diff --git a/README.md b/README.md
index 5e1ba9e..394d4c1 100644
--- a/README.md
+++ b/README.md
@@ -155,7 +155,7 @@ module "ecs" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 
 ## Providers
 
@@ -193,7 +193,7 @@ No resources.
 | <a name="input_create_task_exec_policy"></a> [create\_task\_exec\_policy](#input\_create\_task\_exec\_policy) | Determines whether the ECS task definition IAM policy should be created. This includes permissions included in AmazonECSTaskExecutionRolePolicy as well as access to secrets and SSM parameters | `bool` | `true` | no |
 | <a name="input_default_capacity_provider_strategy"></a> [default\_capacity\_provider\_strategy](#input\_default\_capacity\_provider\_strategy) | Map of default capacity provider strategy definitions to use for the cluster | <pre>map(object({<br/>    base   = optional(number)<br/>    name   = optional(string) # Will fall back to use map key if not set<br/>    weight = optional(number)<br/>  }))</pre> | `null` | no |
 | <a name="input_region"></a> [region](#input\_region) | Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration | `string` | `null` | no |
-| <a name="input_services"></a> [services](#input\_services) | Map of service definitions to create | <pre>map(object({<br/>    create         = optional(bool, true)<br/>    create_service = optional(bool, true)<br/>    tags           = optional(map(string), {})<br/><br/>    # Service<br/>    ignore_task_definition_changes = optional(bool, false)<br/>    alarms = optional(object({<br/>      alarm_names = list(string)<br/>      enable      = optional(bool, true)<br/>      rollback    = optional(bool, true)<br/>    }))<br/>    availability_zone_rebalancing = optional(string)<br/>    capacity_provider_strategy = optional(map(object({<br/>      base              = optional(number)<br/>      capacity_provider = string<br/>      weight            = optional(number)<br/>    })))<br/>    deployment_circuit_breaker = optional(object({<br/>      enable   = bool<br/>      rollback = bool<br/>    }))<br/>    deployment_controller = optional(object({<br/>      type = optional(string)<br/>    }))<br/>    deployment_maximum_percent         = optional(number, 200)<br/>    deployment_minimum_healthy_percent = optional(number, 66)<br/>    desired_count                      = optional(number, 1)<br/>    enable_ecs_managed_tags            = optional(bool, true)<br/>    enable_execute_command             = optional(bool, false)<br/>    force_delete                       = optional(bool)<br/>    force_new_deployment               = optional(bool, true)<br/>    health_check_grace_period_seconds  = optional(number)<br/>    launch_type                        = optional(string, "FARGATE")<br/>    load_balancer = optional(map(object({<br/>      container_name   = string<br/>      container_port   = number<br/>      elb_name         = optional(string)<br/>      target_group_arn = optional(string)<br/>    })))<br/>    name               = optional(string) # Will fall back to use map key if not set<br/>    assign_public_ip   = optional(bool, false)<br/>    security_group_ids = optional(list(string), [])<br/>    subnet_ids         = optional(list(string), [])<br/>    ordered_placement_strategy = optional(map(object({<br/>      field = optional(string)<br/>      type  = string<br/>    })))<br/>    placement_constraints = optional(map(object({<br/>      expression = optional(string)<br/>      type       = string<br/>    })))<br/>    platform_version    = optional(string)<br/>    propagate_tags      = optional(string)<br/>    scheduling_strategy = optional(string)<br/>    service_connect_configuration = optional(object({<br/>      enabled = optional(bool, true)<br/>      log_configuration = optional(object({<br/>        log_driver = string<br/>        options    = optional(map(string))<br/>        secret_option = optional(list(object({<br/>          name       = string<br/>          value_from = string<br/>        })))<br/>      }))<br/>      namespace = optional(string)<br/>      service = optional(list(object({<br/>        client_alias = optional(object({<br/>          dns_name = optional(string)<br/>          port     = number<br/>        }))<br/>        discovery_name        = optional(string)<br/>        ingress_port_override = optional(number)<br/>        port_name             = string<br/>        timeout = optional(object({<br/>          idle_timeout_seconds        = optional(number)<br/>          per_request_timeout_seconds = optional(number)<br/>        }))<br/>        tls = optional(object({<br/>          issuer_cert_authority = object({<br/>            aws_pca_authority_arn = string<br/>          })<br/>          kms_key  = optional(string)<br/>          role_arn = optional(string)<br/>        }))<br/>      })))<br/>    }))<br/>    service_registries = optional(object({<br/>      container_name = optional(string)<br/>      container_port = optional(number)<br/>      port           = optional(number)<br/>      registry_arn   = string<br/>    }))<br/>    timeouts = optional(object({<br/>      create = optional(string)<br/>      update = optional(string)<br/>      delete = optional(string)<br/>    }))<br/>    triggers = optional(map(string))<br/>    volume_configuration = optional(object({<br/>      name = string<br/>      managed_ebs_volume = object({<br/>        encrypted        = optional(bool)<br/>        file_system_type = optional(string)<br/>        iops             = optional(number)<br/>        kms_key_id       = optional(string)<br/>        size_in_gb       = optional(number)<br/>        snapshot_id      = optional(string)<br/>        tag_specifications = optional(list(object({<br/>          propagate_tags = optional(string, "TASK_DEFINITION")<br/>          resource_type  = string<br/>          tags           = optional(map(string))<br/>        })))<br/>        throughput  = optional(number)<br/>        volume_type = optional(string)<br/>      })<br/>    }))<br/>    vpc_lattice_configurations = optional(object({<br/>      role_arn         = string<br/>      target_group_arn = string<br/>      port_name        = string<br/>    }))<br/>    wait_for_steady_state = optional(bool)<br/>    service_tags          = optional(map(string), {})<br/>    # Service - IAM Role<br/>    create_iam_role               = optional(bool, true)<br/>    iam_role_arn                  = optional(string)<br/>    iam_role_name                 = optional(string)<br/>    iam_role_use_name_prefix      = optional(bool, true)<br/>    iam_role_path                 = optional(string)<br/>    iam_role_description          = optional(string)<br/>    iam_role_permissions_boundary = optional(string)<br/>    iam_role_tags                 = optional(map(string), {})<br/>    iam_role_statements = optional(list(object({<br/>      sid           = optional(string)<br/>      actions       = optional(list(string))<br/>      not_actions   = optional(list(string))<br/>      effect        = optional(string)<br/>      resources     = optional(list(string))<br/>      not_resources = optional(list(string))<br/>      principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      not_principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      condition = optional(list(object({<br/>        test     = string<br/>        values   = list(string)<br/>        variable = string<br/>      })))<br/>    })))<br/>    # Task Definition<br/>    create_task_definition = optional(bool, true)<br/>    task_definition_arn    = optional(string)<br/>    container_definitions = optional(map(object({<br/>      operating_system_family = optional(string)<br/>      tags                    = optional(map(string))<br/><br/>      # Container definition<br/>      command = optional(list(string))<br/>      cpu     = optional(number)<br/>      dependsOn = optional(list(object({<br/>        condition     = string<br/>        containerName = string<br/>      })))<br/>      disableNetworking      = optional(bool)<br/>      dnsSearchDomains       = optional(list(string))<br/>      dnsServers             = optional(list(string))<br/>      dockerLabels           = optional(map(string))<br/>      dockerSecurityOptions  = optional(list(string))<br/>      enable_execute_command = optional(bool)<br/>      entrypoint             = optional(list(string))<br/>      environment = optional(list(object({<br/>        name  = string<br/>        value = string<br/>      })))<br/>      environmentFiles = optional(list(object({<br/>        type  = string<br/>        value = string<br/>      })))<br/>      essential = optional(bool)<br/>      extraHosts = optional(list(object({<br/>        hostname  = string<br/>        ipAddress = string<br/>      })))<br/>      firelensConfiguration = optional(object({<br/>        options = optional(map(string))<br/>        type    = optional(string)<br/>      }))<br/>      healthCheck = optional(object({<br/>        command     = optional(list(string))<br/>        interval    = optional(number)<br/>        retries     = optional(number)<br/>        startPeriod = optional(number)<br/>        timeout     = optional(number)<br/>      }))<br/>      hostname    = optional(string)<br/>      image       = optional(string)<br/>      interactive = optional(bool)<br/>      links       = optional(list(string))<br/>      linuxParameters = optional(object({<br/>        capabilities = optional(object({<br/>          add  = optional(list(string))<br/>          drop = optional(list(string))<br/>        }))<br/>        devices = optional(list(object({<br/>          containerPath = optional(string)<br/>          hostPath      = optional(string)<br/>          permissions   = optional(list(string))<br/>        })))<br/>        initProcessEnabled = optional(bool)<br/>        maxSwap            = optional(number)<br/>        sharedMemorySize   = optional(number)<br/>        swappiness         = optional(number)<br/>        tmpfs = optional(list(object({<br/>          