feat: The worlds longest variable definition

Author: bryantbiggs

README.md

@@ -0,0 +1,75 @@
+# Upgrade from v5.x to v6.x
+
+If you have any questions regarding this upgrade process, please consult the [`examples`](https://github.com/terraform-aws-modules/terraform-aws-ecs/tree/master/examples) directory:
+If you find a bug, please open an issue with supporting configuration to reproduce.
+
+## List of backwards incompatible changes
+
+- Terraform v1.5.7 is now minimum supported version
+- AWS provider v6.0.0 is now minimum supported version
+
+## Additional changes
+
+### Added
+
+- Support for `region` parameter to specify the AWS region for the resources created if different from the provider region.
+
+### Modified
+
+- Variable definitions now contain detailed `object` types in place of the previously used any type.
+
+### Variable and output changes
+
+1. Removed variables:
+
+    -
+
+2. Renamed variables:
+
+    -
+
+3. Added variables:
+
+    -
+
+4. Removed outputs:
+
+    -
+
+5. Renamed outputs:
+
+    -
+
+6. Added outputs:
+
+    -
+
+## Upgrade Migrations
+
+### Before 5.x Example
+
+```hcl
+module "ecs" {
+  source  = "terraform-aws-modules/ecs/aws"
+  version = "~> 5.0"
+
+  # Truncated for brevity ...
+
+}
+```
+
+### After 6.x Example
+
+```hcl
+module "ecs" {
+  source  = "terraform-aws-modules/ecs/aws"
+  version = "~> 6.0"
+
+  # Truncated for brevity ...
+
+}
+```
+
+### State Changes
+
+TODO

docs/UPGRADE-6.0.md

@@ -73,10 +73,10 @@ module "ecs" {
           memory    = 1024
           essential = true
           image     = nonsensitive(data.aws_ssm_parameter.fluentbit.value)
-          firelens_configuration = {
+          firelensConfiguration = {
             type = "fluentbit"
           }
-          memory_reservation = 50
+          memoryReservation = 50
         }
 
         (local.container_name) = {
@@ -85,11 +85,11 @@ module "ecs" {
           essential = true
           image     = "public.ecr.aws/aws-containers/ecsdemo-frontend:776fd50"
 
-          health_check = {
+          healthCheck = {
             command = ["CMD-SHELL", "curl -f http://localhost:${local.container_port}/health || exit 1"]
           }
 
-          port_mappings = [
+          portPappings = [
             {
               name          = local.container_name
               containerPort = local.container_port
@@ -99,15 +99,15 @@ module "ecs" {
           ]
 
           # Example image used requires access to write to root filesystem
-          readonly_root_filesystem = false
+          readonlyRootFilesystem = false
 
           dependencies = [{
             containerName = "fluent-bit"
             condition     = "START"
           }]
 
-          enable_cloudwatch_logging = false
-          log_configuration = {
+          enableCloudwatchLogging = false
+          logConfiguration = {
             logDriver = "awsfirelens"
             options = {
               Name                    = "firehose"
@@ -116,9 +116,9 @@ module "ecs" {
               log-driver-buffer-limit = "2097152"
             }
           }
-          memory_reservation = 100
+          memoryReservation = 100
 
-          restart_policy = {
+          restartPolicy = {
             enabled              = true
             ignoredExitCodes     = [1]
             restartAttemptPeriod = 60

examples/complete/main.tf

@@ -1153,7 +1153,7 @@ data "aws_iam_policy_document" "tasks" {
       }
 
       dynamic "condition" {
-        for_each = statement.value.conditions != null ? statement.value.conditions : []
+        for_each = statement.value.condition != null ? statement.value.condition : []
 
         content {
           test     = condition.value.test
@@ -1177,7 +1177,7 @@ resource "aws_iam_policy" "tasks" {
 }
 
 resource "aws_iam_role_policy_attachment" "tasks" {
-  count = local.create_tasks_iam_role && (length(var.tasks_iam_role_statements) > 0 || var.enable_execute_command) ? 1 : 0
+  count = local.create_tasks_iam_role && (var.tasks_iam_role_statements != null || var.enable_execute_command) ? 1 : 0
 
   role       = aws_iam_role.tasks[0].name
   policy_arn = aws_iam_policy.tasks[0].arn

main.tf

@@ -270,12 +270,6 @@ variable "triggers" {
   default     = null
 }
 
-variable "wait_for_steady_state" {
-  description = "If true, Terraform will wait for the service to reach a steady state before continuing. Default is `false`"
-  type        = bool
-  default     = null
-}
-
 variable "volume_configuration" {
   description = "Configuration for a volume specified in the task definition as a volume that is configured at launch time"
   type = object({
@@ -309,6 +303,12 @@ variable "vpc_lattice_configurations" {
   default = null
 }
 
