Supporting other partitions, e.g. GovCloud?

[lorengordon]

Hello, I was curious if you had ideas on patterns for how this module might be used or extended to support partitions other than aws? In particular, aws-us-gov, but there is also aws-cn, aws-iso, and aws-iso-b.

Right now, the module has providers aliased with names specific to each region... I suppose we could effectively ignore that? For example, in our root module map a us-gov-west-1 provider to the aliased us-west-1 provider, us-gov-east-1 to us-east-1, and use var.target_regions to scope things to just those two regions...

Or would it make more sense to just add aliased providers for each region in other partitions to this module? Or to somehow create another module or layer of abstraction for each partition?

[nozaq]

@lorengordon
Mapping different regions to aliases should just work because this module setup same resources for aliased providers. I'm afraid additiing aliased providers for those partitions, however, would be troublesome because users would be required to provide these aliases even if they don't activate them in their accounts.

Originally I had no plan to support those partitions simply because I haven't had any chance working with them. I'm happy to discuss if you have any idea or propsal though!

[lorengordon]

@nozaq With the limitations on using expressions when specifying values for the provider/providers attributes of resources/modules, it is hard to see how to make it work with a single top-level module... I could maybe see how we could have partition-specific modules, each defining all the aliased providers for the regions in each partition. Perhaps the top-level module then becomes a single-region, single-provider wrapper around all the "baseline" modules? Something like:

$ tree .
.
└── modules
    ├── baselines
    │   ├── alarm
    │   ├── analyzer
    │   ├── cloudtrail
    │   ├── config
    │   ├── ebs
    │   ├── guardduty
    │   ├── iam
    │   ├── secure-bucket
    │   ├── securityhub
    │   └── vpc
    └── partitions
        ├── aws
        ├── aws-cn
        ├── aws-iso
        ├── aws-iso-b
        └── aws-us-gov