Fix/stackittpr 102 objectstorage handling region in individual resources (#711)

* Revert "fix: make resource/data-source specific region attribute read-only (#682)" This reverts commit 3e8dcc542b. * fix: Support individual regions * fix: review findings
2025-03-12 10:49:47 +01:00 · 2025-03-12 10:49:47 +01:00 · c257ac49e2
commit c257ac49e2
parent 81f876adea
105 changed files with 176 additions and 143 deletions
--- a/stackit/internal/core/core.go
+++ b/stackit/internal/core/core.go
@ -14,9 +14,11 @@ import (
 const Separator = ","

 type ProviderData struct {
-	RoundTripper                    http.RoundTripper
-	ServiceAccountEmail             string // Deprecated: ServiceAccountEmail is not required and will be removed after 12th June 2025.
+	RoundTripper        http.RoundTripper
+	ServiceAccountEmail string // Deprecated: ServiceAccountEmail is not required and will be removed after 12th June 2025.
+	// Deprecated: Use DefaultRegion instead
 	Region                          string
+	DefaultRegion                   string
 	ArgusCustomEndpoint             string
 	AuthorizationCustomEndpoint     string
 	DnsCustomEndpoint               string
@ -41,6 +43,17 @@ type ProviderData struct {
 	EnableBetaResources             bool
 }

