infraspecdev · rahul-infra · Nov 25, 2025 · Nov 25, 2025 · ashwinimanoj · Nov 25, 2025
diff --git a/README.md b/README.md
@@ -51,7 +51,6 @@ Terraform module to deploy production-ready applications and services on an exis
 | <a name="input_create_s3_bucket_for_alb_logging"></a> [create\_s3\_bucket\_for\_alb\_logging](#input\_create\_s3\_bucket\_for\_alb\_logging) | (Optional) Creates S3 bucket for storing ALB Access and Connection Logs. | `bool` | `true` | no |
 | <a name="input_default_capacity_providers_strategies"></a> [default\_capacity\_providers\_strategies](#input\_default\_capacity\_providers\_strategies) | (Optional) Set of capacity provider strategies to use by default for the cluster. | `any` | `[]` | no |
 | <a name="input_load_balancer"></a> [load\_balancer](#input\_load\_balancer) | Configuration for the Application Load Balancer. | <pre>object({<br/>    name                       = optional(string)<br/>    internal                   = optional(bool, false)<br/>    subnets_ids                = optional(list(string), [])<br/>    security_groups_ids        = optional(list(string), [])<br/>    preserve_host_header       = optional(bool)<br/>    enable_deletion_protection = optional(bool, false)<br/>    access_logs                = optional(any, null)<br/>    connection_logs            = optional(any, null)<br/>    target_groups              = optional(any, {})<br/>    listeners                  = optional(any, {})<br/>    listener_rules             = optional(any, {})<br/>    tags                       = optional(map(string), {})<br/>  })</pre> | `{}` | no |
-| <a name="input_region"></a> [region](#input\_region) | (Optional) AWS region to create resources in. | `string` | `null` | no |
 | <a name="input_route53_assume_role_arn"></a> [route53\_assume\_role\_arn](#input\_route53\_assume\_role\_arn) | (Optional) ARN of the role to assume for Route53 operations. | `string` | `null` | no |
 | <a name="input_s3_bucket_force_destroy"></a> [s3\_bucket\_force\_destroy](#input\_s3\_bucket\_force\_destroy) | (Optional, Default:false) Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. | `bool` | `false` | no |
 | <a name="input_s3_bucket_name"></a> [s3\_bucket\_name](#input\_s3\_bucket\_name) | (Optional, Forces new resource) Name of the bucket. | `string` | `null` | no |

diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -1,6 +1,17 @@
 provider "aws" {
   region = "ap-south-1"
 }
+provider "aws" {
+  alias  = "cross_account_provider"
+  region = var.region
+
+  dynamic "assume_role" {
+    for_each = var.route53_assume_role_arn != null ? [1] : []
+    content {
+      role_arn = var.route53_assume_role_arn
+    }
+  }
+}
 
 locals {
   task_definition_network_mode = "awsvpc"
@@ -25,6 +36,11 @@ locals {
 module "ecs_deployment" {
   source = "../../"
 
+  providers = {
+    aws                        = aws
+    aws.cross_account_provider = aws.cross_account_provider
+  }
+
   cluster_name = var.cluster_name
   vpc_id       = var.vpc_id
 
@@ -93,7 +109,6 @@ module "ecs_deployment" {
       record_zone_id    = data.aws_route53_zone.base_domain.zone_id
     }
   }
-  region = var.region
   # Cross-account role that ACM module will use for Route53 DNS record creation
   route53_assume_role_arn = var.route53_assume_role_arn
 

diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf
@@ -136,9 +136,11 @@ variable "domain_name" {
 variable "region" {
   description = "AWS region to deploy resources"
   type        = string
+  default     = null
 }
 
 variable "route53_assume_role_arn" {
   description = "ARN of the cross-account role for Route53 DNS record creation"
   type        = string
+  default     = null
 }
diff --git a/main.tf b/main.tf
@@ -243,22 +243,6 @@ resource "aws_ecs_task_definition" "this" {
 ################################################################################
 # Amazon Certificates Manager Sub-module
 ################################################################################
-provider "aws" {
-  region = var.region
-}
-
-# Cross-account provider for Route53
-provider "aws" {
-  alias  = "cross_account_provider"
-  region = var.region
-
-  dynamic "assume_role" {
-    for_each = var.route53_assume_role_arn != null ? [1] : []
-    content {
-      role_arn = var.route53_assume_role_arn
-    }
-  }
-}
 
 module "acm" {
   source = "./modules/acm"

diff --git a/modules/acm/README.md b/modules/acm/README.md
@@ -24,14 +24,13 @@ This sub-module creates the Amazon-issued certificate for a given domain with `v
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 6.0 |
-| <a name="provider_aws.cross_account_provider"></a> [aws.cross\_account\_provider](#provider\_aws.cross\_account\_provider) | ~> 6.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_aws.cross_account_provider"></a> [aws.cross\_account\_provider](#provider\_aws.cross\_account\_provider) | n/a |
 
 ## Modules
 

diff --git a/modules/acm/providers.tf b/modules/acm/providers.tf
@@ -1,10 +1,8 @@
 terraform {
   required_providers {
     aws = {
-      source  = "hashicorp/aws"
-      version = "~> 6.0"
+      source = "hashicorp/aws"
       configuration_aliases = [
-        aws,
         aws.cross_account_provider
       ]
     }

diff --git a/variables.tf b/variables.tf
@@ -200,12 +200,6 @@ variable "acm_certificates" {
   default  = {}
 }
 
-variable "region" {
-  description = "(Optional) AWS region to create resources in."
-  type        = string
-  default     = null
-}
-
 variable "route53_assume_role_arn" {
   description = "(Optional) ARN of the role to assume for Route53 operations."
   type        = string

diff --git a/versions.tf b/versions.tf
@@ -5,6 +5,10 @@ terraform {
     aws = {
       source  = "hashicorp/aws"
       version = "~> 6.0"
+
+      configuration_aliases = [
+        aws.cross_account_provider
+      ]
     }
   }
 }