terraform-aws-modules · bryantbiggs · Nov 29, 2025 · Nov 29, 2025 · Nov 29, 2025 · Nov 29, 2025
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.103.0
+    rev: v1.104.0
     hooks:
       - id: terraform_fmt
       - id: terraform_wrapper_module_for_each

diff --git a/README.md b/README.md
@@ -125,6 +125,7 @@ module "api_gateway" {
 ```
 
 This will create records that allow users to access the API Gateway using the following subdomains:
+
 - `customer1.mydomain.com`
 - `customer2.mydomain.com`
 
@@ -184,20 +185,20 @@ module "api_gateway" {
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.96 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.96 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_acm"></a> [acm](#module\_acm) | terraform-aws-modules/acm/aws | 5.0.1 |
+| <a name="module_acm"></a> [acm](#module\_acm) | terraform-aws-modules/acm/aws | 6.2.0 |
 
 ## Resources
 
@@ -248,6 +249,7 @@ module "api_gateway" {
 | <a name="input_name"></a> [name](#input\_name) | The name of the API. Must be less than or equal to 128 characters in length | `string` | `""` | no |
 | <a name="input_private_zone"></a> [private\_zone](#input\_private\_zone) | Indicates the hosted zone being looked up is private.  Certificate validation will fail if this is set to true. | `bool` | `false` | no |
 | <a name="input_protocol_type"></a> [protocol\_type](#input\_protocol\_type) | The API protocol. Valid values: `HTTP`, `WEBSOCKET` | `string` | `"HTTP"` | no |
+| <a name="input_region"></a> [region](#input\_region) | Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration | `string` | `null` | no |
 | <a name="input_route_key"></a> [route\_key](#input\_route\_key) | Part of quick create. Specifies any route key. Applicable for HTTP APIs | `string` | `null` | no |
 | <a name="input_route_selection_expression"></a> [route\_selection\_expression](#input\_route\_selection\_expression) | The route selection expression for the API. Defaults to `$request.method $request.path` | `string` | `null` | no |
 | <a name="input_routes"></a> [routes](#input\_routes) | Map of API gateway routes with integrations | <pre>map(object({<br/>    # Route<br/>    authorizer_key             = optional(string)<br/>    api_key_required           = optional(bool)<br/>    authorization_scopes       = optional(list(string), [])<br/>    authorization_type         = optional(string)<br/>    authorizer_id              = optional(string)<br/>    model_selection_expression = optional(string)<br/>    operation_name             = optional(string)<br/>    request_models             = optional(map(string), {})<br/>    request_parameter = optional(object({<br/>      request_parameter_key = optional(string)<br/>      required              = optional(bool, false)<br/>    }), {})<br/>    route_response_selection_expression = optional(string)<br/><br/>    # Route settings<br/>    data_trace_enabled       = optional(bool)<br/>    detailed_metrics_enabled = optional(bool)<br/>    logging_level            = optional(string)<br/>    throttling_burst_limit   = optional(number)<br/>    throttling_rate_limit    = optional(number)<br/><br/>    # Stage - Route response<br/>    route_response = optional(object({<br/>      create                     = optional(bool, false)<br/>      model_selection_expression = optional(string)<br/>      response_models            = optional(map(string))<br/>      route_response_key         = optional(string, "$default")<br/>    }), {})<br/><br/>    # Integration<br/>    integration = object({<br/>      connection_id             = optional(string)<br/>      vpc_link_key              = optional(string)<br/>      connection_type           = optional(string)<br/>      content_handling_strategy = optional(string)<br/>      credentials_arn           = optional(string)<br/>      description               = optional(string)<br/>      method                    = optional(string)<br/>      subtype                   = optional(string)<br/>      type                      = optional(string, "AWS_PROXY")<br/>      uri                       = optional(string)<br/>      passthrough_behavior      = optional(string)<br/>      payload_format_version    = optional(string)<br/>      request_parameters        = optional(map(string), {})<br/>      request_templates         = optional(map(string), {})<br/>      response_parameters = optional(list(object({<br/>        mappings    = map(string)<br/>        status_code = string<br/>      })))<br/>      template_selection_expression = optional(string)<br/>      timeout_milliseconds          = optional(number)<br/>      tls_config = optional(object({<br/>        server_name_to_verify = optional(string)<br/>      }))<br/><br/>      # Integration Response<br/>      response = optional(object({<br/>        content_handling_strategy     = optional(string)<br/>        integration_response_key      = optional(string)<br/>        response_templates            = optional(map(string))<br/>        template_selection_expression = optional(string)<br/>      }), {})<br/>    })<br/>  }))</pre> | `{}` | no |

