[stg] upgrade AWS provider to 6

[ShotaKitazawa]

References

• notion.so - Upgrade Terraform AWS Provider to 6.x
• [dev] upgrade AWS provider to 6 #247

Note

resources for aws_service_discovery_service will be replaced. It's intended.

Ref. https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/service_discovery_service#:~:text=health_check_custom_config%20%2D%20(Optional%2C%20Deprecated%2C%20Forces%20new%20resource)%20Please%20use%20health_check_config%20instead.%20See%20health_check_custom_config%20Block%20for%20details.

[claude]

PR Review: AWS Provider Upgrade to 6.x

Summary

This PR upgrades the AWS provider from version 5.100.0 to 6.27.0 for the staging environment. The changes are focused and correctly address the breaking changes introduced in AWS provider 6.x.

Code Quality ✅

• Clean and focused: The PR makes only the necessary changes for the provider upgrade
• Proper version pinning: Uses exact version constraint (6.27.0) which is good for stability
• Lock file updated: The .terraform.lock.hcl file is properly regenerated with new hashes

Breaking Changes Addressed ✅

The PR correctly addresses a key breaking change in AWS provider 6.x:

• health_check_custom_config → health_check_config (vpc.tf:69, vpc.tf:84)
  • In provider 6.x, the health_check_custom_config block for aws_service_discovery_service was renamed to health_check_config
  • Both service discovery services (dreamkast_dk and redis) have been updated correctly

Potential Issues ⚠️

1. Production environment not updated

   • The production environment (dreamkast_infra/prod/) still uses AWS provider 5.100.0
   • dreamkast_infra/prod/vpc.tf:73 still uses health_check_custom_config
   • Recommendation: Create a follow-up PR to upgrade production, or consider upgrading both environments together to maintain consistency

2. Testing considerations

   • Recommendation: Before merging, ensure you run terraform plan in the staging environment to verify no unexpected changes
   • The attribute rename should be a seamless migration, but it's worth confirming no state changes are required

3. Other breaking changes to review

   • AWS provider 6.x has several other breaking changes that may affect other resources in your codebase
   • Recommendation: Review the AWS provider 6.x upgrade guide to ensure all breaking changes are addressed, particularly:
     • Changes to default values
     • Removed deprecated arguments
     • Changes to resource behavior

Security Concerns ✅

• No security issues identified
• The provider upgrade includes security patches and bug fixes from the newer version

Performance Considerations ✅

• No performance concerns
• Provider upgrades generally include performance improvements

Test Coverage

• No automated tests are visible in this repository
• Recommendation: Manual testing via terraform plan and terraform apply in a non-production environment is essential

Additional Recommendations

1. Consider a phased rollout:

   • Since this is a major version upgrade, consider testing thoroughly in staging before upgrading production
   • Monitor for any unexpected behavior after deployment

2. Document the upgrade:

   • The Notion link in the PR description is good
   • Consider documenting any issues encountered or lessons learned for future upgrades

3. Review all resources:

   • I only found changes needed for aws_service_discovery_service
   • A comprehensive review of all AWS resources in the staging directory would be prudent

Conclusion

The PR is well-executed for what it aims to do. The main concern is the inconsistency with the production environment. Once production is also upgraded (or a plan is in place), this should be safe to merge after thorough testing.

Status: ✅ Approve with recommendations

---

Reviewed by Claude Code

[jacopen]

LGTM