containerPath = string<br/>          mountOptions  = optional(list(string))<br/>          size          = number<br/>        })))<br/>      }))<br/>      logConfiguration = optional(object({<br/>        logDriver = optional(string)<br/>        options   = optional(map(string))<br/>        secretOptions = optional(list(object({<br/>          name      = string<br/>          valueFrom = string<br/>        })))<br/>      }))<br/>      memory            = optional(number)<br/>      memoryReservation = optional(number)<br/>      mountPoints = optional(list(object({<br/>        containerPath = optional(string)<br/>        readOnly      = optional(bool)<br/>        sourceVolume  = optional(string)<br/>      })), [])<br/>      name = optional(string)<br/>      portMappings = optional(list(object({<br/>        appProtocol        = optional(string)<br/>        containerPort      = optional(number)<br/>        containerPortRange = optional(string)<br/>        hostPort           = optional(number)<br/>        name               = optional(string)<br/>        protocol           = optional(string)<br/>      })), [])<br/>      privileged             = optional(bool)<br/>      pseudoTerminal         = optional(bool)<br/>      readonlyRootFilesystem = optional(bool)<br/>      repositoryCredentials = optional(object({<br/>        credentialsParameter = optional(string)<br/>      }))<br/>      resourceRequirements = optional(list(object({<br/>        type  = string<br/>        value = string<br/>      })))<br/>      restartPolicy = optional(object({<br/>        enabled              = optional(bool)<br/>        ignoredExitCodes     = optional(list(number))<br/>        restartAttemptPeriod = optional(number)<br/>      }))<br/>      secrets = optional(list(object({<br/>        name      = string<br/>        valueFrom = string<br/>      })))<br/>      startTimeout = optional(number)<br/>      stopTimeout  = optional(number)<br/>      systemControls = optional(list(object({<br/>        namespace = optional(string)<br/>        value     = optional(string)<br/>      })))<br/>      ulimits = optional(list(object({<br/>        hardLimit = number<br/>        name      = string<br/>        softLimit = number<br/>      })))<br/>      user               = optional(string)<br/>      versionConsistency = optional(string)<br/>      volumesFrom = optional(list(object({<br/>        readOnly        = optional(bool)<br/>        sourceContainer = optional(string)<br/>      })))<br/>      workingDirectory = optional(string)<br/><br/>      # Cloudwatch Log Group<br/>      service                                = optional(string, "")<br/>      enable_cloudwatch_logging              = optional(bool, true)<br/>      create_cloudwatch_log_group            = optional(bool, true)<br/>      cloudwatch_log_group_name              = optional(string)<br/>      cloudwatch_log_group_use_name_prefix   = optional(bool, false)<br/>      cloudwatch_log_group_class             = optional(string)<br/>      cloudwatch_log_group_retention_in_days = optional(number)<br/>      cloudwatch_log_group_kms_key_id        = optional(string)<br/>    })))<br/>    cpu                    = optional(number, 1024)<br/>    enable_fault_injection = optional(bool)<br/>    ephemeral_storage = optional(object({<br/>      size_in_gib = number<br/>    }))<br/>    family       = optional(string)<br/>    ipc_mode     = optional(string)<br/>    memory       = optional(number, 2048)<br/>    network_mode = optional(string, "awsvpc")<br/>    pid_mode     = optional(string)<br/>    proxy_configuration = optional(object({<br/>      container_name = string<br/>      properties     = optional(map(string))<br/>      type           = optional(string)<br/>    }))<br/>    requires_compatibilities = optional(list(string), ["FARGATE"])<br/>    runtime_platform = optional(object({<br/>      cpu_architecture        = optional(string, "X86_64")<br/>      operating_system_family = optional(string, "LINUX")<br/>      }),<br/>      # Default<br/>      {<br/>        cpu_architecture        = "X86_64"<br/>        operating_system_family = "LINUX"<br/>      }<br/>    )<br/>    skip_destroy = optional(bool)<br/>    task_definition_placement_constraints = optional(map(object({<br/>      expression = optional(string)<br/>      type       = string<br/>    })))<br/>    track_latest = optional(bool, true)<br/>    volume = optional(map(object({<br/>      configure_at_launch = optional(bool)<br/>      docker_volume_configuration = optional(object({<br/>        autoprovision = optional(bool)<br/>        driver        = optional(string)<br/>        driver_opts   = optional(map(string))<br/>        labels        = optional(map(string))<br/>        scope         = optional(string)<br/>      }))<br/>      efs_volume_configuration = optional(object({<br/>        authorization_config = optional(object({<br/>          access_point_id = optional(string)<br/>          iam             = optional(string)<br/>        }))<br/>        file_system_id          = string<br/>        root_directory          = optional(string)<br/>        transit_encryption      = optional(string)<br/>        transit_encryption_port = optional(number)<br/>      }))<br/>      fsx_windows_file_server_volume_configuration = optional(object({<br/>        authorization_config = optional(object({<br/>          credentials_parameter = string<br/>          domain                = string<br/>        }))<br/>        file_system_id = string<br/>        root_directory = string<br/>      }))<br/>      host_path = optional(string)<br/>      name      = optional(string)<br/>    })))<br/>    task_tags = optional(map(string), {})<br/>    # Task Execution - IAM Role<br/>    create_task_exec_iam_role               = optional(bool, true)<br/>    task_exec_iam_role_arn                  = optional(string)<br/>    task_exec_iam_role_name                 = optional(string)<br/>    task_exec_iam_role_use_name_prefix      = optional(bool, true)<br/>    task_exec_iam_role_path                 = optional(string)<br/>    task_exec_iam_role_description          = optional(string)<br/>    task_exec_iam_role_permissions_boundary = optional(string)<br/>    task_exec_iam_role_tags                 = optional(map(string), {})<br/>    task_exec_iam_role_policies             = optional(map(string), {})<br/>    task_exec_iam_role_max_session_duration = optional(number)<br/>    create_task_exec_policy                 = optional(bool, true)<br/>    task_exec_ssm_param_arns                = optional(list(string), [])<br/>    task_exec_secret_arns                   = optional(list(string), [])<br/>    task_exec_iam_statements = optional(list(object({<br/>      sid           = optional(string)<br/>      actions       = optional(list(string))<br/>      not_actions   = optional(list(string))<br/>      effect        = optional(string)<br/>      resources     = optional(list(string))<br/>      not_resources = optional(list(string))<br/>      principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      not_principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      condition = optional(list(object({<br/>        test     = string<br/>        values   = list(string)<br/>        variable = string<br/>      })))<br/>    })))<br/>    task_exec_iam_policy_path = optional(string)<br/>    # Tasks - IAM Role<br/>    create_tasks_iam_role               = optional(bool, true)<br/>    tasks_iam_role_arn                  = optional(string)<br/>    tasks_iam_role_name                 = optional(string)<br/>    tasks_iam_role_use_name_prefix      = optional(bool, true)<br/>    tasks_iam_role_path                 = optional(string)<br/>    tasks_iam_role_description          = optional(string)<br/>    tasks_iam_role_permissions_boundary = optional(string)<br/>    tasks_iam_role_tags                 = optional(map(string), {})<br/>    tasks_iam_role_policies             = optional(map(string), {})<br/>    tasks_iam_role_statements = optional(list(object({<br/>      sid           = optional(string)<br/>      actions       = optional(list(string))<br/>      not_actions   = optional(list(string))<br/>      effect        = optional(string)<br/>      resources     = optional(list(string))<br/>      not_resources = optional(list(string))<br/>      principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      not_principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      condition = optional(list(object({<br/>        test     = string<br/>        values   = list(string)<br/>        variable = string<br/>      })))<br/>    })))<br/>    # Task Set<br/>    external_id = optional(string)<br/>    scale = optional(object({<br/>      unit  = optional(string)<br/>      value = optional(number)<br/>    }))<br/>    wait_until_stable         = optional(bool)<br/>    wait_until_stable_timeout = optional(string)<br/>    # Autoscaling<br/>    enable_autoscaling       = optional(bool, true)<br/>    autoscaling_min_capacity = optional(number, 1)<br/>    autoscaling_max_capacity = optional(number, 10)<br/>    autoscaling_policies = optional(map(object({<br/>      name        = optional(string) # Will fall back to the key name if not provided<br/>      policy_type = optional(string, "TargetTrackingScaling")<br/>      step_scaling_policy_configuration = optional(object({<br/>        adjustment_type          = optional(string)<br/>        cooldown                 = optional(number)<br/>        metric_aggregation_type  = optional(string)<br/>        min_adjustment_magnitude = optional(number)<br/>        step_adjustment = optional(list(object({<br/>          metric_interval_lower_bound = optional(string)<br/>          metric_interval_upper_bound = optional(string)<br/>          scaling_adjustment          = number<br/>        })))<br/>      }))<br/>      target_tracking_scaling_policy_configuration = optional(object({<br/>        customized_metric_specification = optional(object({<br/>          dimensions = optional(list(object({<br/>            name  = string<br/>            value = string<br/>          })))<br/>          metric_name = optional(string)<br/>          metrics = optional(list(object({<br/>            expression = optional(string)<br/>            id         = string<br/>            label      = optional(string)<br/>            metric_stat = optional(object({<br/>              metric = object({<br/>                dimensions = optional(list(object({<br/>                  name  = string<br/>                  value = string<br/>                })))<br/>                metric_name = string<br/>                namespace   = string<br/>              })<br/>              stat = string<br/>              unit = optional(string)<br/>            }))<br/>            return_data = optional(bool)<br/>          })))<br/>          namespace = optional(string)<br/>          statistic = optional(string)<br/>          unit      = optional(string)<br/>        }))<br/><br/>        disable_scale_in = optional(bool)<br/>        predefined_metric_specification = optional(object({<br/>          predefined_metric_type = string<br/>          resource_label         = optional(string)<br/>        }))<br/>        scale_in_cooldown  = optional(number, 300)<br/>        scale_out_cooldown = optional(number, 60)<br/>        target_value       = optional(number, 75)<br/>      }))<br/>      })),<br/>      # Default<br/>      {<br/>        cpu = {<br/>          policy_type = "TargetTrackingScaling"<br/><br/>          target_tracking_scaling_policy_configuration = {<br/>            predefined_metric_specification = {<br/>              predefined_metric_type = "ECSServiceAverageCPUUtilization"<br/>            }<br/>          }<br/>        }<br/>        memory = {<br/>          policy_type = "TargetTrackingScaling"<br/><br/>          target_tracking_scaling_policy_configuration = {<br/>            predefined_metric_specification = {<br/>              predefined_metric_type = "ECSServiceAverageMemoryUtilization"<br/>            }<br/>          }<br/>        }<br/>      }<br/>    )<br/>    autoscaling_scheduled_actions = optional(map(object({<br/>      name         = optional(string)<br/>      min_capacity = number<br/>      max_capacity = number<br/>      schedule     = string<br/>      start_time   = optional(string)<br/>      end_time     = optional(string)<br/>      timezone     = optional(string)<br/>    })))<br/>    # Security Group<br/>    create_security_group          = optional(bool, true)<br/>    security_group_name            = optional(string)<br/>    security_group_use_name_prefix = optional(bool, true)<br/>    security_group_description     = optional(string)<br/>    security_group_ingress_rules = optional(map(object({<br/>      cidr_ipv4                    = optional(string)<br/>      cidr_ipv6                    = optional(string)<br/>      description                  = optional(string)<br/>      from_port                    = optional(string)<br/>      ip_protocol                  = optional(string, "tcp")<br/>      prefix_list_id               = optional(string)<br/>      referenced_security_group_id = optional(string)<br/>      tags                         = optional(map(string), {})<br/>      to_port                      = optional(string)<br/>      })),<br/>      # Default<br/>      {}<br/>    )<br/>    security_group_egress_rules = optional(map(object({<br/>      cidr_ipv4                    = optional(string)<br/>      cidr_ipv6                    = optional(string)<br/>      description                  = optional(string)<br/>      from_port                    = optional(string)<br/>      ip_protocol                  = optional(string, "tcp")<br/>      prefix_list_id               = optional(string)<br/>      referenced_security_group_id = optional(string)<br/>      tags                         = optional(map(string), {})<br/>      to_port                      = optional(string)<br/>      })),<br/>      # Default<br/>      {}<br/>    )<br/>    security_group_tags = optional(map(string), {})<br/>    # ECS Infrastructure IAM Role<br/>    create_infrastructure_iam_role               = optional(bool, true)<br/>    infrastructure_iam_role_arn                  = optional(string)<br/>    infrastructure_iam_role_name                 = optional(string)<br/>    infrastructure_iam_role_use_name_prefix      = optional(bool, true)<br/>    infrastructure_iam_role_path                 = optional(string)<br/>    infrastructure_iam_role_description          = optional(string)<br/>    infrastructure_iam_role_permissions_boundary = optional(string)<br/>    infrastructure_iam_role_tags                 = optional(map(string), {})<br/>  }))</pre> | `null` | no |
+| <a name="input_services"></a> [services](#input\_services) | Map of service definitions to create | <pre>map(object({<br/>    create         = optional(bool, true)<br/>    create_service = optional(bool, true)<br/>    tags           = optional(map(string), {})<br/><br/>    # Service<br/>    ignore_task_definition_changes = optional(bool, false)<br/>    alarms = optional(object({<br/>      alarm_names = list(string)<br/>      enable      = optional(bool, true)<br/>      rollback    = optional(bool, true)<br/>    }))<br/>    availability_zone_rebalancing = optional(string)<br/>    capacity_provider_strategy = optional(map(object({<br/>      base              = optional(number)<br/>      capacity_provider = string<br/>      weight            = optional(number)<br/>    })))<br/>    deployment_circuit_breaker = optional(object({<br/>      enable   = bool<br/>      rollback = bool<br/>    }))<br/>    deployment_configuration = optional(object({<br/>      strategy             = optional(string)<br/>      bake_time_in_minutes = optional(string)<br/>      lifecycle_hook = optional(map(object({<br/>        hook_target_arn  = string<br/>        role_arn         = string<br/>        lifecycle_stages = list(string)<br/>      })))<br/>    }))<br/>    deployment_controller = optional(object({<br/>      type = optional(string)<br/>    }))<br/>    deployment_maximum_percent         = optional(number, 200)<br/>    deployment_minimum_healthy_percent = optional(number, 66)<br/>    desired_count                      = optional(number, 1)<br/>    enable_ecs_managed_tags            = optional(bool, true)<br/>    enable_execute_command             = optional(bool, false)<br/>    force_delete                       = optional(bool)<br/>    force_new_deployment               = optional(bool, true)<br/>    health_check_grace_period_seconds  = optional(number)<br/>    launch_type                        = optional(string, "FARGATE")<br/>    load_balancer = optional(map(object({<br/>      container_name   = string<br/>      container_port   = number<br/>      elb_name         = optional(string)<br/>      target_group_arn = optional(string)<br/>      advanced_configuration = optional(object({<br/>        alternate_target_group_arn = string<br/>        production_listener_rule   = string<br/>        role_arn                   = string<br/>        test_listener_rule         = optional(string)<br/>      }))<br/>    })))<br/>    name               = optional(string) # Will fall back to use map key if not set<br/>    assign_public_ip   = optional(bool, false)<br/>    security_group_ids = optional(list(string), [])<br/>    subnet_ids         = optional(list(string), [])<br/>    ordered_placement_strategy = optional(map(object({<br/>      field = optional(string)<br/>      type  = string<br/>    })))<br/>    placement_constraints = optional(map(object({<br/>      expression = optional(string)<br/>      type       = string<br/>    })))<br/>    platform_version    = optional(string)<br/>    propagate_tags      = optional(string)<br/>    scheduling_strategy = optional(string)<br/>    service_connect_configuration = optional(object({<br/>      enabled = optional(bool, true)<br/>      log_configuration = optional(object({<br/>        log_driver = string<br/>        options    = optional(map(string))<br/>        secret_option = optional(list(object({<br/>          name       = string<br/>          value_from = string<br/>        })))<br/>      }))<br/>      namespace = optional(string)<br/>      service = optional(list(object({<br/>        client_alias = optional(object({<br/>          dns_name = optional(string)<br/>          port     = number<br/>          test_traffic_rules = optional(list(object({<br/>            header = optional(object({<br/>              name = string<br/>              value = object({<br/>                exact = string<br/>              })<br/>            }))<br/>          })))<br/>        }))<br/>        discovery_name        = optional(string)<br/>        ingress_port_override = optional(number)<br/>        port_name             = string<br/>        timeout = optional(object({<br/>          idle_timeout_seconds        = optional(number)<br/>          per_request_timeout_seconds = optional(number)<br/>        }))<br/>        tls = optional(object({<br/>          issuer_cert_authority = object({<br/>            aws_pca_authority_arn = string<br/>          })<br/>          kms_key  = optional(string)<br/>          role_arn = optional(string)<br/>        }))<br/>      })))<br/>    }))<br/>    service_registries = optional(object({<br/>      container_name = optional(string)<br/>      container_port = optional(number)<br/>      port           = optional(number)<br/>      registry_arn   = string<br/>    }))<br/>    timeouts = optional(object({<br/>      create = optional(string)<br/>      update = optional(string)<br/>      delete = optional(string)<br/>    }))<br/>    triggers = optional(map(string))<br/>    volume_configuration = optional(object({<br/>      name = string<br/>      managed_ebs_volume = object({<br/>        encrypted        = optional(bool)<br/>        file_system_type = optional(string)<br/>        