+variable "wait_for_steady_state" {
+  description = "If true, Terraform will wait for the service to reach a steady state before continuing. Default is `false`"
+  type        = bool
+  default     = null
+}
+
 variable "service_tags" {
   description = "A map of additional tags to add to the service"
   type        = map(string)
@@ -412,7 +412,6 @@ variable "task_definition_arn" {
 variable "container_definitions" {
   description = "A map of valid [container definitions](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html). Please note that you should only provide values that are part of the container definition document"
   type = map(object({
-    region                  = optional(string)
     enable_execute_command  = optional(bool, false)
     operating_system_family = optional(string, "LINUX")
     tags                    = optional(map(string), {})
@@ -556,7 +555,6 @@ variable "container_definitions" {
 variable "container_definition_defaults" {
   description = "A map of default values for [container definitions](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) created by `container_definitions`"
   type = map(object({
-    region                  = optional(string)
     enable_execute_command  = optional(bool, false)
     operating_system_family = optional(string, "LINUX")
     tags                    = optional(map(string), {})
@@ -747,15 +745,6 @@ variable "pid_mode" {
   default     = null
 }
 
-variable "task_definition_placement_constraints" {
-  description = "Configuration block for rules that are taken into consideration during task placement (up to max of 10). This is set at the task definition, see `placement_constraints` for setting at the service"
-  type = map(object({
-    expression = optional(string)
-    type       = string
-  }))
-  default = null
-}
-
 variable "proxy_configuration" {
   description = "Configuration block for the App Mesh proxy"
   type = object({
@@ -790,6 +779,15 @@ variable "skip_destroy" {
   default     = null
 }
 
+variable "task_definition_placement_constraints" {
+  description = "Configuration block for rules that are taken into consideration during task placement (up to max of 10). This is set at the task definition, see `placement_constraints` for setting at the service"
+  type = map(object({
+    expression = optional(string)
+    type       = string
+  }))
+  default = null
+}
+
 variable "track_latest" {
   description = "Whether should track latest `ACTIVE` task definition on AWS or the one created with the resource stored in state. Default is `false`. Useful in the event the task definition is modified outside of this resource"
   type        = bool
@@ -911,13 +909,13 @@ variable "create_task_exec_policy" {
 variable "task_exec_ssm_param_arns" {
   description = "List of SSM parameter ARNs the task execution role will be permitted to get/read"
   type        = list(string)
-  default     = ["arn:aws:ssm:*:*:parameter/*"]
+  default     = []
 }
 
 variable "task_exec_secret_arns" {
   description = "List of SecretsManager secret ARNs the task execution role will be permitted to get/read"
   type        = list(string)
-  default     = ["arn:aws:secretsmanager:*:*:secret:*"]
+  default     = []
 }
 
 variable "task_exec_iam_statements" {
@@ -1145,9 +1143,6 @@ variable "autoscaling_policies" {
     scale_out_cooldown = optional(number, 60)
     target_value       = optional(number, 75)
   }))
-
-
-
   default = {
     cpu = {
       policy_type = "TargetTrackingScaling"
@@ -1225,7 +1220,7 @@ variable "security_group_ingress_rules" {
     tags                         = optional(map(string), {})
     to_port                      = optional(string)
   }))
-  default = null
+  default = {}
 }
 
 variable "security_group_egress_rules" {
@@ -1241,7 +1236,7 @@ variable "security_group_egress_rules" {
     tags                         = optional(map(string), {})
     to_port                      = optional(string)
   }))
-  default = null
+  default = {}
 }
 
 variable "security_group_tags" {
@@ -1251,7 +1246,7 @@ variable "security_group_tags" {
 }
 
 ############################################################################################
-# ECS infrastructure IAM role
+# ECS Infrastructure IAM role
 ############################################################################################
 
 variable "create_infrastructure_iam_role" {