diff --git a/examples/complete-http/README.md b/examples/complete-http/README.md
@@ -19,8 +19,8 @@ Note that this example may create resources which cost money. Run `terraform des
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.96 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
 | <a name="requirement_local"></a> [local](#requirement\_local) | >= 2.5 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
 | <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 3.1 |
@@ -29,7 +29,7 @@ Note that this example may create resources which cost money. Run `terraform des
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.96 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
 | <a name="provider_local"></a> [local](#provider\_local) | >= 2.5 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
 | <a name="provider_tls"></a> [tls](#provider\_tls) | >= 3.1 |

diff --git a/examples/complete-http/versions.tf b/examples/complete-http/versions.tf
@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.3"
+  required_version = ">= 1.5.7"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.96"
+      version = ">= 6.0"
     }
     local = {
       source  = "hashicorp/local"

diff --git a/examples/vpc-link-http/README.md b/examples/vpc-link-http/README.md
@@ -19,15 +19,15 @@ Note that this example may create resources which cost money. Run `terraform des
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.96 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.96 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
 
 ## Modules

diff --git a/examples/vpc-link-http/versions.tf b/examples/vpc-link-http/versions.tf
@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.3"
+  required_version = ">= 1.5.7"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.96"
+      version = ">= 6.0"
     }
     null = {
       source  = "hashicorp/null"

diff --git a/examples/websocket/README.md b/examples/websocket/README.md
@@ -50,8 +50,8 @@ connected (press CTRL+C to quit)
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.96 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
 
 ## Providers
 

diff --git a/examples/websocket/versions.tf b/examples/websocket/versions.tf
@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.3"
+  required_version = ">= 1.5.7"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.96"
+      version = ">= 6.0"
     }
   }
 }
diff --git a/main.tf b/main.tf
@@ -12,6 +12,8 @@ locals {
 resource "aws_apigatewayv2_api" "this" {
   count = var.create ? 1 : 0
 
+  region = var.region
+
   api_key_selection_expression = local.is_websocket ? var.api_key_selection_expression : null
   body                         = local.is_http ? var.body : null
 
@@ -54,6 +56,8 @@ resource "aws_apigatewayv2_api" "this" {
 resource "aws_apigatewayv2_authorizer" "this" {
   for_each = { for k, v in var.authorizers : k => v if var.create }
 
+  region = var.region
+
   api_id = aws_apigatewayv2_api.this[0].id
 
   authorizer_credentials_arn        = each.value.authorizer_credentials_arn
@@ -87,6 +91,8 @@ locals {
 resource "aws_apigatewayv2_domain_name" "this" {
   count = local.create_domain_name ? 1 : 0
 
+  region = var.region
+
   domain_name = var.domain_name
 
   domain_name_configuration {
@@ -112,6 +118,8 @@ resource "aws_apigatewayv2_domain_name" "this" {
 resource "aws_apigatewayv2_api_mapping" "this" {
   count = local.create_domain_name && local.create_stage ? 1 : 0
 
+  region = var.region
+
   api_id          = aws_apigatewayv2_api.this[0].id
   api_mapping_key = var.api_mapping_key
   domain_name     = aws_apigatewayv2_domain_name.this[0].id
@@ -166,7 +174,9 @@ locals {
 
 module "acm" {
   source  = "terraform-aws-modules/acm/aws"
-  version = "5.0.1"
+  version = "6.2.0"
+
+  region = var.region
 
   create_certificate = local.create_domain_name && var.create_domain_records && local.create_certificate
 
@@ -186,6 +196,8 @@ module "acm" {
 resource "aws_apigatewayv2_route" "this" {
   for_each = { for k, v in var.routes : k => v if local.create_routes_and_integrations }
 
+  region = var.region
+
   api_id = aws_apigatewayv2_api.this[0].id
 
   api_key_required           = local.is_websocket ? each.value.api_key_required : null