+// GetRegion returns the effective region for the provider, falling back to the deprecated _region_ attribute
+func (pd *ProviderData) GetRegion() string {
+	if pd.DefaultRegion != "" {
+		return pd.DefaultRegion
+	} else if pd.Region != "" {
+		return pd.Region
+	}
+	// final fallback
+	return "eu01"
+}
+
 // DiagsToError Converts TF diagnostics' errors into an error with a human-readable description.
 // If there are no errors, the output is nil
 func DiagsToError(diags diag.Diagnostics) error {
--- a/stackit/internal/services/argus/credential/resource.go
+++ b/stackit/internal/services/argus/credential/resource.go
@ -73,7 +73,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = argus.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/argus/instance/datasource.go
+++ b/stackit/internal/services/argus/instance/datasource.go
@ -62,7 +62,7 @@ func (d *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = argus.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/argus/instance/resource.go
+++ b/stackit/internal/services/argus/instance/resource.go
@ -362,7 +362,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = argus.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/argus/scrapeconfig/datasource.go
+++ b/stackit/internal/services/argus/scrapeconfig/datasource.go
@ -64,7 +64,7 @@ func (d *scrapeConfigDataSource) Configure(ctx context.Context, req datasource.C
 	} else {
 		apiClient, err = argus.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/argus/scrapeconfig/resource.go
+++ b/stackit/internal/services/argus/scrapeconfig/resource.go
@ -137,7 +137,7 @@ func (r *scrapeConfigResource) Configure(ctx context.Context, req resource.Confi
 	} else {
 		apiClient, err = argus.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/affinitygroup/datasource.go
+++ b/stackit/internal/services/iaas/affinitygroup/datasource.go
@ -68,7 +68,7 @@ func (d *affinityGroupDatasource) Configure(ctx context.Context, req datasource.
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/affinitygroup/resource.go
+++ b/stackit/internal/services/iaas/affinitygroup/resource.go
@ -94,7 +94,7 @@ func (r *affinityGroupResource) Configure(ctx context.Context, req resource.Conf
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/image/datasource.go
+++ b/stackit/internal/services/iaas/image/datasource.go
@ -93,7 +93,7 @@ func (d *imageDataSource) Configure(ctx context.Context, req datasource.Configur
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/image/resource.go
+++ b/stackit/internal/services/iaas/image/resource.go
@ -153,7 +153,7 @@ func (r *imageResource) Configure(ctx context.Context, req resource.ConfigureReq
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/keypair/datasource.go
+++ b/stackit/internal/services/iaas/keypair/datasource.go
@ -72,7 +72,7 @@ func (d *keyPairDataSource) Configure(ctx context.Context, req datasource.Config
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/keypair/resource.go
+++ b/stackit/internal/services/iaas/keypair/resource.go
@ -89,7 +89,7 @@ func (r *keyPairResource) Configure(ctx context.Context, req resource.ConfigureR
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/network/datasource.go
+++ b/stackit/internal/services/iaas/network/datasource.go
@ -86,7 +86,7 @@ func (d *networkDataSource) Configure(ctx context.Context, req datasource.Config
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/network/resource.go
+++ b/stackit/internal/services/iaas/network/resource.go
@ -100,7 +100,7 @@ func (r *networkResource) Configure(ctx context.Context, req resource.ConfigureR
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/networkarea/datasource.go
+++ b/stackit/internal/services/iaas/networkarea/datasource.go
@ -77,7 +77,7 @@ func (d *networkAreaDataSource) Configure(ctx context.Context, req datasource.Co
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/networkarea/resource.go
+++ b/stackit/internal/services/iaas/networkarea/resource.go
@ -118,7 +118,7 @@ func (r *networkAreaResource) Configure(ctx context.Context, req resource.Config
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/networkarearoute/datasource.go
+++ b/stackit/internal/services/iaas/networkarearoute/datasource.go
@ -74,7 +74,7 @@ func (d *networkAreaRouteDataSource) Configure(ctx context.Context, req datasour
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/networkarearoute/resource.go
+++ b/stackit/internal/services/iaas/networkarearoute/resource.go
@ -93,7 +93,7 @@ func (r *networkAreaRouteResource) Configure(ctx context.Context, req resource.C
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/networkinterface/datasource.go
+++ b/stackit/internal/services/iaas/networkinterface/datasource.go
@ -75,7 +75,7 @@ func (d *networkInterfaceDataSource) Configure(ctx context.Context, req datasour
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/networkinterface/resource.go
+++ b/stackit/internal/services/iaas/networkinterface/resource.go
@ -103,7 +103,7 @@ func (r *networkInterfaceResource) Configure(ctx context.Context, req resource.C
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/networkinterfaceattach/resource.go
+++ b/stackit/internal/services/iaas/networkinterfaceattach/resource.go
@ -88,7 +88,7 @@ func (r *networkInterfaceAttachResource) Configure(ctx context.Context, req reso
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/publicip/datasource.go
+++ b/stackit/internal/services/iaas/publicip/datasource.go
@ -74,7 +74,7 @@ func (d *publicIpDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/publicip/resource.go
+++ b/stackit/internal/services/iaas/publicip/resource.go
@ -92,7 +92,7 @@ func (r *publicIpResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/publicipassociate/resource.go
+++ b/stackit/internal/services/iaas/publicipassociate/resource.go
@ -90,7 +90,7 @@ func (r *publicIpAssociateResource) Configure(ctx context.Context, req resource.
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/publicipranges/datasource.go
+++ b/stackit/internal/services/iaas/publicipranges/datasource.go
@ -87,7 +87,7 @@ func (d *publicIpRangesDataSource) Configure(ctx context.Context, req datasource
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/securitygroup/datasource.go
+++ b/stackit/internal/services/iaas/securitygroup/datasource.go
@ -74,7 +74,7 @@ func (d *securityGroupDataSource) Configure(ctx context.Context, req datasource.
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/securitygroup/resource.go
+++ b/stackit/internal/services/iaas/securitygroup/resource.go
@ -96,7 +96,7 @@ func (r *securityGroupResource) Configure(ctx context.Context, req resource.Conf
