From 3fc2ed2af894d56593e148cc5a40cc29a482b0af Mon Sep 17 00:00:00 2001
From: Erez Tamam <erezo9@gmail.com>
Date: Mon, 18 Dec 2023 20:20:15 +0200
Subject: [PATCH 1/7] add dns_options dynamic block

---
 modules/vpc-endpoints/main.tf | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/modules/vpc-endpoints/main.tf b/modules/vpc-endpoints/main.tf
index 8c4b09c38..2af79e287 100644
--- a/modules/vpc-endpoints/main.tf
+++ b/modules/vpc-endpoints/main.tf
@@ -33,7 +33,13 @@ resource "aws_vpc_endpoint" "this" {
   route_table_ids     = try(each.value.service_type, "Interface") == "Gateway" ? lookup(each.value, "route_table_ids", null) : null
   policy              = try(each.value.policy, null)
   private_dns_enabled = try(each.value.service_type, "Interface") == "Interface" ? try(each.value.private_dns_enabled, null) : null
-
+  dynamic "dns_options" {
+    for_each = try(each.value.private_dns_enabled,false) ? [try(each.value.dns_options, {})] : []
+    content {
+      dns_record_ip_type = try(each.value.dns_options.dns_record_ip_type,null)
+      private_dns_only_for_inbound_resolver_endpoint = try(each.value.dns_options.private_dns_only_for_inbound_resolver_endpoint, false)
+    }
+  }
   tags = merge(var.tags, try(each.value.tags, {}))
 
   timeouts {

From 0b6bda036954413f8d1f7abdb4d147ef8d794908 Mon Sep 17 00:00:00 2001
From: Erez Tamam <erezo9@gmail.com>
Date: Mon, 18 Dec 2023 20:27:29 +0200
Subject: [PATCH 2/7] use fmt to format doc

---
 modules/vpc-endpoints/main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/vpc-endpoints/main.tf b/modules/vpc-endpoints/main.tf
index 2af79e287..c37771c31 100644
--- a/modules/vpc-endpoints/main.tf
+++ b/modules/vpc-endpoints/main.tf
@@ -34,9 +34,9 @@ resource "aws_vpc_endpoint" "this" {
   policy              = try(each.value.policy, null)
   private_dns_enabled = try(each.value.service_type, "Interface") == "Interface" ? try(each.value.private_dns_enabled, null) : null
   dynamic "dns_options" {
-    for_each = try(each.value.private_dns_enabled,false) ? [try(each.value.dns_options, {})] : []
+    for_each = try(each.value.private_dns_enabled, false) ? [try(each.value.dns_options, {})] : []
     content {
-      dns_record_ip_type = try(each.value.dns_options.dns_record_ip_type,null)
+      dns_record_ip_type                             = try(each.value.dns_options.dns_record_ip_type, null)
       private_dns_only_for_inbound_resolver_endpoint = try(each.value.dns_options.private_dns_only_for_inbound_resolver_endpoint, false)
     }
   }

From 3e1a697a05124a3b39e82e7710bf4598ef233119 Mon Sep 17 00:00:00 2001
From: Erez Tamam <erezo9@gmail.com>
Date: Mon, 18 Dec 2023 20:40:52 +0200
Subject: [PATCH 3/7] add example for complete

---
 examples/complete/main.tf | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 514355631..204489880 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -102,8 +102,12 @@ module "vpc_endpoints" {
 
   endpoints = {
     s3 = {
-      service = "s3"
-      tags    = { Name = "s3-vpc-endpoint" }
+      service             = "s3"
+      private_dns_enabled = true
+      dns_options = {
+        private_dns_only_for_inbound_resolver_endpoint = false
+      }
+      tags = { Name = "s3-vpc-endpoint" }
     },
     dynamodb = {
       service         = "dynamodb"

From 4d433a1721764285ef994c98e0e262c8ffa3c220 Mon Sep 17 00:00:00 2001
From: Erez Tamam <erezo9@gmail.com>
Date: Tue, 19 Dec 2023 04:50:07 +0200
Subject: [PATCH 4/7] fix condition to a better approach

