Merge pull request #216 from thoughtbot/eks-entries

EKS access entries
thoughtbot · Nov 25, 2024 · 1e85a20 · 1e85a20
2 parents 5aa7945 + fed6493
commit 1e85a20
Show file tree

Hide file tree

Showing 30 changed files with 135 additions and 100 deletions.
diff --git a/aws/cluster/README.md b/aws/cluster/README.md
@@ -64,13 +64,13 @@ module "cluster" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 
 ## Modules
 
@@ -87,14 +87,16 @@ module "cluster" {
 
 | Name | Type |
 |------|------|
-| [aws_ssm_parameter.node_role_arn](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
-| [aws_ssm_parameter.oidc_issuer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
-| [aws_subnet.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |
+| [aws_ssm_parameter.node_role_arn](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/ssm_parameter) | resource |
+| [aws_ssm_parameter.oidc_issuer](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/ssm_parameter) | resource |
+| [aws_subnet.private](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/subnet) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_auth_mode"></a> [auth\_mode](#input\_auth\_mode) | Authentiation mode associated with the cluster Access config | `string` | `"API_AND_CONFIG_MAP"` | no |
+| <a name="input_bootstrap_cluster_creator_admin_permission"></a> [bootstrap\_cluster\_creator\_admin\_permission](#input\_bootstrap\_cluster\_creator\_admin\_permission) | Bootstrap access config values to the cluster | `bool` | `false` | no |
 | <a name="input_enabled_cluster_log_types"></a> [enabled\_cluster\_log\_types](#input\_enabled\_cluster\_log\_types) | Which EKS control plane log types to enable | `list(string)` | `[]` | no |
 | <a name="input_endpoint_private_access"></a> [endpoint\_private\_access](#input\_endpoint\_private\_access) | Enables the Amazon EKS private API server endpoint. | `bool` | `false` | no |
 | <a name="input_endpoint_public_access"></a> [endpoint\_public\_access](#input\_endpoint\_public\_access) | Enables the Amazon EKS public API server endpoint. | `bool` | `true` | no |

diff --git a/aws/cluster/main.tf b/aws/cluster/main.tf
@@ -16,16 +16,18 @@ module "network" {
 module "eks_cluster" {
   source = "./modules/eks-cluster"
 
-  enabled_cluster_log_types = var.enabled_cluster_log_types
-  endpoint_private_access   = var.endpoint_private_access
-  endpoint_public_access    = var.endpoint_public_access
-  k8s_version               = var.k8s_version
-  log_retention_in_days     = var.log_retention_in_days
-  name                      = module.cluster_name.full
-  private_subnet_ids        = module.network.private_subnet_ids
-  public_subnet_ids         = module.network.public_subnet_ids
-  tags                      = var.tags
-  vpc                       = module.network.vpc
+  auth_mode                                  = var.auth_mode
+  bootstrap_cluster_creator_admin_permission = var.bootstrap_cluster_creator_admin_permission
+  enabled_cluster_log_types                  = var.enabled_cluster_log_types
+  endpoint_private_access                    = var.endpoint_private_access
+  endpoint_public_access                     = var.endpoint_public_access
+  k8s_version                                = var.k8s_version
+  log_retention_in_days                      = var.log_retention_in_days
+  name                                       = module.cluster_name.full
+  private_subnet_ids                         = module.network.private_subnet_ids
+  public_subnet_ids                          = module.network.public_subnet_ids
+  tags                                       = var.tags
+  vpc                                        = module.network.vpc
 