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/securitygrouprule/datasource.go
+++ b/stackit/internal/services/iaas/securitygrouprule/datasource.go
@ -74,7 +74,7 @@ func (d *securityGroupRuleDataSource) Configure(ctx context.Context, req datasou
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/securitygrouprule/resource.go
+++ b/stackit/internal/services/iaas/securitygrouprule/resource.go
@ -140,7 +140,7 @@ func (r *securityGroupRuleResource) Configure(ctx context.Context, req resource.
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/server/datasource.go
+++ b/stackit/internal/services/iaas/server/datasource.go
@ -98,7 +98,7 @@ func (d *serverDataSource) Configure(ctx context.Context, req datasource.Configu
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/server/resource.go
+++ b/stackit/internal/services/iaas/server/resource.go
@ -181,7 +181,7 @@ func (r *serverResource) Configure(ctx context.Context, req resource.ConfigureRe
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/serviceaccountattach/resource.go
+++ b/stackit/internal/services/iaas/serviceaccountattach/resource.go
@ -88,7 +88,7 @@ func (r *networkInterfaceAttachResource) Configure(ctx context.Context, req reso
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/volume/datasource.go
+++ b/stackit/internal/services/iaas/volume/datasource.go
@ -75,7 +75,7 @@ func (d *volumeDataSource) Configure(ctx context.Context, req datasource.Configu
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/iaas/volume/resource.go
+++ b/stackit/internal/services/iaas/volume/resource.go
@ -129,7 +129,7 @@ func (r *volumeResource) Configure(ctx context.Context, req resource.ConfigureRe
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/iaas/volumeattach/resource.go
+++ b/stackit/internal/services/iaas/volumeattach/resource.go
@ -90,7 +90,7 @@ func (r *volumeAttachResource) Configure(ctx context.Context, req resource.Confi
 	} else {
 		apiClient, err = iaas.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/loadbalancer/credential/resource.go
+++ b/stackit/internal/services/loadbalancer/credential/resource.go
@ -78,7 +78,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = loadbalancer.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/loadbalancer/loadbalancer/datasource.go
+++ b/stackit/internal/services/loadbalancer/loadbalancer/datasource.go
@ -64,7 +64,7 @@ func (r *loadBalancerDataSource) Configure(ctx context.Context, req datasource.C
 	} else {
 		apiClient, err = loadbalancer.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/loadbalancer/loadbalancer/resource.go
+++ b/stackit/internal/services/loadbalancer/loadbalancer/resource.go
@ -205,7 +205,7 @@ func (r *loadBalancerResource) Configure(ctx context.Context, req resource.Confi
 	} else {
 		apiClient, err = loadbalancer.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/loadbalancer/observability-credential/resource.go
+++ b/stackit/internal/services/loadbalancer/observability-credential/resource.go
@ -78,7 +78,7 @@ func (r *observabilityCredentialResource) Configure(ctx context.Context, req res
 	} else {
 		apiClient, err = loadbalancer.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/logme/credential/datasource.go
+++ b/stackit/internal/services/logme/credential/datasource.go
@ -60,7 +60,7 @@ func (r *credentialDataSource) Configure(ctx context.Context, req datasource.Con
 	} else {
 		apiClient, err = logme.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/logme/credential/resource.go
+++ b/stackit/internal/services/logme/credential/resource.go
@ -80,7 +80,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = logme.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/logme/instance/datasource.go
+++ b/stackit/internal/services/logme/instance/datasource.go
@ -61,7 +61,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = logme.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/logme/instance/resource.go
+++ b/stackit/internal/services/logme/instance/resource.go
@ -142,7 +142,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = logme.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mariadb/credential/datasource.go
+++ b/stackit/internal/services/mariadb/credential/datasource.go
@ -61,7 +61,7 @@ func (r *credentialDataSource) Configure(ctx context.Context, req datasource.Con
 	} else {
 		apiClient, err = mariadb.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mariadb/credential/resource.go
+++ b/stackit/internal/services/mariadb/credential/resource.go
@ -83,7 +83,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = mariadb.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mariadb/instance/datasource.go
+++ b/stackit/internal/services/mariadb/instance/datasource.go
@ -61,7 +61,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = mariadb.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mariadb/instance/resource.go
+++ b/stackit/internal/services/mariadb/instance/resource.go
@ -112,7 +112,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = mariadb.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mongodbflex/instance/datasource.go
+++ b/stackit/internal/services/mongodbflex/instance/datasource.go
@ -62,7 +62,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = mongodbflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mongodbflex/instance/resource.go
+++ b/stackit/internal/services/mongodbflex/instance/resource.go
@ -144,7 +144,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = mongodbflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mongodbflex/user/datasource.go
+++ b/stackit/internal/services/mongodbflex/user/datasource.go
@ -75,7 +75,7 @@ func (r *userDataSource) Configure(ctx context.Context, req datasource.Configure
 	} else {
 		apiClient, err = mongodbflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/mongodbflex/user/resource.go
+++ b/stackit/internal/services/mongodbflex/user/resource.go
@ -83,7 +83,7 @@ func (r *userResource) Configure(ctx context.Context, req resource.ConfigureRequ
 	} else {
 		apiClient, err = mongodbflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/objectstorage/bucket/datasource.go
+++ b/stackit/internal/services/objectstorage/bucket/datasource.go
@ -84,7 +84,7 @@ func (r *bucketDataSource) Schema(_ context.Context, _ datasource.SchemaRequest,
 		"project_id":               "STACKIT Project ID to which the bucket is associated.",
 		"url_path_style":           "URL in path style.",
 		"url_virtual_hosted_style": "URL in virtual hosted style.",
-		"region":                   "The resource region. Read-only attribute that reflects the provider region.",
+		"region":                   "The resource region. If not defined, the provider region is used.",
 	}