iops             = optional(number)<br/>        kms_key_id       = optional(string)<br/>        size_in_gb       = optional(number)<br/>        snapshot_id      = optional(string)<br/>        tag_specifications = optional(list(object({<br/>          propagate_tags = optional(string, "TASK_DEFINITION")<br/>          resource_type  = string<br/>          tags           = optional(map(string))<br/>        })))<br/>        throughput  = optional(number)<br/>        volume_type = optional(string)<br/>      })<br/>    }))<br/>    vpc_lattice_configurations = optional(object({<br/>      role_arn         = string<br/>      target_group_arn = string<br/>      port_name        = string<br/>    }))<br/>    wait_for_steady_state = optional(bool)<br/>    service_tags          = optional(map(string), {})<br/>    # Service - IAM Role<br/>    create_iam_role               = optional(bool, true)<br/>    iam_role_arn                  = optional(string)<br/>    iam_role_name                 = optional(string)<br/>    iam_role_use_name_prefix      = optional(bool, true)<br/>    iam_role_path                 = optional(string)<br/>    iam_role_description          = optional(string)<br/>    iam_role_permissions_boundary = optional(string)<br/>    iam_role_tags                 = optional(map(string), {})<br/>    iam_role_statements = optional(list(object({<br/>      sid           = optional(string)<br/>      actions       = optional(list(string))<br/>      not_actions   = optional(list(string))<br/>      effect        = optional(string)<br/>      resources     = optional(list(string))<br/>      not_resources = optional(list(string))<br/>      principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      not_principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      condition = optional(list(object({<br/>        test     = string<br/>        values   = list(string)<br/>        variable = string<br/>      })))<br/>    })))<br/>    # Task Definition<br/>    create_task_definition = optional(bool, true)<br/>    task_definition_arn    = optional(string)<br/>    container_definitions = optional(map(object({<br/>      operating_system_family = optional(string)<br/>      tags                    = optional(map(string))<br/><br/>      # Container definition<br/>      command = optional(list(string))<br/>      cpu     = optional(number)<br/>      dependsOn = optional(list(object({<br/>        condition     = string<br/>        containerName = string<br/>      })))<br/>      disableNetworking      = optional(bool)<br/>      dnsSearchDomains       = optional(list(string))<br/>      dnsServers             = optional(list(string))<br/>      dockerLabels           = optional(map(string))<br/>      dockerSecurityOptions  = optional(list(string))<br/>      enable_execute_command = optional(bool)<br/>      entrypoint             = optional(list(string))<br/>      environment = optional(list(object({<br/>        name  = string<br/>        value = string<br/>      })))<br/>      environmentFiles = optional(list(object({<br/>        type  = string<br/>        value = string<br/>      })))<br/>      essential = optional(bool)<br/>      extraHosts = optional(list(object({<br/>        hostname  = string<br/>        ipAddress = string<br/>      })))<br/>      firelensConfiguration = optional(object({<br/>        options = optional(map(string))<br/>        type    = optional(string)<br/>      }))<br/>      healthCheck = optional(object({<br/>        command     = optional(list(string))<br/>        interval    = optional(number)<br/>        retries     = optional(number)<br/>        startPeriod = optional(number)<br/>        timeout     = optional(number)<br/>      }))<br/>      hostname    = optional(string)<br/>      image       = optional(string)<br/>      interactive = optional(bool)<br/>      links       = optional(list(string))<br/>      linuxParameters = optional(object({<br/>        capabilities = optional(object({<br/>          add  = optional(list(string))<br/>          drop = optional(list(string))<br/>        }))<br/>        devices = optional(list(object({<br/>          containerPath = optional(string)<br/>          hostPath      = optional(string)<br/>          permissions   = optional(list(string))<br/>        })))<br/>        initProcessEnabled = optional(bool)<br/>        maxSwap            = optional(number)<br/>        sharedMemorySize   = optional(number)<br/>        swappiness         = optional(number)<br/>        tmpfs = optional(list(object({<br/>          containerPath = string<br/>          mountOptions  = optional(list(string))<br/>          size          = number<br/>        })))<br/>      }))<br/>      logConfiguration = optional(object({<br/>        logDriver = optional(string)<br/>        options   = optional(map(string))<br/>        secretOptions = optional(list(object({<br/>          name      = string<br/>          valueFrom = string<br/>        })))<br/>      }))<br/>      memory            = optional(number)<br/>      memoryReservation = optional(number)<br/>      mountPoints = optional(list(object({<br/>        containerPath = optional(string)<br/>        readOnly      = optional(bool)<br/>        sourceVolume  = optional(string)<br/>      })), [])<br/>      name = optional(string)<br/>      portMappings = optional(list(object({<br/>        appProtocol        = optional(string)<br/>        containerPort      = optional(number)<br/>        containerPortRange = optional(string)<br/>        hostPort           = optional(number)<br/>        name               = optional(string)<br/>        protocol           = optional(string)<br/>      })), [])<br/>      privileged             = optional(bool)<br/>      pseudoTerminal         = optional(bool)<br/>      readonlyRootFilesystem = optional(bool)<br/>      repositoryCredentials = optional(object({<br/>        credentialsParameter = optional(string)<br/>      }))<br/>      resourceRequirements = optional(list(object({<br/>        type  = string<br/>        value = string<br/>      })))<br/>      restartPolicy = optional(object({<br/>        enabled              = optional(bool)<br/>        ignoredExitCodes     = optional(list(number))<br/>        restartAttemptPeriod = optional(number)<br/>      }))<br/>      secrets = optional(list(object({<br/>        name      = string<br/>        valueFrom = string<br/>      })))<br/>      startTimeout = optional(number)<br/>      stopTimeout  = optional(number)<br/>      systemControls = optional(list(object({<br/>        namespace = optional(string)<br/>        value     = optional(string)<br/>      })))<br/>      ulimits = optional(list(object({<br/>        hardLimit = number<br/>        name      = string<br/>        softLimit = number<br/>      })))<br/>      user               = optional(string)<br/>      versionConsistency = optional(string)<br/>      volumesFrom = optional(list(object({<br/>        readOnly        = optional(bool)<br/>        sourceContainer = optional(string)<br/>      })))<br/>      workingDirectory = optional(string)<br/><br/>      # Cloudwatch Log Group<br/>      service                                = optional(string, "")<br/>      enable_cloudwatch_logging              = optional(bool, true)<br/>      create_cloudwatch_log_group            = optional(bool, true)<br/>      cloudwatch_log_group_name              = optional(string)<br/>      cloudwatch_log_group_use_name_prefix   = optional(bool, false)<br/>      cloudwatch_log_group_class             = optional(string)<br/>      cloudwatch_log_group_retention_in_days = optional(number)<br/>      cloudwatch_log_group_kms_key_id        = optional(string)<br/>    })))<br/>    cpu                    = optional(number, 1024)<br/>    enable_fault_injection = optional(bool)<br/>    ephemeral_storage = optional(object({<br/>      size_in_gib = number<br/>    }))<br/>    family       = optional(string)<br/>    ipc_mode     = optional(string)<br/>    memory       = optional(number, 2048)<br/>    network_mode = optional(string, "awsvpc")<br/>    pid_mode     = optional(string)<br/>    proxy_configuration = optional(object({<br/>      container_name = string<br/>      properties     = optional(map(string))<br/>      type           = optional(string)<br/>    }))<br/>    requires_compatibilities = optional(list(string), ["FARGATE"])<br/>    runtime_platform = optional(object({<br/>      cpu_architecture        = optional(string, "X86_64")<br/>      operating_system_family = optional(string, "LINUX")<br/>      }),<br/>      # Default<br/>      {<br/>        cpu_architecture        = "X86_64"<br/>        operating_system_family = "LINUX"<br/>      }<br/>    )<br/>    skip_destroy = optional(bool)<br/>    task_definition_placement_constraints = optional(map(object({<br/>      expression = optional(string)<br/>      type       = string<br/>    })))<br/>    track_latest = optional(bool, true)<br/>    volume = optional(map(object({<br/>      configure_at_launch = optional(bool)<br/>      docker_volume_configuration = optional(object({<br/>        autoprovision = optional(bool)<br/>        driver        = optional(string)<br/>        driver_opts   = optional(map(string))<br/>        labels        = optional(map(string))<br/>        scope         = optional(string)<br/>      }))<br/>      efs_volume_configuration = optional(object({<br/>        authorization_config = optional(object({<br/>          access_point_id = optional(string)<br/>          iam             = optional(string)<br/>        }))<br/>        file_system_id          = string<br/>        root_directory          = optional(string)<br/>        transit_encryption      = optional(string)<br/>        transit_encryption_port = optional(number)<br/>      }))<br/>      fsx_windows_file_server_volume_configuration = optional(object({<br/>        authorization_config = optional(object({<br/>          credentials_parameter = string<br/>          domain                = string<br/>        }))<br/>        file_system_id = string<br/>        root_directory = string<br/>      }))<br/>      host_path = optional(string)<br/>      name      = optional(string)<br/>    })))<br/>    task_tags = optional(map(string), {})<br/>    # Task Execution - IAM Role<br/>    create_task_exec_iam_role               = optional(bool, true)<br/>    task_exec_iam_role_arn                  = optional(string)<br/>    task_exec_iam_role_name                 = optional(string)<br/>    task_exec_iam_role_use_name_prefix      = optional(bool, true)<br/>    task_exec_iam_role_path                 = optional(string)<br/>    task_exec_iam_role_description          = optional(string)<br/>    task_exec_iam_role_permissions_boundary = optional(string)<br/>    task_exec_iam_role_tags                 = optional(map(string), {})<br/>    task_exec_iam_role_policies             = optional(map(string), {})<br/>    task_exec_iam_role_max_session_duration = optional(number)<br/>    create_task_exec_policy                 = optional(bool, true)<br/>    task_exec_ssm_param_arns                = optional(list(string), [])<br/>    task_exec_secret_arns                   = optional(list(string), [])<br/>    task_exec_iam_statements = optional(list(object({<br/>      sid           = optional(string)<br/>      actions       = optional(list(string))<br/>      not_actions   = optional(list(string))<br/>      effect        = optional(string)<br/>      resources     = optional(list(string))<br/>      not_resources = optional(list(string))<br/>      principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      not_principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      condition = optional(list(object({<br/>        test     = string<br/>        values   = list(string)<br/>        variable = string<br/>      })))<br/>    })))<br/>    task_exec_iam_policy_path = optional(string)<br/>    # Tasks - IAM Role<br/>    create_tasks_iam_role               = optional(bool, true)<br/>    tasks_iam_role_arn                  = optional(string)<br/>    tasks_iam_role_name                 = optional(string)<br/>    tasks_iam_role_use_name_prefix      = optional(bool, true)<br/>    tasks_iam_role_path                 = optional(string)<br/>    tasks_iam_role_description          = optional(string)<br/>    tasks_iam_role_permissions_boundary = optional(string)<br/>    tasks_iam_role_tags                 = optional(map(string), {})<br/>    tasks_iam_role_policies             = optional(map(string), {})<br/>    tasks_iam_role_statements = optional(list(object({<br/>      sid           = optional(string)<br/>      actions       = optional(list(string))<br/>      not_actions   = optional(list(string))<br/>      effect        = optional(string)<br/>      resources     = optional(list(string))<br/>      not_resources = optional(list(string))<br/>      principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      not_principals = optional(list(object({<br/>        type        = string<br/>        identifiers = list(string)<br/>      })))<br/>      condition = optional(list(object({<br/>        test     = string<br/>        values   = list(string)<br/>        variable = string<br/>      })))<br/>    })))<br/>    # Task Set<br/>    external_id = optional(string)<br/>    scale = optional(object({<br/>      unit  = optional(string)<br/>      value = optional(number)<br/>    }))<br/>    wait_until_stable         = optional(bool)<br/>    wait_until_stable_timeout = optional(string)<br/>    # Autoscaling<br/>    enable_autoscaling       = optional(bool, true)<br/>    autoscaling_min_capacity = optional(number, 1)<br/>    autoscaling_max_capacity = optional(number, 10)<br/>    autoscaling_policies = optional(map(object({<br/>      name        = optional(string) # Will fall back to the key name if not provided<br/>      policy_type = optional(string, "TargetTrackingScaling")<br/>      step_scaling_policy_configuration = optional(object({<br/>        adjustment_type          = optional(string)<br/>        cooldown                 = optional(number)<br/>        metric_aggregation_type  = optional(string)<br/>        min_adjustment_magnitude = optional(number)<br/>        step_adjustment = optional(list(object({<br/>          metric_interval_lower_bound = optional(string)<br/>          metric_interval_upper_bound = optional(string)<br/>          scaling_adjustment          = number<br/>        })))<br/>      }))<br/>      target_tracking_scaling_policy_configuration = optional(object({<br/>        customized_metric_specification = optional(object({<br/>          dimensions = optional(list(object({<br/>            name  = string<br/>            value = string<br/>          })))<br/>          metric_name = optional(string)<br/>          metrics = optional(list(object({<br/>            expression = optional(string)<br/>            id         = string<br/>            label      = optional(string)<br/>            metric_stat = optional(object({<br/>              metric = object({<br/>                dimensions = optional(list(object({<br/>                  name  = string<br/>                  value = string<br/>                })))<br/>                metric_name = string<br/>                namespace   = string<br/>              })<br/>              stat = string<br/>              unit = optional(string)<br/>            }))<br/>            return_data = optional(bool)<br/>          })))<br/>          namespace = optional(string)<br/>          statistic = optional(string)<br/>          unit      = optional(string)<br/>        }))<br/><br/>        disable_scale_in = optional(bool)<br/>        predefined_metric_specification = optional(object({<br/>          predefined_metric_type = string<br/>          resource_label         = optional(string)<br/>        }))<br/>        scale_in_cooldown  = optional(number, 300)<br/>        scale_out_cooldown = optional(number, 60)<br/>        target_value       = optional(number, 75)<br/>      }))<br/>      })),<br/>      # Default<br/>      {<br/>        cpu = {<br/>          policy_type = "TargetTrackingScaling"<br/><br/>          target_tracking_scaling_policy_configuration = {<br/>            predefined_metric_specification = {<br/>              predefined_metric_type = "ECSServiceAverageCPUUtilization"<br/>            }<br/>          }<br/>        }<br/>        memory = {<br/>          policy_type = "TargetTrackingScaling"<br/><br/>          target_tracking_scaling_policy_configuration = {<br/>            predefined_metric_specification = {<br/>              predefined_metric_type = "ECSServiceAverageMemoryUtilization"<br/>            }<br/>          }<br/>        }<br/>      }<br/>    )<br/>    autoscaling_scheduled_actions = optional(map(object({<br/>      name         = optional(string)<br/>      min_capacity = number<br/>      max_capacity = number<br/>      schedule     = string<br/>      start_time   = optional(string)<br/>      end_time     = optional(string)<br/>      timezone     = optional(string)<br/>    })))<br/>    # Security Group<br/>    create_security_group          = optional(bool, true)<br/>    security_group_name            = optional(string)<br/>    security_group_use_name_prefix = optional(bool, true)<br/>    security_group_description     = optional(string)<br/>    security_group_ingress_rules = optional(map(object({<br/>      cidr_ipv4                    = optional(string)<br/>      cidr_ipv6                    = optional(string)<br/>      description                  = optional(string)<br/>      from_port                    = optional(string)<br/>      ip_protocol                  = optional(string, "tcp")<br/>      prefix_list_id               = optional(string)<br/>      referenced_security_group_id = optional(string)<br/>      tags                         = optional(map(string), {})<br/>      to_port                      = optional(string)<br/>      })),<br/>      # Default<br/>      {}<br/>    )<br/>    security_group_egress_rules = optional(map(object({<br/>      cidr_ipv4                    = optional(string)<br/>      cidr_ipv6                    = optional(string)<br/>      description                  = optional(string)<br/>      from_port                    = optional(string)<br/>      ip_protocol                  = optional(string, "tcp")<br/>      prefix_list_id               = optional(string)<br/>      referenced_security_group_id = optional(string)<br/>      tags                         = optional(map(string), {})<br/>      to_port                      = optional(string)<br/>      })),<br/>      # Default<br/>      {}<br/>    )<br/>    security_group_tags = optional(map(string), {})<br/>    # ECS Infrastructure IAM Role<br/>    create_infrastructure_iam_role               = optional(bool, true)<br/>    infrastructure_iam_role_arn                  = optional(string)<br/>    infrastructure_iam_role_name                 = optional(string)<br/>    infrastructure_iam_role_use_name_prefix      = optional(bool, true)<br/>    infrastructure_iam_role_path                 = optional(string)<br/>    infrastructure_iam_role_description          = optional(string)<br/>    infrastructure_iam_role_permissions_boundary = optional(string)<br/>    infrastructure_iam_role_tags                 = optional(map(string), {})<br/>  }))</pre> | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |
 | <a name="input_task_exec_iam_role_description"></a> [task\_exec\_iam\_role\_description](#input\_task\_exec\_iam\_role\_description) | Description of the role | `string` | `null` | no |
 | <a name="input_task_exec_iam_role_name"></a> [task\_exec\_iam\_role\_name](#input\_task\_exec\_iam\_role\_name) | Name to use on IAM role created | `string` | `null` | no |
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 090e1c3..817eb4e 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -27,13 +27,13 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.4 |
 