---
 modules/vpc-endpoints/main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/vpc-endpoints/main.tf b/modules/vpc-endpoints/main.tf
index c37771c31..1fdfce76d 100644
--- a/modules/vpc-endpoints/main.tf
+++ b/modules/vpc-endpoints/main.tf
@@ -34,10 +34,10 @@ resource "aws_vpc_endpoint" "this" {
   policy              = try(each.value.policy, null)
   private_dns_enabled = try(each.value.service_type, "Interface") == "Interface" ? try(each.value.private_dns_enabled, null) : null
   dynamic "dns_options" {
-    for_each = try(each.value.private_dns_enabled, false) ? [try(each.value.dns_options, {})] : []
+    for_each = lookup(each.value, "dns_options", null) != null ? [each.value.dns_options] : []
     content {
       dns_record_ip_type                             = try(each.value.dns_options.dns_record_ip_type, null)
-      private_dns_only_for_inbound_resolver_endpoint = try(each.value.dns_options.private_dns_only_for_inbound_resolver_endpoint, false)
+      private_dns_only_for_inbound_resolver_endpoint = try(each.value.private_dns_enabled, false) ? try(each.value.dns_options.private_dns_only_for_inbound_resolver_endpoint, false) : null
     }
   }
   tags = merge(var.tags, try(each.value.tags, {}))

From 1892da039f083ce8c00837b9c1d8a2caca20ddda Mon Sep 17 00:00:00 2001
From: Erez Tamam <erezo9@gmail.com>
Date: Tue, 19 Dec 2023 06:37:22 +0200
Subject: [PATCH 5/7] add interface chek

---
 modules/vpc-endpoints/main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/vpc-endpoints/main.tf b/modules/vpc-endpoints/main.tf
index 1fdfce76d..c6c2a8e41 100644
--- a/modules/vpc-endpoints/main.tf
+++ b/modules/vpc-endpoints/main.tf
@@ -34,7 +34,7 @@ resource "aws_vpc_endpoint" "this" {
   policy              = try(each.value.policy, null)
   private_dns_enabled = try(each.value.service_type, "Interface") == "Interface" ? try(each.value.private_dns_enabled, null) : null
   dynamic "dns_options" {
-    for_each = lookup(each.value, "dns_options", null) != null ? [each.value.dns_options] : []
+    for_each = try(each.value.service_type, "Interface") == "Interface" ? lookup(each.value, "dns_options", null) != null ? [each.value.dns_options] : [] : []
     content {
       dns_record_ip_type                             = try(each.value.dns_options.dns_record_ip_type, null)
       private_dns_only_for_inbound_resolver_endpoint = try(each.value.private_dns_enabled, false) ? try(each.value.dns_options.private_dns_only_for_inbound_resolver_endpoint, false) : null

From 80325c64e09ce398bb5bdcdc1b7132b36aeabeea Mon Sep 17 00:00:00 2001
From: Erez Tamam <erezo9@gmail.com>
Date: Tue, 19 Dec 2023 06:56:07 +0200
Subject: [PATCH 6/7] add empty brackets for default values

---
 modules/vpc-endpoints/main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/vpc-endpoints/main.tf b/modules/vpc-endpoints/main.tf
index c6c2a8e41..8c80626e1 100644
--- a/modules/vpc-endpoints/main.tf
+++ b/modules/vpc-endpoints/main.tf
@@ -34,7 +34,7 @@ resource "aws_vpc_endpoint" "this" {
   policy              = try(each.value.policy, null)
   private_dns_enabled = try(each.value.service_type, "Interface") == "Interface" ? try(each.value.private_dns_enabled, null) : null
   dynamic "dns_options" {
-    for_each = try(each.value.service_type, "Interface") == "Interface" ? lookup(each.value, "dns_options", null) != null ? [each.value.dns_options] : [] : []
+    for_each = try(each.value.service_type, "Interface") == "Interface" ? lookup(each.value, "dns_options", null) != null ? [each.value.dns_options] : [{}] : []
     content {
       dns_record_ip_type                             = try(each.value.dns_options.dns_record_ip_type, null)
       private_dns_only_for_inbound_resolver_endpoint = try(each.value.private_dns_enabled, false) ? try(each.value.dns_options.private_dns_only_for_inbound_resolver_endpoint, false) : null

From 2027ebc8529cd8b02973a57ab31686524e167200 Mon Sep 17 00:00:00 2001
From: Bryant Biggs <bryantbiggs@gmail.com>
Date: Tue, 9 Jan 2024 15:46:36 -0500
Subject: [PATCH 7/7] fix: Increase provider MSV to support, correct looping
 logic