 	resp.Schema = schema.Schema{
@ -117,8 +117,7 @@ func (r *bucketDataSource) Schema(_ context.Context, _ datasource.SchemaRequest,
 			},
 			"region": schema.StringAttribute{
 				// the region cannot be found automatically, so it has to be passed
-				Optional:    false,
-				Computed:    true,
+				Optional:    true,
 				Description: descriptions["region"],
 			},
 		},
@ -137,7 +136,7 @@ func (r *bucketDataSource) Read(ctx context.Context, req datasource.ReadRequest,
 	bucketName := model.Name.ValueString()
 	var region string
 	if utils.IsUndefined(model.Region) {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	} else {
 		region = model.Region.ValueString()
 	}
--- a/stackit/internal/services/objectstorage/bucket/resource.go
+++ b/stackit/internal/services/objectstorage/bucket/resource.go
@ -71,7 +71,7 @@ func (r *bucketResource) ModifyPlan(ctx context.Context, req resource.ModifyPlan
 		return
 	}

-	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.Region, resp)
+	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.GetRegion(), resp)
 	if resp.Diagnostics.HasError() {
 		return
 	}
@ -132,7 +132,7 @@ func (r *bucketResource) Schema(_ context.Context, _ resource.SchemaRequest, res
 		"project_id":               "STACKIT Project ID to which the bucket is associated.",
 		"url_path_style":           "URL in path style.",
 		"url_virtual_hosted_style": "URL in virtual hosted style.",
-		"region":                   "The resource region. Read-only attribute that reflects the provider region.",
+		"region":                   "The resource region. If not defined, the provider region is used.",
 	}

 	resp.Schema = schema.Schema{
@ -175,7 +175,7 @@ func (r *bucketResource) Schema(_ context.Context, _ resource.SchemaRequest, res
 				Computed: true,
 			},
 			"region": schema.StringAttribute{
-				Optional: false,
+				Optional: true,
 				// must be computed to allow for storing the override value from the provider
 				Computed:    true,
 				Description: descriptions["region"],
@ -249,7 +249,7 @@ func (r *bucketResource) Read(ctx context.Context, req resource.ReadRequest, res
 	bucketName := model.Name.ValueString()
 	region := model.Region.ValueString()
 	if region == "" {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	}

 	ctx = tflog.SetField(ctx, "project_id", projectId)
--- a/stackit/internal/services/objectstorage/credential/datasource.go
+++ b/stackit/internal/services/objectstorage/credential/datasource.go
@ -79,7 +79,7 @@ func (r *credentialDataSource) Schema(_ context.Context, _ datasource.SchemaRequ
 		"credential_id":        "The credential ID.",
 		"credentials_group_id": "The credential group ID.",
 		"project_id":           "STACKIT Project ID to which the credential group is associated.",
-		"region":               "The resource region. Read-only attribute that reflects the provider region.",
+		"region":               "The resource region. If not defined, the provider region is used.",
 	}

 	resp.Schema = schema.Schema{
@ -116,8 +116,7 @@ func (r *credentialDataSource) Schema(_ context.Context, _ datasource.SchemaRequ
 			},
 			"region": schema.StringAttribute{
 				// the region cannot be found automatically, so it has to be passed
-				Optional:    false,
-				Computed:    true,
+				Optional:    true,
 				Description: descriptions["region"],
 			},
 		},
@ -138,7 +137,7 @@ func (r *credentialDataSource) Read(ctx context.Context, req datasource.ReadRequ
 	credentialId := model.CredentialId.ValueString()
 	var region string
 	if utils.IsUndefined(model.Region) {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	} else {
 		region = model.Region.ValueString()
 	}
--- a/stackit/internal/services/objectstorage/credential/resource.go
+++ b/stackit/internal/services/objectstorage/credential/resource.go
@ -87,7 +87,7 @@ func (r *credentialResource) modifyPlanRegion(ctx context.Context, req *resource
 		return
 	}

-	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.Region, resp)
+	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.GetRegion(), resp)
 	if resp.Diagnostics.HasError() {
 		return
 	}
@ -176,7 +176,7 @@ func (r *credentialResource) Schema(_ context.Context, _ resource.SchemaRequest,
 		"credentials_group_id": "The credential group ID.",
 		"project_id":           "STACKIT Project ID to which the credential group is associated.",
 		"expiration_timestamp": "Expiration timestamp, in RFC339 format without fractional seconds. Example: \"2025-01-01T00:00:00Z\". If not set, the credential never expires.",
-		"region":               "The resource region. Read-only attribute that reflects the provider region.",
+		"region":               "The resource region. If not defined, the provider region is used.",
 	}

 	resp.Schema = schema.Schema{
@ -246,7 +246,7 @@ func (r *credentialResource) Schema(_ context.Context, _ resource.SchemaRequest,
 				},
 			},
 			"region": schema.StringAttribute{
-				Optional: false,
+				Optional: true,
 				// must be computed to allow for storing the override value from the provider
 				Computed:    true,
 				Description: descriptions["region"],
@ -349,7 +349,7 @@ func (r *credentialResource) Read(ctx context.Context, req resource.ReadRequest,
 	credentialId := model.CredentialId.ValueString()
 	region := model.Region.ValueString()
 	if region == "" {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	}

 	ctx = tflog.SetField(ctx, "project_id", projectId)
--- a/stackit/internal/services/objectstorage/credentialsgroup/datasource.go
+++ b/stackit/internal/services/objectstorage/credentialsgroup/datasource.go
@ -83,7 +83,7 @@ func (r *credentialsGroupDataSource) Schema(_ context.Context, _ datasource.Sche
 		"name":                 "The credentials group's display name.",
 		"project_id":           "Object Storage Project ID to which the credentials group is associated.",
 		"urn":                  "Credentials group uniform resource name (URN)",
-		"region":               "The resource region. Read-only attribute that reflects the provider region.",
+		"region":               "The resource region. If not defined, the provider region is used.",
 	}

