6 +123,17 @@ module "secrets_manager_disabled" {
   create = false
 }
 
+module "secrets_manager_another_region" {
+  source = "../.."
+
+  region      = "us-east-1"
+  name_prefix = local.name
+
+  create_random_password = true
+
+  tags = local.tags
+}
+
 ################################################################################
 # Supporting Resources
 ################################################################################

examples/complete/versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 6.0"
     }
   }
 }

main.tf

@@ -6,6 +6,8 @@
 resource "aws_secretsmanager_secret" "this" {
   count = var.create ? 1 : 0
 
+  region = var.region
+
   description                    = var.description
   force_overwrite_replica_secret = var.force_overwrite_replica_secret
   kms_key_id                     = var.kms_key_id
@@ -80,6 +82,8 @@ data "aws_iam_policy_document" "this" {
 resource "aws_secretsmanager_secret_policy" "this" {
   count = var.create && var.create_policy ? 1 : 0
 
+  region = var.region
+
   secret_arn          = aws_secretsmanager_secret.this[0].arn
   policy              = data.aws_iam_policy_document.this[0].json
   block_public_policy = var.block_public_policy
@@ -92,6 +96,8 @@ resource "aws_secretsmanager_secret_policy" "this" {
 resource "aws_secretsmanager_secret_version" "this" {
   count = var.create && !(var.enable_rotation || var.ignore_secret_changes) ? 1 : 0
 
+  region = var.region
+
   secret_id      = aws_secretsmanager_secret.this[0].id
   secret_string  = var.create_random_password ? random_password.this[0].result : var.secret_string
   secret_binary  = var.secret_binary
@@ -101,6 +107,8 @@ resource "aws_secretsmanager_secret_version" "this" {
 resource "aws_secretsmanager_secret_version" "ignore_changes" {
   count = var.create && (var.enable_rotation || var.ignore_secret_changes) ? 1 : 0
 
+  region = var.region
+
   secret_id      = aws_secretsmanager_secret.this[0].id
   secret_string  = var.create_random_password ? random_password.this[0].result : var.secret_string
   secret_binary  = var.secret_binary
@@ -130,6 +138,8 @@ resource "random_password" "this" {
 resource "aws_secretsmanager_secret_rotation" "this" {
   count = var.create && var.enable_rotation ? 1 : 0
 
+  region = var.region
+
   rotation_lambda_arn = var.rotation_lambda_arn
 
   dynamic "rotation_rules" {

outputs.tf

@@ -34,6 +34,11 @@ output "secret_binary" {
   value       = try(aws_secretsmanager_secret_version.this[0].secret_binary, aws_secretsmanager_secret_version.ignore_changes[0].secret_binary, null)
 }
 
+output "secret_region" {
+  description = "The region of the secret"
+  value       = try(aws_secretsmanager_secret.this[0].region, null)
+}
+
 ################################################################################
 # Version
 ################################################################################

variables.tf

@@ -4,6 +4,12 @@ variable "create" {
   default     = true
 }
 
+variable "region" {
+  description = "Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration"
+  type        = string
+  default     = null
+}
+
 variable "tags" {
   description = "A map of tags to add to all resources"
   type        = map(string)

versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 6.0"
     }
     random = {
       source  = "hashicorp/random"

wrappers/main.tf

@@ -19,6 +19,7 @@ module "wrapper" {
   random_password_length           = try(each.value.random_password_length, var.defaults.random_password_length, 32)
   random_password_override_special = try(each.value.random_password_override_special, var.defaults.random_password_override_special, "!@#$%&*()-_=+[]{}<>:?")
   recovery_window_in_days          = try(each.value.recovery_window_in_days, var.defaults.recovery_window_in_days, null)
+  region                           = try(each.value.region, var.defaults.region, null)
   replica                          = try(each.value.replica, var.defaults.replica, {})
   rotation_lambda_arn              = try(each.value.rotation_lambda_arn, var.defaults.rotation_lambda_arn, "")
   rotation_rules                   = try(each.value.rotation_rules, var.defaults.rotation_rules, {})

wrappers/versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 6.0"
     }
     random = {
       source  = "hashicorp/random"