   depends_on = [module.node_role]
 }

diff --git a/aws/cluster/modules/eks-cluster/README.md b/aws/cluster/modules/eks-cluster/README.md
@@ -4,33 +4,35 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [aws_cloudwatch_log_group.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_eks_cluster.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster) | resource |
-| [aws_iam_role.control_plane](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.control_plane](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_kms_alias.eks_key_alias](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias) | resource |
-| [aws_kms_key.eks_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
-| [aws_security_group.control_plane](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-| [aws_security_group_rule.egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_iam_policy_document.eks_assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
+| [aws_cloudwatch_log_group.eks](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/cloudwatch_log_group) | resource |
+| [aws_eks_cluster.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/eks_cluster) | resource |
+| [aws_iam_role.control_plane](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.control_plane](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_kms_alias.eks_key_alias](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/kms_alias) | resource |
+| [aws_kms_key.eks_key](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/kms_key) | resource |
+| [aws_security_group.control_plane](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/security_group) | resource |
+| [aws_security_group_rule.egress](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/security_group_rule) | resource |
+| [aws_iam_policy_document.eks_assume_role](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/iam_policy_document) | data source |
+| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/partition) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_auth_mode"></a> [auth\_mode](#input\_auth\_mode) | Authentiation mode associated with the cluster Access config | `string` | `"API_AND_CONFIG_MAP"` | no |
+| <a name="input_bootstrap_cluster_creator_admin_permission"></a> [bootstrap\_cluster\_creator\_admin\_permission](#input\_bootstrap\_cluster\_creator\_admin\_permission) | Bootstrap access config values to the cluster | `bool` | `false` | no |
 | <a name="input_enabled_cluster_log_types"></a> [enabled\_cluster\_log\_types](#input\_enabled\_cluster\_log\_types) | Which EKS control plane log types to enable | `list(string)` | <pre>[<br>  "api",<br>  "audit"<br>]</pre> | no |
 | <a name="input_endpoint_private_access"></a> [endpoint\_private\_access](#input\_endpoint\_private\_access) | Enables the Amazon EKS private API server endpoint. | `bool` | `false` | no |
 | <a name="input_endpoint_public_access"></a> [endpoint\_public\_access](#input\_endpoint\_public\_access) | Enables the Amazon EKS public API server endpoint. | `bool` | `true` | no |

diff --git a/aws/cluster/modules/eks-cluster/main.tf b/aws/cluster/modules/eks-cluster/main.tf
@@ -9,6 +9,11 @@ resource "aws_eks_cluster" "this" {
   tags                      = var.tags
   version                   = var.k8s_version
 
+  access_config {
+    authentication_mode                         = var.auth_mode
+    bootstrap_cluster_creator_admin_permissions = var.bootstrap_cluster_creator_admin_permission
+  }
+
   vpc_config {
     security_group_ids      = [aws_security_group.control_plane.id]
     subnet_ids              = concat(var.private_subnet_ids, var.public_subnet_ids)

diff --git a/aws/cluster/modules/eks-cluster/variables.tf b/aws/cluster/modules/eks-cluster/variables.tf
@@ -58,3 +58,15 @@ variable "vpc" {
   type        = object({ id = string })
   description = "VPC in which this cluster should run"
 }
+
+variable "auth_mode" {
+  type        = string
+  description = "Authentiation mode associated with the cluster Access config"
+  default     = "API_AND_CONFIG_MAP"
+}
+
+variable "bootstrap_cluster_creator_admin_permission" {
+  type        = bool
+  description = "Bootstrap access config values to the cluster"
+  default     = false
+}
diff --git a/aws/cluster/modules/eks-cluster/versions.tf b/aws/cluster/modules/eks-cluster/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "5.74.0"
     }
   }
 }
diff --git a/aws/cluster/modules/eks-node-group/README.md b/aws/cluster/modules/eks-node-group/README.md
@@ -4,20 +4,20 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [aws_eks_node_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group) | resource |
-| [aws_launch_template.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_template) | resource |
+| [aws_eks_node_group.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/eks_node_group) | resource |
+| [aws_launch_template.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/launch_template) | resource |
 