 	resp.Schema = schema.Schema{
@ -117,8 +117,7 @@ func (r *credentialsGroupDataSource) Schema(_ context.Context, _ datasource.Sche
 			},
 			"region": schema.StringAttribute{
 				// the region cannot be found automatically, so it has to be passed
-				Optional:    false,
-				Computed:    true,
+				Optional:    true,
 				Description: descriptions["region"],
 			},
 		},
@ -137,7 +136,7 @@ func (r *credentialsGroupDataSource) Read(ctx context.Context, req datasource.Re
 	credentialsGroupId := model.CredentialsGroupId.ValueString()
 	var region string
 	if utils.IsUndefined(model.Region) {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	} else {
 		region = model.Region.ValueString()
 	}
--- a/stackit/internal/services/objectstorage/credentialsgroup/resource.go
+++ b/stackit/internal/services/objectstorage/credentialsgroup/resource.go
@ -71,7 +71,7 @@ func (r *credentialsGroupResource) ModifyPlan(ctx context.Context, req resource.
 		return
 	}

-	coreutils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.Region, resp)
+	coreutils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.GetRegion(), resp)
 	if resp.Diagnostics.HasError() {
 		return
 	}
@ -132,7 +132,7 @@ func (r *credentialsGroupResource) Schema(_ context.Context, _ resource.SchemaRe
 		"name":                 "The credentials group's display name.",
 		"project_id":           "Project ID to which the credentials group is associated.",
 		"urn":                  "Credentials group uniform resource name (URN)",
-		"region":               "The resource region. Read-only attribute that reflects the provider region.",
+		"region":               "The resource region. If not defined, the provider region is used.",
 	}

 	resp.Schema = schema.Schema{
@ -174,7 +174,7 @@ func (r *credentialsGroupResource) Schema(_ context.Context, _ resource.SchemaRe
 				Computed:    true,
 			},
 			"region": schema.StringAttribute{
-				Optional: false,
+				Optional: true,
 				// must be computed to allow for storing the override value from the provider
 				Computed:    true,
 				Description: descriptions["region"],
@ -250,7 +250,7 @@ func (r *credentialsGroupResource) Read(ctx context.Context, req resource.ReadRe
 	ctx = tflog.SetField(ctx, "credentials_group_id", credentialsGroupId)
 	ctx = tflog.SetField(ctx, "region", region)
 	if region == "" {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	}

