feat: support deleting default VPCs in multiple regions

[RoseSecurity]

what

This pull request enhances the awsutils_default_vpc_deletion resource to support deleting default VPCs in multiple or specific AWS regions, rather than being limited to the provider's default region. It also refactors the implementation to allow specifying the region per resource and improves documentation and logging.

Multi-region and region-specific support:

• Added a region argument to the awsutils_default_vpc_deletion resource, allowing users to specify which AWS region's default VPC to delete. If not specified, it defaults to the provider's region.
• Updated the example Terraform configuration (resource.tf) to show how to delete the default VPC in a specific region, and how to delete default VPCs in multiple regions using for_each and a regions variable.

Implementation refactoring:

• Introduced a helper function getEC2ConnForRegion to obtain an EC2 client for a specific region, supporting the new region argument in resource operations.
• Refactored resource CRUD methods (Create, Read, and Delete) to use the region-aware EC2 connection, and to store the region in Terraform state. [1] [2] [3] [4]

Documentation and logging:

• Updated resource documentation to clarify that deletion occurs in the specified region, not just the provider's region.
• Improved log messages to include the region and account when deleting a default VPC.

why

• Add support for specifying a region in the awsutils_default_vpc_deletion resource, allowing deletion of default VPCs outside the provider's default region. Example usage for multiple regions and for_each is included. Updates resource schema and logic to handle the new region argument.

references

Closes #92

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

📝 Walkthrough

Walkthrough

This pull request adds multi-region support to the default VPC deletion resource. A new optional region parameter is added to the resource schema, along with region-aware EC2 connection logic that resolves the appropriate region. An example configuration demonstrates using for_each to delete default VPCs across multiple regions with a single provider instance.

Changes

Cohort / File(s)	Summary
Example Configuration examples/resources/awsutils_default_vpc_deletion/resource.tf	Adds a new regions variable with a list of AWS regions and introduces two resource blocks: eu_west_1 targeting a single region, and all_regions using for_each to iterate over the regions list, demonstrating multi-region deletion patterns.
Resource Implementation internal/service/ec2/resource_default_vpc_deletion.go	Introduces a new getEC2ConnForRegion() function that returns an EC2 client configured for a specified region or falls back to the provider's default region. Adds optional region field to the resource schema and updates resourceDefaultVpcDeletionCreate(), resourceDefaultVpcDeletionRead(), and resourceDefaultVpcDeletionDelete() to use region-aware connections and persist the resolved region in state.
Unit Tests internal/service/ec2/resource_default_vpc_deletion_test.go	Adds three test cases validating getEC2ConnForRegion() behavior: when no region is specified (falls back to provider region), when a region is explicitly set (creates region-specific EC2 client), and when region is an empty string (uses provider region). Tests verify region resolution precedence and client configuration correctness.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 12.50% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main feature: adding multi-region support to the default VPC deletion resource.
Description check	✅ Passed	The description comprehensively explains the changes, including multi-region support, implementation details, and references the related issue.
Linked Issues check	✅ Passed	The PR fully implements issue #92 requirements: adds region parameter to resource, enables multi-region operations, and includes examples with for_each patterns.
Out of Scope Changes check	✅ Passed	All changes align with the objective of adding region support; no extraneous modifications detected beyond the scope of issue #92.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch support-regional-resources

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@internal/service/ec2/resource_default_vpc_deletion_test.go`:
- Around line 92-94: The test currently dereferences conn.Config.Region without
checking for nil; update the assertion around the EC2 client region (the block
that uses conn.Config.Region) to first verify conn.Config and conn.Config.Region
are not nil and fail the test with a clear message if they are (e.g., t.Fatalf
or t.Errorf), otherwise proceed to compare *conn.Config.Region with
resourceRegion; reference the conn variable and its Config.Region field when
adding the nil checks.

🧹 Nitpick comments (2)

examples/resources/awsutils_default_vpc_deletion/resource.tf (1)

26-47: Consider documenting the duplicate region overlap.

eu-west-1 appears in both the single-region example (line 23) and the var.regions list (line 35). When both resources are applied together, this would attempt to delete the same default VPC twice. Consider adding a comment noting this is intentional for demonstration purposes, or removing the duplicate from var.regions.

internal/service/ec2/resource_default_vpc_deletion.go (1)

129-132: Consider adding region context to the delete log message.

For consistency with the Create log (line 92), include region information in the Delete log message.

Proposed enhancement

 func resourceDefaultVpcDeletionDelete(d *schema.ResourceData, meta any) error {
-	log.Printf("[INFO] Removing default VPC deletion state")
+	region := d.Get("region").(string)
+	log.Printf("[INFO] Removing default VPC deletion state for region %s", region)
 	return nil
 }

[mergify]

Important

Cloud Posse Engineering Team Review Required

This pull request modifies files that require Cloud Posse's review. Please be patient, and a core maintainer will review your changes.

To expedite this process, reach out to us on Slack in the #pr-reviews channel.