 ## Inputs
 

diff --git a/aws/cluster/modules/eks-node-group/versions.tf b/aws/cluster/modules/eks-node-group/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "5.74.0"
     }
   }
 }
diff --git a/aws/cluster/modules/eks-node-role/README.md b/aws/cluster/modules/eks-node-role/README.md
@@ -4,27 +4,27 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.ec2_container_registry_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_cloudwatch_agent_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_cni_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_ssm_instance_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_worker_node_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.eks_xray_writeonly_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
+| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.ec2_container_registry_policy](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.eks_cloudwatch_agent_policy](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.eks_cni_policy](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.eks_ssm_instance_policy](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.eks_worker_node_policy](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.eks_xray_writeonly_policy](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/iam_policy_document) | data source |
+| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/partition) | data source |
 
 ## Inputs
 

diff --git a/aws/cluster/modules/eks-node-role/versions.tf b/aws/cluster/modules/eks-node-role/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "5.74.0"
     }
   }
 }
diff --git a/aws/cluster/modules/k8s-oidc-provider/README.md b/aws/cluster/modules/k8s-oidc-provider/README.md
@@ -4,21 +4,21 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 | <a name="requirement_tls"></a> [tls](#requirement\_tls) | ~> 3.1 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 | <a name="provider_tls"></a> [tls](#provider\_tls) | ~> 3.1 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [aws_iam_openid_connect_provider.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_openid_connect_provider) | resource |
+| [aws_iam_openid_connect_provider.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/iam_openid_connect_provider) | resource |
 | [tls_certificate.this](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/data-sources/certificate) | data source |
 
 ## Inputs

diff --git a/aws/cluster/modules/k8s-oidc-provider/versions.tf b/aws/cluster/modules/k8s-oidc-provider/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "5.74.0"
     }
     tls = {
       version = "~> 3.1"

diff --git a/aws/cluster/variables.tf b/aws/cluster/variables.tf
@@ -1,3 +1,15 @@
+variable "auth_mode" {
+  type        = string
+  description = "Authentiation mode associated with the cluster Access config"
+  default     = "API_AND_CONFIG_MAP"
+}
+
+variable "bootstrap_cluster_creator_admin_permission" {
+  type        = bool
+  description = "Bootstrap access config values to the cluster"
+  default     = false
+}
+
 variable "enabled_cluster_log_types" {
   type        = list(string)
   default     = []

diff --git a/aws/cluster/versions.tf b/aws/cluster/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "5.74.0"
     }
   }
 }
diff --git a/aws/network-data/README.md b/aws/network-data/README.md
@@ -4,21 +4,21 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [aws_subnets.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source |
-| [aws_subnets.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source |
-| [aws_vpc.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
+| [aws_subnets.private](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/subnets) | data source |
+| [aws_subnets.public](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/subnets) | data source |
+| [aws_vpc.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/vpc) | data source |
 
 ## Inputs
 

diff --git a/aws/network-data/versions.tf b/aws/network-data/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "5.74.0"
     }
   }
 }
diff --git a/aws/network/README.md b/aws/network/README.md
@@ -54,13 +54,13 @@ module "network" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 
 ## Modules
 
@@ -77,8 +77,8 @@ module "network" {
 
 | Name | Type |
 |------|------|
-| [aws_internet_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/internet_gateway) | resource |
-| [aws_vpc.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
+| [aws_internet_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/internet_gateway) | resource |
+| [aws_vpc.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/data-sources/vpc) | data source |
 
 ## Inputs
 

diff --git a/aws/network/modules/nat-gateway/README.md b/aws/network/modules/nat-gateway/README.md
@@ -4,20 +4,20 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.8 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.74.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.74.0 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [aws_eip.nat](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource |
-| [aws_nat_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/nat_gateway) | resource |
+| [aws_eip.nat](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/eip) | resource |
+| [aws_nat_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/5.74.0/docs/resources/nat_gateway) | resource |
 
 ## Inputs
 

diff --git a/aws/network/modules/nat-gateway/versions.tf b/aws/network/modules/nat-gateway/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "5.74.0"
     }
   }
 }