 	found, err := readCredentialsGroups(ctx, &model, region, r.client)
--- a/stackit/internal/services/observability/credential/resource.go
+++ b/stackit/internal/services/observability/credential/resource.go
@ -75,7 +75,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = observability.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/observability/instance/datasource.go
+++ b/stackit/internal/services/observability/instance/datasource.go
@ -62,7 +62,7 @@ func (d *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = observability.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/observability/instance/resource.go
+++ b/stackit/internal/services/observability/instance/resource.go
@ -364,7 +364,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = observability.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/observability/scrapeconfig/datasource.go
+++ b/stackit/internal/services/observability/scrapeconfig/datasource.go
@ -64,7 +64,7 @@ func (d *scrapeConfigDataSource) Configure(ctx context.Context, req datasource.C
 	} else {
 		apiClient, err = observability.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}
 	if err != nil {
--- a/stackit/internal/services/observability/scrapeconfig/resource.go
+++ b/stackit/internal/services/observability/scrapeconfig/resource.go
@ -139,7 +139,7 @@ func (r *scrapeConfigResource) Configure(ctx context.Context, req resource.Confi
 	} else {
 		apiClient, err = observability.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/opensearch/credential/datasource.go
+++ b/stackit/internal/services/opensearch/credential/datasource.go
@ -61,7 +61,7 @@ func (r *credentialDataSource) Configure(ctx context.Context, req datasource.Con
 	} else {
 		apiClient, err = opensearch.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/opensearch/credential/resource.go
+++ b/stackit/internal/services/opensearch/credential/resource.go
@ -83,7 +83,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = opensearch.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/opensearch/instance/datasource.go
+++ b/stackit/internal/services/opensearch/instance/datasource.go
@ -61,7 +61,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = opensearch.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/opensearch/instance/resource.go
+++ b/stackit/internal/services/opensearch/instance/resource.go
@ -125,7 +125,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = opensearch.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/postgresflex/database/datasource.go
+++ b/stackit/internal/services/postgresflex/database/datasource.go
@ -60,7 +60,7 @@ func (r *databaseDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = postgresflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/postgresflex/database/resource.go
+++ b/stackit/internal/services/postgresflex/database/resource.go
@ -77,7 +77,7 @@ func (r *databaseResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = postgresflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/postgresflex/instance/datasource.go
+++ b/stackit/internal/services/postgresflex/instance/datasource.go
@ -63,7 +63,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = postgresflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/postgresflex/instance/resource.go
+++ b/stackit/internal/services/postgresflex/instance/resource.go
@ -117,7 +117,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = postgresflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/postgresflex/user/datasource.go
+++ b/stackit/internal/services/postgresflex/user/datasource.go
@ -74,7 +74,7 @@ func (r *userDataSource) Configure(ctx context.Context, req datasource.Configure
 	} else {
 		apiClient, err = postgresflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/postgresflex/user/resource.go
+++ b/stackit/internal/services/postgresflex/user/resource.go
@ -87,7 +87,7 @@ func (r *userResource) Configure(ctx context.Context, req resource.ConfigureRequ
 	} else {
 		apiClient, err = postgresflex.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/rabbitmq/credential/datasource.go
+++ b/stackit/internal/services/rabbitmq/credential/datasource.go
@ -61,7 +61,7 @@ func (r *credentialDataSource) Configure(ctx context.Context, req datasource.Con
 	} else {
 		apiClient, err = rabbitmq.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/rabbitmq/credential/resource.go
+++ b/stackit/internal/services/rabbitmq/credential/resource.go
@ -86,7 +86,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = rabbitmq.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/rabbitmq/instance/datasource.go
+++ b/stackit/internal/services/rabbitmq/instance/datasource.go
@ -61,7 +61,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = rabbitmq.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/rabbitmq/instance/resource.go
+++ b/stackit/internal/services/rabbitmq/instance/resource.go
@ -122,7 +122,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = rabbitmq.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/redis/credential/datasource.go
+++ b/stackit/internal/services/redis/credential/datasource.go
@ -61,7 +61,7 @@ func (r *credentialDataSource) Configure(ctx context.Context, req datasource.Con
 	} else {
 		apiClient, err = redis.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/redis/credential/resource.go
+++ b/stackit/internal/services/redis/credential/resource.go
@ -83,7 +83,7 @@ func (r *credentialResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = redis.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/redis/instance/datasource.go
+++ b/stackit/internal/services/redis/instance/datasource.go
@ -61,7 +61,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = redis.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/redis/instance/resource.go
+++ b/stackit/internal/services/redis/instance/resource.go
@ -141,7 +141,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = redis.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/secretsmanager/instance/datasource.go
+++ b/stackit/internal/services/secretsmanager/instance/datasource.go
@ -61,7 +61,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = secretsmanager.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/secretsmanager/instance/resource.go
+++ b/stackit/internal/services/secretsmanager/instance/resource.go
@ -80,7 +80,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = secretsmanager.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/secretsmanager/user/datasource.go
+++ b/stackit/internal/services/secretsmanager/user/datasource.go
@ -72,7 +72,7 @@ func (r *userDataSource) Configure(ctx context.Context, req datasource.Configure
 	} else {
 		apiClient, err = secretsmanager.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/secretsmanager/user/resource.go
+++ b/stackit/internal/services/secretsmanager/user/resource.go
@ -79,7 +79,7 @@ func (r *userResource) Configure(ctx context.Context, req resource.ConfigureRequ
 	} else {
 		apiClient, err = secretsmanager.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/serverbackup/schedule/resource.go
+++ b/stackit/internal/services/serverbackup/schedule/resource.go
@ -107,7 +107,7 @@ func (r *scheduleResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = serverbackup.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/serverbackup/schedule/schedule_datasource.go
+++ b/stackit/internal/services/serverbackup/schedule/schedule_datasource.go
@ -78,7 +78,7 @@ func (r *scheduleDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = serverbackup.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/serverbackup/schedule/schedules_datasource.go
+++ b/stackit/internal/services/serverbackup/schedule/schedules_datasource.go
@ -77,7 +77,7 @@ func (r *schedulesDataSource) Configure(ctx context.Context, req datasource.Conf
 	} else {
 		apiClient, err = serverbackup.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/serverupdate/schedule/resource.go
+++ b/stackit/internal/services/serverupdate/schedule/resource.go
@ -99,7 +99,7 @@ func (r *scheduleResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = serverupdate.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/serverupdate/schedule/schedule_datasource.go
+++ b/stackit/internal/services/serverupdate/schedule/schedule_datasource.go
@ -77,7 +77,7 @@ func (r *scheduleDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = serverupdate.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/serverupdate/schedule/schedules_datasource.go
+++ b/stackit/internal/services/serverupdate/schedule/schedules_datasource.go
@ -77,7 +77,7 @@ func (r *schedulesDataSource) Configure(ctx context.Context, req datasource.Conf
 	} else {
 		apiClient, err = serverupdate.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/ske/cluster/datasource.go
+++ b/stackit/internal/services/ske/cluster/datasource.go
@ -60,7 +60,7 @@ func (r *clusterDataSource) Configure(ctx context.Context, req datasource.Config
 	} else {
 		apiClient, err = ske.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/ske/cluster/resource.go
+++ b/stackit/internal/services/ske/cluster/resource.go
@ -267,7 +267,7 @@ func (r *clusterResource) Configure(ctx context.Context, req resource.ConfigureR
 	} else {
 		skeClient, err = ske.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

