fix: changed github.ref to pullrequest.ref since it points the actual branch.

terraform-docs: automated action

feat: added route53 arn and region in examples.

Removed extra space in my example variabes.tf

Author: rahul-infra

.github/workflows/terraform-docs.yaml

@@ -13,7 +13,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
-          ref: ${{ github.ref }}
+          ref: ${{ github.event.pull_request.head.ref }}
 
       - name: Render and Push terraform docs for main module
         uses: terraform-docs/gh-actions@main

README.md

@@ -12,13 +12,13 @@ Terraform module to deploy production-ready applications and services on an exis
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 6.0 |
 
 ## Modules
 
@@ -51,6 +51,8 @@ Terraform module to deploy production-ready applications and services on an exis
 | <a name="input_create_s3_bucket_for_alb_logging"></a> [create\_s3\_bucket\_for\_alb\_logging](#input\_create\_s3\_bucket\_for\_alb\_logging) | (Optional) Creates S3 bucket for storing ALB Access and Connection Logs. | `bool` | `true` | no |
 | <a name="input_default_capacity_providers_strategies"></a> [default\_capacity\_providers\_strategies](#input\_default\_capacity\_providers\_strategies) | (Optional) Set of capacity provider strategies to use by default for the cluster. | `any` | `[]` | no |
 | <a name="input_load_balancer"></a> [load\_balancer](#input\_load\_balancer) | Configuration for the Application Load Balancer. | <pre>object({<br/>    name                       = optional(string)<br/>    internal                   = optional(bool, false)<br/>    subnets_ids                = optional(list(string), [])<br/>    security_groups_ids        = optional(list(string), [])<br/>    preserve_host_header       = optional(bool)<br/>    enable_deletion_protection = optional(bool, false)<br/>    access_logs                = optional(any, null)<br/>    connection_logs            = optional(any, null)<br/>    target_groups              = optional(any, {})<br/>    listeners                  = optional(any, {})<br/>    listener_rules             = optional(any, {})<br/>    tags                       = optional(map(string), {})<br/>  })</pre> | `{}` | no |
+| <a name="input_region"></a> [region](#input\_region) | (Optional) AWS region to create resources in. | `string` | `null` | no |
+| <a name="input_route53_assume_role_arn"></a> [route53\_assume\_role\_arn](#input\_route53\_assume\_role\_arn) | (Optional) ARN of the role to assume for Route53 operations. | `string` | `null` | no |
 | <a name="input_s3_bucket_force_destroy"></a> [s3\_bucket\_force\_destroy](#input\_s3\_bucket\_force\_destroy) | (Optional, Default:false) Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. | `bool` | `false` | no |
 | <a name="input_s3_bucket_name"></a> [s3\_bucket\_name](#input\_s3\_bucket\_name) | (Optional, Forces new resource) Name of the bucket. | `string` | `null` | no |
 | <a name="input_s3_bucket_policy_id_prefix"></a> [s3\_bucket\_policy\_id\_prefix](#input\_s3\_bucket\_policy\_id\_prefix) | (Optional) - Prefix of the ID for the policy document. | `string` | `"ecs-deployment-alb-"` | no |

examples/complete/main.tf

@@ -93,6 +93,9 @@ module "ecs_deployment" {
       record_zone_id    = data.aws_route53_zone.base_domain.zone_id
     }
   }
+  region = var.region
+  # Cross-account role that ACM module will use for Route53 DNS record creation
+  route53_assume_role_arn = var.route53_assume_role_arn
 
   # Application Load Balancer
   load_balancer = {

examples/complete/variables.tf

@@ -132,3 +132,13 @@ variable "domain_name" {
   description = "Domain name for ACM"
   type        = string
 }
+
+variable "region" {
+  description = "AWS region to deploy resources"
+  type        = string
+}
+
+variable "route53_assume_role_arn" {
+  description = "ARN of the cross-account role for Route53 DNS record creation"
+  type        = string
+}

modules/acm/README.md

@@ -24,12 +24,14 @@ This sub-module creates the Amazon-issued certificate for a given domain with `v
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 6.0 |
+| <a name="provider_aws.dns"></a> [aws.dns](#provider\_aws.dns) | ~> 6.0 |
 
 ## Modules
 
@@ -41,7 +43,8 @@ No modules.
 |------|------|
 | [aws_acm_certificate.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
 | [aws_acm_certificate_validation.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource |
-| [aws_route53_record.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_record.cross_account](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_record.same_account](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
 
 ## Inputs
 
@@ -54,6 +57,7 @@ No modules.
 | <a name="input_certificate_validation_option"></a> [certificate\_validation\_option](#input\_certificate\_validation\_option) | (Optional) Configuration block used to specify information about the initial validation of each domain name. | <pre>object({<br/>    domain_name       = string<br/>    validation_domain = string<br/>  })</pre> | `null` | no |
 | <a name="input_record_allow_overwrite"></a> [record\_allow\_overwrite](#input\_record\_allow\_overwrite) | (Optional) Allow creation of this record in Terraform to overwrite an existing record, if any. | `bool` | `true` | no |
 | <a name="input_record_zone_id"></a> [record\_zone\_id](#input\_record\_zone\_id) | (Required) Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. | `string` | n/a | yes |
+| <a name="input_route53_assume_role_arn"></a> [route53\_assume\_role\_arn](#input\_route53\_assume\_role\_arn) | (Optional) IAM role ARN to assume for Route53 operations | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | (Optional) Map of tags to assign to the resource. | `map(string)` | `{}` | no |
 
 ## Outputs
@@ -63,5 +67,5 @@ No modules.
 | <a name="output_acm_certificate_arn"></a> [acm\_certificate\_arn](#output\_acm\_certificate\_arn) | ARN of the ACM certificate. |
 | <a name="output_acm_certificate_id"></a> [acm\_certificate\_id](#output\_acm\_certificate\_id) | ARN of the ACM certificate. |
 | <a name="output_acm_certificate_validation_id"></a> [acm\_certificate\_validation\_id](#output\_acm\_certificate\_validation\_id) | Identifier of the ACM certificate validation resource. |
-| <a name="output_route53_record_id"></a> [route53\_record\_id](#output\_route53\_record\_id) | Identifier of the Route53 Record for validation of the ACM certificate. |
+| <a name="output_route53_record_id"></a> [route53\_record\_id](#output\_route53\_record\_id) | Identifier of the Route53 Record (supports same & cross-account). |
 <!-- END_TF_DOCS -->