@@ -217,6 +229,8 @@ resource "aws_apigatewayv2_route" "this" {
 resource "aws_apigatewayv2_route_response" "this" {
   for_each = { for k, v in var.routes : k => v if local.create_routes_and_integrations && coalesce(v.route_response.create, false) }
 
+  region = var.region
+
   api_id                     = aws_apigatewayv2_api.this[0].id
   model_selection_expression = each.value.route_response.model_selection_expression
   response_models            = each.value.route_response.response_models
@@ -231,8 +245,9 @@ resource "aws_apigatewayv2_route_response" "this" {
 resource "aws_apigatewayv2_integration" "this" {
   for_each = { for k, v in var.routes : k => v.integration if local.create_routes_and_integrations }
 
-  api_id = aws_apigatewayv2_api.this[0].id
+  region = var.region
 
+  api_id                    = aws_apigatewayv2_api.this[0].id
   connection_id             = try(aws_apigatewayv2_vpc_link.this[each.value.vpc_link_key].id, each.value.connection_id)
   connection_type           = each.value.connection_type
   content_handling_strategy = each.value.content_handling_strategy
@@ -279,6 +294,8 @@ resource "aws_apigatewayv2_integration" "this" {
 resource "aws_apigatewayv2_integration_response" "this" {
   for_each = { for k, v in var.routes : k => v.integration if local.create_routes_and_integrations && v.integration.response.integration_response_key != null }
 
+  region = var.region
+
   api_id         = aws_apigatewayv2_api.this[0].id
   integration_id = aws_apigatewayv2_integration.this[each.key].id
 
@@ -324,6 +341,8 @@ locals {
 resource "aws_apigatewayv2_stage" "this" {
   count = local.create_stage ? 1 : 0
 
+  region = var.region
+
   api_id = aws_apigatewayv2_api.this[0].id
 
   dynamic "access_log_settings" {
@@ -383,6 +402,8 @@ resource "aws_apigatewayv2_stage" "this" {
 resource "aws_apigatewayv2_deployment" "this" {
   count = local.create_stage && var.deploy_stage && !local.is_http ? 1 : 0
 
+  region = var.region
+
   api_id      = aws_apigatewayv2_api.this[0].id
   description = var.description
 
@@ -414,6 +435,8 @@ resource "aws_apigatewayv2_deployment" "this" {
 resource "aws_cloudwatch_log_group" "this" {
   for_each = { for k, v in { "this" = var.stage_access_log_settings } : k => v if local.create_stage && v != null && try(v.create_log_group, true) }
 
+  region = var.region
+
   name              = coalesce(each.value.log_group_name, "/aws/apigateway/${var.name}/${replace(var.stage_name, "$", "")}")
   retention_in_days = each.value.log_group_retention_in_days
   kms_key_id        = each.value.log_group_kms_key_id
@@ -430,6 +453,8 @@ resource "aws_cloudwatch_log_group" "this" {
 resource "aws_apigatewayv2_vpc_link" "this" {
   for_each = { for k, v in var.vpc_links : k => v if var.create }
 
+  region = var.region
+
   name               = coalesce(each.value.name, each.key)
   security_group_ids = each.value.security_group_ids
   subnet_ids         = each.value.subnet_ids

diff --git a/variables.tf b/variables.tf
@@ -4,6 +4,12 @@ variable "create" {
   default     = true
 }
 
+variable "region" {
+  description = "Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration"
+  type        = string
+  default     = null
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to API gateway resources"
   type        = map(string)

diff --git a/versions.tf b/versions.tf
@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.3"
+  required_version = ">= 1.5.7"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.96"
+      version = ">= 6.0"
     }
   }
 }
diff --git a/wrappers/main.tf b/wrappers/main.tf
@@ -29,6 +29,7 @@ module "wrapper" {
   name                                               = try(each.value.name, var.defaults.name, "")
   private_zone                                       = try(each.value.private_zone, var.defaults.private_zone, false)
   protocol_type                                      = try(each.value.protocol_type, var.defaults.protocol_type, "HTTP")
+  region                                             = try(each.value.region, var.defaults.region, null)
   route_key                                          = try(each.value.route_key, var.defaults.route_key, null)
   route_selection_expression                         = try(each.value.route_selection_expression, var.defaults.route_selection_expression, null)
   routes                                             = try(each.value.routes, var.defaults.routes, {})

diff --git a/wrappers/versions.tf b/wrappers/versions.tf
@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.3"
+  required_version = ">= 1.5.7"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.96"
+      version = ">= 6.0"
     }
   }
 }