 ## Modules
 
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index db13b0a..497e3e6 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/examples/container-definition/README.md b/examples/container-definition/README.md
index 46b7bd3..2a5ab63 100644
--- a/examples/container-definition/README.md
+++ b/examples/container-definition/README.md
@@ -22,7 +22,7 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 | <a name="requirement_local"></a> [local](#requirement\_local) | >= 2.5 |
 
 ## Providers
diff --git a/examples/container-definition/versions.tf b/examples/container-definition/versions.tf
index f5b245b..9efd186 100644
--- a/examples/container-definition/versions.tf
+++ b/examples/container-definition/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
     local = {
       source  = "hashicorp/local"
diff --git a/examples/ec2-autoscaling/README.md b/examples/ec2-autoscaling/README.md
index c08d6c1..fd50be0 100644
--- a/examples/ec2-autoscaling/README.md
+++ b/examples/ec2-autoscaling/README.md
@@ -27,13 +27,13 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.4 |
 
 ## Modules
 
diff --git a/examples/ec2-autoscaling/versions.tf b/examples/ec2-autoscaling/versions.tf
index db13b0a..497e3e6 100644
--- a/examples/ec2-autoscaling/versions.tf
+++ b/examples/ec2-autoscaling/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/examples/fargate/README.md b/examples/fargate/README.md
index 440a45c..2a74d68 100644
--- a/examples/fargate/README.md
+++ b/examples/fargate/README.md
@@ -27,13 +27,13 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.4 |
 
 ## Modules
 
@@ -49,6 +49,9 @@ Note that this example may create resources which will incur monetary charges on
 
 | Name | Type |
 |------|------|
+| [aws_iam_role.ecs_elb_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.ecs_elb_management_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.ecs_service_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_service_discovery_http_namespace.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/service_discovery_http_namespace) | resource |
 | [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
 | [aws_ssm_parameter.fluentbit](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
diff --git a/examples/fargate/main.tf b/examples/fargate/main.tf
index b84c738..f52e2c6 100644
--- a/examples/fargate/main.tf
+++ b/examples/fargate/main.tf
@@ -60,6 +60,26 @@ module "ecs_service" {
   # Enables ECS Exec
   enable_execute_command = true
 
+  # for blue/green deployments
+  deployment_configuration = {
+    strategy             = "BLUE_GREEN"
+    bake_time_in_minutes = 2
+
+    # example config using lifecycle hooks
+    # lifecycle_hook = {
+    #  success = {
+    #    hook_target_arn  = aws_lambda_function.hook_success.arn
+    #    role_arn         = aws_iam_role.global.arn
+    #    lifecycle_stages = ["POST_SCALE_UP", "POST_TEST_TRAFFIC_SHIFT"]
+    #  }
+    #  failure = {
+    #    hook_target_arn  = aws_lambda_function.hook_failure.arn
+    #    role_arn         = aws_iam_role.global.arn
+    #    lifecycle_stages = ["TEST_TRAFFIC_SHIFT", "POST_PRODUCTION_TRAFFIC_SHIFT"]
+    #  }
+    # }
+  }
+
   # Container definition(s)
   container_definitions = {
 
@@ -152,6 +172,14 @@ module "ecs_service" {
       target_group_arn = module.alb.target_groups["ex_ecs"].arn
       container_name   = local.container_name
       container_port   = local.container_port
+
+      # for blue/green deployments
+      advanced_configuration = {
+        alternate_target_group_arn = module.alb.target_groups["ex_ecs_alternate"].arn
+        production_listener_rule   = module.alb.listener_rules["ex_http/production"].arn
+        test_listener_rule         = module.alb.listener_rules["ex_http/test"].arn
+        role_arn                   = aws_iam_role.ecs_elb_permissions.arn
+      }
     }
   }
 
@@ -176,6 +204,12 @@ module "ecs_service" {
   }
 
   tags = local.tags
+
+  depends_on = [
+    aws_iam_role.ecs_elb_permissions,
+    aws_iam_role_policy_attachment.ecs_service_role,
+    aws_iam_role_policy_attachment.ecs_elb_management_role
+  ]
 }
 
 ################################################################################
@@ -278,8 +312,60 @@ module "alb" {
       port     = 80
       protocol = "HTTP"
 
-      forward = {
-        target_group_key = "ex_ecs"
+      fixed_response = {
+        content_type = "text/plain"
+        message_body = "404: Page not found"
+        status_code  = "404"
+      }
+
+      # for blue/green deployments
+      rules = {
+        production = {
+          priority = 1
+          actions = [
+            {
+              type = "weighted-forward"
+              target_groups = [
+                {
+                  target_group_key = "ex_ecs"
+                  weight           = 100
+                },
+                {
+                  target_group_key = "ex_ecs_alternate"
+                  weight           = 0
+                }
+              ]
+            }
+          ]
+          conditions = [
+            {
+              path_pattern = {
+                values = ["/*"]
+              }
+            }
+          ]
+        }
+        test = {
+          priority = 2
+          actions = [
+            {
+              type = "weighted-forward"
+              target_groups = [
+                {
+                  target_group_key = "ex_ecs_alternate"
+                  weight           = 100
+                }
+              ]
+            }
+          ]
+          conditions = [
+            {
+              path_pattern = {
+                values = ["/*"]
+              }
+            }
+          ]
+        }
       }
     }
   }
@@ -308,6 +394,31 @@ module "alb" {
       # ECS will attach the IPs of the tasks to this target group
       create_attachment = false
     }
+
+    # for blue/green deployments
+    ex_ecs_alternate = {
+      backend_protocol                  = "HTTP"
+      backend_port                      = local.container_port
+      target_type                       = "ip"
+      deregistration_delay              = 5
+      load_balancing_cross_zone_enabled = true
+
+      health_check = {
+        enabled             = true
+        healthy_threshold   = 5
+        interval            = 30
+        matcher             = "200"
+        path                = "/"
+        port                = "traffic-port"
+        protocol            = "HTTP"
+        timeout             = 5
+        unhealthy_threshold = 2
+      }
+
+      # There's nothing to attach here in this definition. Instead,
+      # ECS will attach the IPs of the tasks to this target group
+      create_attachment = false
+    }
   }
 
   tags = local.tags
@@ -329,3 +440,33 @@ module "vpc" {
 
   tags = local.tags
 }
+
+resource "aws_iam_role" "ecs_elb_permissions" {
+  name = "${local.name}-ecs-elb-role"
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = "sts:AssumeRole"
+        Effect = "Allow"
+        Principal = {
+          Service = [
+            "ecs-tasks.amazonaws.com",
+            "ecs.amazonaws.com",
+          ]
+        }
+      }
+    ]
+  })
+}
+
+# for example purposes only
+resource "aws_iam_role_policy_attachment" "ecs_service_role" {
+  role       = aws_iam_role.ecs_elb_permissions.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole"
+}
+
+resource "aws_iam_role_policy_attachment" "ecs_elb_management_role" {
+  role       = aws_iam_role.ecs_elb_permissions.name
+  policy_arn = "arn:aws:iam::aws:policy/AmazonECSInfrastructureRolePolicyForLoadBalancers"
+}
diff --git a/examples/fargate/versions.tf b/examples/fargate/versions.tf
index db13b0a..497e3e6 100644
--- a/examples/fargate/versions.tf
+++ b/examples/fargate/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/main.tf b/main.tf
index d2380a5..5e1d1fe 100644
--- a/main.tf
+++ b/main.tf
@@ -65,6 +65,7 @@ module "service" {
   capacity_provider_strategy         = each.value.capacity_provider_strategy
   cluster_arn                        = module.cluster.arn
   deployment_circuit_breaker         = each.value.deployment_circuit_breaker
+  deployment_configuration           = each.value.deployment_configuration
   deployment_controller              = each.value.deployment_controller
   deployment_maximum_percent         = each.value.deployment_maximum_percent
   deployment_minimum_healthy_percent = each.value.deployment_minimum_healthy_percent
diff --git a/modules/cluster/README.md b/modules/cluster/README.md
index c44adee..06f4bd8 100644
--- a/modules/cluster/README.md
+++ b/modules/cluster/README.md
@@ -135,13 +135,13 @@ module "ecs_cluster" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.4 |
 
 ## Modules
 
diff --git a/modules/cluster/versions.tf b/modules/cluster/versions.tf
index db13b0a..497e3e6 100644
--- a/modules/cluster/versions.tf
+++ b/modules/cluster/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/modules/container-definition/README.md b/modules/container-definition/README.md
index 2fc6448..665c1c4 100644
--- a/modules/container-definition/README.md
+++ b/modules/container-definition/README.md
@@ -116,13 +116,13 @@ module "example_ecs_container_definition" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.4 |
 
 ## Modules
 
diff --git a/modules/container-definition/versions.tf b/modules/container-definition/versions.tf
index db13b0a..497e3e6 100644
--- a/modules/container-definition/versions.tf
+++ b/modules/container-definition/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/modules/service/README.md b/modules/service/README.md
index 70f4528..babf5fc 100644
--- a/modules/service/README.md
+++ b/modules/service/README.md
@@ -170,13 +170,13 @@ module "ecs_service" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.4 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.4 |
 