---
 .pre-commit-config.yaml                    | 4 ++--
 README.md                                  | 4 ++--
 examples/complete/README.md                | 4 ++--
 examples/complete/versions.tf              | 2 +-
 examples/ipam/README.md                    | 4 ++--
 examples/ipam/versions.tf                  | 2 +-
 examples/ipv6-dualstack/README.md          | 4 ++--
 examples/ipv6-dualstack/versions.tf        | 2 +-
 examples/ipv6-only/README.md               | 4 ++--
 examples/ipv6-only/versions.tf             | 2 +-
 examples/issues/README.md                  | 4 ++--
 examples/issues/versions.tf                | 2 +-
 examples/manage-default-vpc/README.md      | 2 +-
 examples/manage-default-vpc/versions.tf    | 2 +-
 examples/network-acls/README.md            | 4 ++--
 examples/network-acls/versions.tf          | 2 +-
 examples/outpost/README.md                 | 4 ++--
 examples/outpost/versions.tf               | 2 +-
 examples/secondary-cidr-blocks/README.md   | 4 ++--
 examples/secondary-cidr-blocks/versions.tf | 2 +-
 examples/separate-route-tables/README.md   | 4 ++--
 examples/separate-route-tables/versions.tf | 2 +-
 examples/simple/README.md                  | 4 ++--
 examples/simple/versions.tf                | 2 +-
 examples/vpc-flow-logs/README.md           | 4 ++--
 examples/vpc-flow-logs/versions.tf         | 2 +-
 modules/vpc-endpoints/README.md            | 4 ++--
 modules/vpc-endpoints/main.tf              | 7 +++++--
 modules/vpc-endpoints/versions.tf          | 2 +-
 versions.tf                                | 2 +-
 30 files changed, 48 insertions(+), 45 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 0f3428382..74b0a6bcd 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.81.0
+    rev: v1.86.0
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
@@ -23,7 +23,7 @@ repos:
           - '--args=--only=terraform_standard_module_structure'
           - '--args=--only=terraform_workspace_remote'
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
+    rev: v4.5.0
     hooks:
       - id: check-merge-conflict
       - id: end-of-file-fixer
diff --git a/README.md b/README.md
index f154534c0..371702918 100644
--- a/README.md
+++ b/README.md
@@ -256,13 +256,13 @@ Full contributing [guidelines are covered here](.github/contributing.md).
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/complete/README.md b/examples/complete/README.md
index d6e4eb4a8..4d359dd89 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -22,13 +22,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/ipam/README.md b/examples/ipam/README.md
index 07373875a..2aa0998e6 100644
--- a/examples/ipam/README.md
+++ b/examples/ipam/README.md
@@ -30,13 +30,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/ipam/versions.tf b/examples/ipam/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/ipam/versions.tf
+++ b/examples/ipam/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/ipv6-dualstack/README.md b/examples/ipv6-dualstack/README.md
index 3318683ec..9b99735f5 100644
--- a/examples/ipv6-dualstack/README.md
+++ b/examples/ipv6-dualstack/README.md
@@ -20,13 +20,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/ipv6-dualstack/versions.tf b/examples/ipv6-dualstack/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/ipv6-dualstack/versions.tf
+++ b/examples/ipv6-dualstack/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/ipv6-only/README.md b/examples/ipv6-only/README.md
index eb8cea2e0..fca0b6799 100644
--- a/examples/ipv6-only/README.md
+++ b/examples/ipv6-only/README.md
@@ -20,13 +20,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/ipv6-only/versions.tf b/examples/ipv6-only/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/ipv6-only/versions.tf
+++ b/examples/ipv6-only/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/issues/README.md b/examples/issues/README.md
index 92cc3a4ca..6ec13c86f 100644
--- a/examples/issues/README.md
+++ b/examples/issues/README.md
@@ -25,13 +25,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/issues/versions.tf b/examples/issues/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/issues/versions.tf
+++ b/examples/issues/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/manage-default-vpc/README.md b/examples/manage-default-vpc/README.md
index 0c506f33f..c37171dc9 100644
--- a/examples/manage-default-vpc/README.md
+++ b/examples/manage-default-vpc/README.md
@@ -22,7 +22,7 @@ Run `terraform destroy` when you don't need these resources.
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
diff --git a/examples/manage-default-vpc/versions.tf b/examples/manage-default-vpc/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/manage-default-vpc/versions.tf
+++ b/examples/manage-default-vpc/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/network-acls/README.md b/examples/network-acls/README.md
index 4e6ca7a0c..f0fa51948 100644
--- a/examples/network-acls/README.md
+++ b/examples/network-acls/README.md
@@ -24,13 +24,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/network-acls/versions.tf b/examples/network-acls/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/network-acls/versions.tf
+++ b/examples/network-acls/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/outpost/README.md b/examples/outpost/README.md
index 8c7173bb9..6d3ca4d47 100644
--- a/examples/outpost/README.md
+++ b/examples/outpost/README.md
@@ -24,13 +24,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/outpost/versions.tf b/examples/outpost/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/outpost/versions.tf
+++ b/examples/outpost/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/secondary-cidr-blocks/README.md b/examples/secondary-cidr-blocks/README.md
index 5054d43f9..176b774ce 100644
--- a/examples/secondary-cidr-blocks/README.md
+++ b/examples/secondary-cidr-blocks/README.md
@@ -22,13 +22,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/secondary-cidr-blocks/versions.tf b/examples/secondary-cidr-blocks/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/secondary-cidr-blocks/versions.tf
+++ b/examples/secondary-cidr-blocks/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/separate-route-tables/README.md b/examples/separate-route-tables/README.md
index 57ee751f9..063a51dde 100644
--- a/examples/separate-route-tables/README.md
+++ b/examples/separate-route-tables/README.md
@@ -22,13 +22,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/separate-route-tables/versions.tf b/examples/separate-route-tables/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/separate-route-tables/versions.tf
+++ b/examples/separate-route-tables/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/simple/README.md b/examples/simple/README.md
index 0d5658b4a..9fb29e7f2 100644
--- a/examples/simple/README.md
+++ b/examples/simple/README.md
@@ -26,13 +26,13 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/examples/simple/versions.tf b/examples/simple/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/examples/simple/versions.tf
+++ b/examples/simple/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/examples/vpc-flow-logs/README.md b/examples/vpc-flow-logs/README.md
index d0cb120a8..47bc8bc94 100644
--- a/examples/vpc-flow-logs/README.md
+++ b/examples/vpc-flow-logs/README.md
@@ -24,14 +24,14 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 2.0 |
 