@ -284,7 +284,7 @@ func (r *clusterResource) Configure(ctx context.Context, req resource.ConfigureR
 	} else {
 		enablementClient, err = serviceenablement.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/ske/kubeconfig/resource.go
+++ b/stackit/internal/services/ske/kubeconfig/resource.go
@ -86,7 +86,7 @@ func (r *kubeconfigResource) Configure(ctx context.Context, req resource.Configu
 	} else {
 		apiClient, err = ske.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/ske/project/datasource.go
+++ b/stackit/internal/services/ske/project/datasource.go
@ -62,7 +62,7 @@ func (r *projectDataSource) Configure(ctx context.Context, req datasource.Config
 	} else {
 		apiClient, err = ske.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

@ -79,7 +79,7 @@ func (r *projectDataSource) Configure(ctx context.Context, req datasource.Config
 	} else {
 		enablementClient, err = serviceenablement.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/ske/project/resource.go
+++ b/stackit/internal/services/ske/project/resource.go
@ -74,7 +74,7 @@ func (r *projectResource) Configure(ctx context.Context, req resource.ConfigureR
 	} else {
 		apiClient, err = ske.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

@ -91,7 +91,7 @@ func (r *projectResource) Configure(ctx context.Context, req resource.ConfigureR
 	} else {
 		enablementClient, err = serviceenablement.NewAPIClient(
 			config.WithCustomAuth(providerData.RoundTripper),
-			config.WithRegion(providerData.Region),
+			config.WithRegion(providerData.GetRegion()),
 		)
 	}

--- a/stackit/internal/services/sqlserverflex/instance/datasource.go
+++ b/stackit/internal/services/sqlserverflex/instance/datasource.go
@ -65,7 +65,7 @@ func (r *instanceDataSource) Configure(ctx context.Context, req datasource.Confi
 	} else {
 		apiClient, err = sqlserverflex.NewAPIClient(
 			config.WithCustomAuth(r.providerData.RoundTripper),
-			config.WithRegion(r.providerData.Region),
+			config.WithRegion(r.providerData.GetRegion()),
 		)
 	}

@ -196,7 +196,7 @@ func (r *instanceDataSource) Read(ctx context.Context, req datasource.ReadReques
 	instanceId := model.InstanceId.ValueString()
 	var region string
 	if utils.IsUndefined(model.Region) {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	} else {
 		region = model.Region.ValueString()
 	}
--- a/stackit/internal/services/sqlserverflex/instance/resource.go
+++ b/stackit/internal/services/sqlserverflex/instance/resource.go
@ -139,7 +139,7 @@ func (r *instanceResource) Configure(ctx context.Context, req resource.Configure
 	} else {
 		apiClient, err = sqlserverflex.NewAPIClient(
 			config.WithCustomAuth(r.providerData.RoundTripper),
-			config.WithRegion(r.providerData.Region),
+			config.WithRegion(r.providerData.GetRegion()),
 		)
 	}

@ -171,7 +171,7 @@ func (r *instanceResource) ModifyPlan(ctx context.Context, req resource.ModifyPl
 		return
 	}

-	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.Region, resp)
+	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.GetRegion(), resp)
 	if resp.Diagnostics.HasError() {
 		return
 	}
@ -463,7 +463,7 @@ func (r *instanceResource) Read(ctx context.Context, req resource.ReadRequest, r
 	instanceId := model.InstanceId.ValueString()
 	region := model.Region.ValueString()
 	if region == "" {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	}

 	ctx = tflog.SetField(ctx, "project_id", projectId)
--- a/stackit/internal/services/sqlserverflex/user/datasource.go
+++ b/stackit/internal/services/sqlserverflex/user/datasource.go
@ -78,7 +78,7 @@ func (r *userDataSource) Configure(ctx context.Context, req datasource.Configure
 	} else {
 		apiClient, err = sqlserverflex.NewAPIClient(
 			config.WithCustomAuth(r.providerData.RoundTripper),
-			config.WithRegion(r.providerData.Region),
+			config.WithRegion(r.providerData.GetRegion()),
 		)
 	}

@ -172,7 +172,7 @@ func (r *userDataSource) Read(ctx context.Context, req datasource.ReadRequest, r
 	userId := model.UserId.ValueString()
 	var region string
 	if utils.IsUndefined(model.Region) {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	} else {
 		region = model.Region.ValueString()
 	}
--- a/stackit/internal/services/sqlserverflex/user/resource.go
+++ b/stackit/internal/services/sqlserverflex/user/resource.go
@ -87,7 +87,7 @@ func (r *userResource) Configure(ctx context.Context, req resource.ConfigureRequ
 	} else {
 		apiClient, err = sqlserverflex.NewAPIClient(
 			config.WithCustomAuth(r.providerData.RoundTripper),
-			config.WithRegion(r.providerData.Region),
+			config.WithRegion(r.providerData.GetRegion()),
 		)
 	}