 ## Modules
 
@@ -250,6 +250,7 @@ module "ecs_service" {
 | <a name="input_create_task_exec_policy"></a> [create\_task\_exec\_policy](#input\_create\_task\_exec\_policy) | Determines whether the ECS task definition IAM policy should be created. This includes permissions included in AmazonECSTaskExecutionRolePolicy as well as access to secrets and SSM parameters | `bool` | `true` | no |
 | <a name="input_create_tasks_iam_role"></a> [create\_tasks\_iam\_role](#input\_create\_tasks\_iam\_role) | Determines whether the ECS tasks IAM role should be created | `bool` | `true` | no |
 | <a name="input_deployment_circuit_breaker"></a> [deployment\_circuit\_breaker](#input\_deployment\_circuit\_breaker) | Configuration block for deployment circuit breaker | <pre>object({<br/>    enable   = bool<br/>    rollback = bool<br/>  })</pre> | `null` | no |
+| <a name="input_deployment_configuration"></a> [deployment\_configuration](#input\_deployment\_configuration) | Configuration block for deployment settings | <pre>object({<br/>    strategy             = optional(string)<br/>    bake_time_in_minutes = optional(string)<br/>    lifecycle_hook = optional(map(object({<br/>      hook_target_arn  = string<br/>      role_arn         = string<br/>      lifecycle_stages = list(string)<br/>    })))<br/>  })</pre> | `null` | no |
 | <a name="input_deployment_controller"></a> [deployment\_controller](#input\_deployment\_controller) | Configuration block for deployment controller configuration | <pre>object({<br/>    type = optional(string)<br/>  })</pre> | `null` | no |
 | <a name="input_deployment_maximum_percent"></a> [deployment\_maximum\_percent](#input\_deployment\_maximum\_percent) | Upper limit (as a percentage of the service's `desired_count`) of the number of running tasks that can be running in a service during a deployment | `number` | `200` | no |
 | <a name="input_deployment_minimum_healthy_percent"></a> [deployment\_minimum\_healthy\_percent](#input\_deployment\_minimum\_healthy\_percent) | Lower limit (as a percentage of the service's `desired_count`) of the number of running tasks that must remain running and healthy in a service during a deployment | `number` | `66` | no |
@@ -282,7 +283,7 @@ module "ecs_service" {
 | <a name="input_infrastructure_iam_role_use_name_prefix"></a> [infrastructure\_iam\_role\_use\_name\_prefix](#input\_infrastructure\_iam\_role\_use\_name\_prefix) | Determines whether the IAM role name (`iam_role_name`) is used as a prefix | `bool` | `true` | no |
 | <a name="input_ipc_mode"></a> [ipc\_mode](#input\_ipc\_mode) | IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none` | `string` | `null` | no |
 | <a name="input_launch_type"></a> [launch\_type](#input\_launch\_type) | Launch type on which to run your service. The valid values are `EC2`, `FARGATE`, and `EXTERNAL`. Defaults to `FARGATE` | `string` | `"FARGATE"` | no |
-| <a name="input_load_balancer"></a> [load\_balancer](#input\_load\_balancer) | Configuration block for load balancers | <pre>map(object({<br/>    container_name   = string<br/>    container_port   = number<br/>    elb_name         = optional(string)<br/>    target_group_arn = optional(string)<br/>  }))</pre> | `null` | no |
+| <a name="input_load_balancer"></a> [load\_balancer](#input\_load\_balancer) | Configuration block for load balancers | <pre>map(object({<br/>    container_name   = string<br/>    container_port   = number<br/>    elb_name         = optional(string)<br/>    target_group_arn = optional(string)<br/>    advanced_configuration = optional(object({<br/>      alternate_target_group_arn = string<br/>      production_listener_rule   = string<br/>      role_arn                   = string<br/>      test_listener_rule         = optional(string)<br/>    }))<br/>  }))</pre> | `null` | no |
 | <a name="input_memory"></a> [memory](#input\_memory) | Amount (in MiB) of memory used by the task. If the `requires_compatibilities` is `FARGATE` this field is required | `number` | `2048` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name of the service (up to 255 letters, numbers, hyphens, and underscores) | `string` | `null` | no |
 | <a name="input_network_mode"></a> [network\_mode](#input\_network\_mode) | Docker networking mode to use for the containers in the task. Valid values are `none`, `bridge`, `awsvpc`, and `host` | `string` | `"awsvpc"` | no |
@@ -304,7 +305,7 @@ module "ecs_service" {
 | <a name="input_security_group_name"></a> [security\_group\_name](#input\_security\_group\_name) | Name to use on security group created | `string` | `null` | no |
 | <a name="input_security_group_tags"></a> [security\_group\_tags](#input\_security\_group\_tags) | A map of additional tags to add to the security group created | `map(string)` | `{}` | no |
 | <a name="input_security_group_use_name_prefix"></a> [security\_group\_use\_name\_prefix](#input\_security\_group\_use\_name\_prefix) | Determines whether the security group name (`security_group_name`) is used as a prefix | `bool` | `true` | no |
-| <a name="input_service_connect_configuration"></a> [service\_connect\_configuration](#input\_service\_connect\_configuration) | The ECS Service Connect configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace | <pre>object({<br/>    enabled = optional(bool, true)<br/>    log_configuration = optional(object({<br/>      log_driver = string<br/>      options    = optional(map(string))<br/>      secret_option = optional(list(object({<br/>        name       = string<br/>        value_from = string<br/>      })))<br/>    }))<br/>    namespace = optional(string)<br/>    service = optional(list(object({<br/>      client_alias = optional(object({<br/>        dns_name = optional(string)<br/>        port     = number<br/>      }))<br/>      discovery_name        = optional(string)<br/>      ingress_port_override = optional(number)<br/>      port_name             = string<br/>      timeout = optional(object({<br/>        idle_timeout_seconds        = optional(number)<br/>        per_request_timeout_seconds = optional(number)<br/>      }))<br/>      tls = optional(object({<br/>        issuer_cert_authority = object({<br/>          aws_pca_authority_arn = string<br/>        })<br/>        kms_key  = optional(string)<br/>        role_arn = optional(string)<br/>      }))<br/>    })))<br/>  })</pre> | `null` | no |
+| <a name="input_service_connect_configuration"></a> [service\_connect\_configuration](#input\_service\_connect\_configuration) | The ECS Service Connect configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace | <pre>object({<br/>    enabled = optional(bool, true)<br/>    log_configuration = optional(object({<br/>      log_driver = string<br/>      options    = optional(map(string))<br/>      secret_option = optional(list(object({<br/>        name       = string<br/>        value_from = string<br/>      })))<br/>    }))<br/>    namespace = optional(string)<br/>    service = optional(list(object({<br/>      client_alias = optional(object({<br/>        dns_name = optional(string)<br/>        port     = number<br/>        test_traffic_rules = optional(list(object({<br/>          header = optional(object({<br/>            name = string<br/>            value = object({<br/>              exact = string<br/>            })<br/>          }))<br/>        })))<br/>      }))<br/>      discovery_name        = optional(string)<br/>      ingress_port_override = optional(number)<br/>      port_name             = string<br/>      timeout = optional(object({<br/>        idle_timeout_seconds        = optional(number)<br/>        per_request_timeout_seconds = optional(number)<br/>      }))<br/>      tls = optional(object({<br/>        issuer_cert_authority = object({<br/>          aws_pca_authority_arn = string<br/>        })<br/>        kms_key  = optional(string)<br/>        role_arn = optional(string)<br/>      }))<br/>    })))<br/>  })</pre> | `null` | no |
 | <a name="input_service_registries"></a> [service\_registries](#input\_service\_registries) | Service discovery registries for the service | <pre>object({<br/>    container_name = optional(string)<br/>    container_port = optional(number)<br/>    port           = optional(number)<br/>    registry_arn   = string<br/>  })</pre> | `null` | no |
 | <a name="input_service_tags"></a> [service\_tags](#input\_service\_tags) | A map of additional tags to add to the service | `map(string)` | `{}` | no |
 | <a name="input_skip_destroy"></a> [skip\_destroy](#input\_skip\_destroy) | If true, the task is not deleted when the service is deleted | `bool` | `null` | no |
diff --git a/modules/service/main.tf b/modules/service/main.tf
index b3fc157..6119c86 100644
--- a/modules/service/main.tf
+++ b/modules/service/main.tf
@@ -73,6 +73,25 @@ resource "aws_ecs_service" "this" {
     }
   }
 
+  dynamic "deployment_configuration" {
+    for_each = var.deployment_configuration != null ? [var.deployment_configuration] : []
+
+    content {
+      strategy             = deployment_configuration.value.strategy
+      bake_time_in_minutes = deployment_configuration.value.bake_time_in_minutes
+
+      dynamic "lifecycle_hook" {
+        for_each = deployment_configuration.value.lifecycle_hook != null ? deployment_configuration.value.lifecycle_hook : {}
+
+        content {
+          hook_target_arn  = lifecycle_hook.value.hook_target_arn
+          role_arn         = lifecycle_hook.value.role_arn
+          lifecycle_stages = lifecycle_hook.value.lifecycle_stages
+        }
+      }
+    }
+  }
+
   dynamic "deployment_controller" {
     for_each = var.deployment_controller != null ? [var.deployment_controller] : []
 