 ## Modules
diff --git a/examples/vpc-flow-logs/versions.tf b/examples/vpc-flow-logs/versions.tf
index 383652286..0ac52370c 100644
--- a/examples/vpc-flow-logs/versions.tf
+++ b/examples/vpc-flow-logs/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
 
     random = {
diff --git a/modules/vpc-endpoints/README.md b/modules/vpc-endpoints/README.md
index a59292ae8..235cef659 100644
--- a/modules/vpc-endpoints/README.md
+++ b/modules/vpc-endpoints/README.md
@@ -56,13 +56,13 @@ module "endpoints" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.20 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.20 |
 
 ## Modules
 
diff --git a/modules/vpc-endpoints/main.tf b/modules/vpc-endpoints/main.tf
index 8c80626e1..096f077fc 100644
--- a/modules/vpc-endpoints/main.tf
+++ b/modules/vpc-endpoints/main.tf
@@ -33,13 +33,16 @@ resource "aws_vpc_endpoint" "this" {
   route_table_ids     = try(each.value.service_type, "Interface") == "Gateway" ? lookup(each.value, "route_table_ids", null) : null
   policy              = try(each.value.policy, null)
   private_dns_enabled = try(each.value.service_type, "Interface") == "Interface" ? try(each.value.private_dns_enabled, null) : null
+
   dynamic "dns_options" {
-    for_each = try(each.value.service_type, "Interface") == "Interface" ? lookup(each.value, "dns_options", null) != null ? [each.value.dns_options] : [{}] : []
+    for_each = try([each.value.dns_options], [])
+
     content {
       dns_record_ip_type                             = try(each.value.dns_options.dns_record_ip_type, null)
-      private_dns_only_for_inbound_resolver_endpoint = try(each.value.private_dns_enabled, false) ? try(each.value.dns_options.private_dns_only_for_inbound_resolver_endpoint, false) : null
+      private_dns_only_for_inbound_resolver_endpoint = try(each.value.private_dns_only_for_inbound_resolver_endpoint, null)
     }
   }
+
   tags = merge(var.tags, try(each.value.tags, {}))
 
   timeouts {
diff --git a/modules/vpc-endpoints/versions.tf b/modules/vpc-endpoints/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/modules/vpc-endpoints/versions.tf
+++ b/modules/vpc-endpoints/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }
diff --git a/versions.tf b/versions.tf
index ddfcb0e05..f8fba3dfd 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.20"
     }
   }
 }