@@ -101,6 +120,17 @@ resource "aws_ecs_service" "this" {
       container_port   = load_balancer.value.container_port
       elb_name         = load_balancer.value.elb_name
       target_group_arn = load_balancer.value.target_group_arn
+
+      dynamic "advanced_configuration" {
+        for_each = load_balancer.value.advanced_configuration != null ? [load_balancer.value.advanced_configuration] : []
+
+        content {
+          alternate_target_group_arn = advanced_configuration.value.alternate_target_group_arn
+          production_listener_rule   = advanced_configuration.value.production_listener_rule
+          role_arn                   = advanced_configuration.value.role_arn
+          test_listener_rule         = advanced_configuration.value.test_listener_rule
+        }
+      }
     }
   }
 
@@ -176,6 +206,28 @@ resource "aws_ecs_service" "this" {
             content {
               dns_name = client_alias.value.dns_name
               port     = client_alias.value.port
+
+              dynamic "test_traffic_rules" {
+                for_each = client_alias.value.test_traffic_rules != null ? client_alias.value.test_traffic_rules : []
+
+                content {
+                  dynamic "header" {
+                    for_each = test_traffic_rules.value.header != null ? [test_traffic_rules.value.header] : []
+
+                    content {
+                      name = header.value.name
+
+                      dynamic "value" {
+                        for_each = header.value.value != null ? [header.value.value] : []
+
+                        content {
+                          exact = value.value.exact
+                        }
+                      }
+                    }
+                  }
+                }
+              }
             }
           }
 
@@ -341,6 +393,25 @@ resource "aws_ecs_service" "ignore_task_definition" {
     }
   }
 
+  dynamic "deployment_configuration" {
+    for_each = var.deployment_configuration != null ? [var.deployment_configuration] : []
+
+    content {
+      strategy             = deployment_configuration.value.strategy
+      bake_time_in_minutes = deployment_configuration.value.bake_time_in_minutes
+
+      dynamic "lifecycle_hook" {
+        for_each = deployment_configuration.value.lifecycle_hook != null ? deployment_configuration.value.lifecycle_hook : {}
+
+        content {
+          hook_target_arn  = lifecycle_hook.value.hook_target_arn
+          role_arn         = lifecycle_hook.value.role_arn
+          lifecycle_stages = lifecycle_hook.value.lifecycle_stages
+        }
+      }
+    }
+  }
+
   dynamic "deployment_controller" {
     for_each = var.deployment_controller != null ? [var.deployment_controller] : []
 
@@ -369,6 +440,17 @@ resource "aws_ecs_service" "ignore_task_definition" {
       container_port   = load_balancer.value.container_port
       elb_name         = load_balancer.value.elb_name
       target_group_arn = load_balancer.value.target_group_arn
+
+      dynamic "advanced_configuration" {
+        for_each = load_balancer.value.advanced_configuration != null ? [load_balancer.value.advanced_configuration] : []
+
+        content {
+          alternate_target_group_arn = advanced_configuration.value.alternate_target_group_arn
+          production_listener_rule   = advanced_configuration.value.production_listener_rule
+          role_arn                   = advanced_configuration.value.role_arn
+          test_listener_rule         = advanced_configuration.value.test_listener_rule
+        }
+      }
     }
   }
 
@@ -444,6 +526,28 @@ resource "aws_ecs_service" "ignore_task_definition" {
             content {
               dns_name = client_alias.value.dns_name
               port     = client_alias.value.port
+
+              dynamic "test_traffic_rules" {
+                for_each = client_alias.value.test_traffic_rules != null ? client_alias.value.test_traffic_rules : []
+
+                content {
+                  dynamic "header" {
+                    for_each = test_traffic_rules.value.header != null ? [test_traffic_rules.value.header] : []
+
+                    content {
+                      name = header.value.name
+
+                      dynamic "value" {
+                        for_each = header.value.value != null ? [header.value.value] : []
+
+                        content {
+                          exact = value.value.exact
+                        }
+                      }
+                    }
+                  }
+                }
+              }
             }
           }
 
diff --git a/modules/service/variables.tf b/modules/service/variables.tf
index f007632..0a49c7a 100644
--- a/modules/service/variables.tf
+++ b/modules/service/variables.tf
@@ -73,6 +73,20 @@ variable "deployment_circuit_breaker" {
   default = null
 }
 
+variable "deployment_configuration" {
+  description = "Configuration block for deployment settings"
+  type = object({
+    strategy             = optional(string)
+    bake_time_in_minutes = optional(string)
+    lifecycle_hook = optional(map(object({
+      hook_target_arn  = string
+      role_arn         = string
+      lifecycle_stages = list(string)
+    })))
+  })
+  default = null
+}
+
 variable "deployment_controller" {
   description = "Configuration block for deployment controller configuration"
   type = object({
@@ -142,6 +156,12 @@ variable "load_balancer" {
     container_port   = number
     elb_name         = optional(string)
     target_group_arn = optional(string)
+    advanced_configuration = optional(object({
+      alternate_target_group_arn = string
+      production_listener_rule   = string
+      role_arn                   = string
+      test_listener_rule         = optional(string)
+    }))
   }))
   default = null
 }
@@ -223,6 +243,14 @@ variable "service_connect_configuration" {
       client_alias = optional(object({
         dns_name = optional(string)
         port     = number
+        test_traffic_rules = optional(list(object({
+          header = optional(object({
+            name = string
+            value = object({
+              exact = string
+            })
+          }))
+        })))
       }))
       discovery_name        = optional(string)
       ingress_port_override = optional(number)
diff --git a/modules/service/versions.tf b/modules/service/versions.tf
index db13b0a..497e3e6 100644
--- a/modules/service/versions.tf
+++ b/modules/service/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/variables.tf b/variables.tf
index 6122006..47b5928 100644
--- a/variables.tf
+++ b/variables.tf
@@ -280,6 +280,15 @@ variable "services" {
       enable   = bool
       rollback = bool
     }))
+    deployment_configuration = optional(object({
+      strategy             = optional(string)
+      bake_time_in_minutes = optional(string)
+      lifecycle_hook = optional(map(object({
+        hook_target_arn  = string
+        role_arn         = string
+        lifecycle_stages = list(string)
+      })))
+    }))
     deployment_controller = optional(object({
       type = optional(string)
     }))
@@ -297,6 +306,12 @@ variable "services" {
       container_port   = number
       elb_name         = optional(string)
       target_group_arn = optional(string)
+      advanced_configuration = optional(object({
+        alternate_target_group_arn = string
+        production_listener_rule   = string
+        role_arn                   = string
+        test_listener_rule         = optional(string)
+      }))
     })))
     name               = optional(string) # Will fall back to use map key if not set
     assign_public_ip   = optional(bool, false)
@@ -328,6 +343,14 @@ variable "services" {
         client_alias = optional(object({
           dns_name = optional(string)
           port     = number
+          test_traffic_rules = optional(list(object({
+            header = optional(object({
+              name = string
+              value = object({
+                exact = string
+              })
+            }))
+          })))
         }))
         discovery_name        = optional(string)
         ingress_port_override = optional(number)
diff --git a/versions.tf b/versions.tf
index db13b0a..497e3e6 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/wrappers/cluster/versions.tf b/wrappers/cluster/versions.tf
index db13b0a..497e3e6 100644
--- a/wrappers/cluster/versions.tf
+++ b/wrappers/cluster/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/wrappers/container-definition/versions.tf b/wrappers/container-definition/versions.tf
index db13b0a..497e3e6 100644
--- a/wrappers/container-definition/versions.tf
+++ b/wrappers/container-definition/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/wrappers/service/main.tf b/wrappers/service/main.tf
index 96bdbbe..8cb3d9d 100644
--- a/wrappers/service/main.tf
+++ b/wrappers/service/main.tf
@@ -43,6 +43,7 @@ module "wrapper" {
   create_task_exec_policy                      = try(each.value.create_task_exec_policy, var.defaults.create_task_exec_policy, true)
   create_tasks_iam_role                        = try(each.value.create_tasks_iam_role, var.defaults.create_tasks_iam_role, true)
   deployment_circuit_breaker                   = try(each.value.deployment_circuit_breaker, var.defaults.deployment_circuit_breaker, null)
+  deployment_configuration                     = try(each.value.deployment_configuration, var.defaults.deployment_configuration, null)
   deployment_controller                        = try(each.value.deployment_controller, var.defaults.deployment_controller, null)
   deployment_maximum_percent                   = try(each.value.deployment_maximum_percent, var.defaults.deployment_maximum_percent, 200)
   deployment_minimum_healthy_percent           = try(each.value.deployment_minimum_healthy_percent, var.defaults.deployment_minimum_healthy_percent, 66)
diff --git a/wrappers/service/versions.tf b/wrappers/service/versions.tf
index db13b0a..497e3e6 100644
--- a/wrappers/service/versions.tf
+++ b/wrappers/service/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }
diff --git a/wrappers/versions.tf b/wrappers/versions.tf
index db13b0a..497e3e6 100644
--- a/wrappers/versions.tf
+++ b/wrappers/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 6.0"
+      version = ">= 6.4"
     }
   }
 }