@ -119,7 +119,7 @@ func (r *userResource) ModifyPlan(ctx context.Context, req resource.ModifyPlanRe
 		return
 	}

-	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.Region, resp)
+	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.GetRegion(), resp)
 	if resp.Diagnostics.HasError() {
 		return
 	}
@ -303,7 +303,7 @@ func (r *userResource) Read(ctx context.Context, req resource.ReadRequest, resp
 	ctx = tflog.SetField(ctx, "user_id", userId)
 	ctx = tflog.SetField(ctx, "region", region)
 	if region == "" {
-		region = r.providerData.Region
+		region = r.providerData.GetRegion()
 	}

 	recordSetResp, err := r.client.GetUser(ctx, projectId, instanceId, userId, region).Execute()
--- a/stackit/provider.go
+++ b/stackit/provider.go
@ -4,10 +4,13 @@ import (
 	"context"
 	"fmt"

+	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
 	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/provider"
 	"github.com/hashicorp/terraform-plugin-framework/provider/schema"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	argusCredential "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/argus/credential"
 	argusInstance "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/argus/instance"
@ -97,14 +100,16 @@ func (p *Provider) Metadata(_ context.Context, _ provider.MetadataRequest, resp
 }

 type providerModel struct {
-	CredentialsFilePath             types.String `tfsdk:"credentials_path"`
-	ServiceAccountEmail             types.String `tfsdk:"service_account_email"` // Deprecated: ServiceAccountEmail is not required and will be removed after 12th June 2025
-	ServiceAccountKey               types.String `tfsdk:"service_account_key"`
-	ServiceAccountKeyPath           types.String `tfsdk:"service_account_key_path"`
-	PrivateKey                      types.String `tfsdk:"private_key"`
-	PrivateKeyPath                  types.String `tfsdk:"private_key_path"`
-	Token                           types.String `tfsdk:"service_account_token"`
+	CredentialsFilePath   types.String `tfsdk:"credentials_path"`
+	ServiceAccountEmail   types.String `tfsdk:"service_account_email"` // Deprecated: ServiceAccountEmail is not required and will be removed after 12th June 2025
+	ServiceAccountKey     types.String `tfsdk:"service_account_key"`
+	ServiceAccountKeyPath types.String `tfsdk:"service_account_key_path"`
+	PrivateKey            types.String `tfsdk:"private_key"`
+	PrivateKeyPath        types.String `tfsdk:"private_key_path"`
+	Token                 types.String `tfsdk:"service_account_token"`
+	// Deprecated: Use DefaultRegion instead
 	Region                          types.String `tfsdk:"region"`
+	DefaultRegion                   types.String `tfsdk:"default_region"`
 	ArgusCustomEndpoint             types.String `tfsdk:"argus_custom_endpoint"`
 	DNSCustomEndpoint               types.String `tfsdk:"dns_custom_endpoint"`
 	IaaSCustomEndpoint              types.String `tfsdk:"iaas_custom_endpoint"`
@ -141,6 +146,7 @@ func (p *Provider) Schema(_ context.Context, _ provider.SchemaRequest, resp *pro
 		"private_key":                        "Private RSA key used for authentication, relevant for the key flow. It takes precedence over the private key that is included in the service account key.",
 		"service_account_email":              "Service account email. It can also be set using the environment variable STACKIT_SERVICE_ACCOUNT_EMAIL. It is required if you want to use the resource manager project resource.",
 		"region":                             "Region will be used as the default location for regional services. Not all services require a region, some are global",
+		"default_region":                     "Region will be used as the default location for regional services. Not all services require a region, some are global",
 		"argus_custom_endpoint":              "Custom endpoint for the Argus service",
 		"dns_custom_endpoint":                "Custom endpoint for the DNS service",
 		"iaas_custom_endpoint":               "Custom endpoint for the IaaS service",
@ -198,8 +204,19 @@ func (p *Provider) Schema(_ context.Context, _ provider.SchemaRequest, resp *pro
 				Description: descriptions["private_key_path"],
 			},
 			"region": schema.StringAttribute{
+				Optional:           true,
+				Description:        descriptions["region"],
+				DeprecationMessage: "This attribute is deprecated. Use 'default_region' instead",
+				Validators: []validator.String{
+					stringvalidator.ConflictsWith(path.MatchRoot("default_region")),
+				},
+			},
+			"default_region": schema.StringAttribute{
 				Optional:    true,
-				Description: descriptions["region"],
+				Description: descriptions["default_region"],
+				Validators: []validator.String{
+					stringvalidator.ConflictsWith(path.MatchRoot("region")),
+				},
 			},
 			"argus_custom_endpoint": schema.StringAttribute{
 				Optional:           true,
@ -329,11 +346,10 @@ func (p *Provider) Configure(ctx context.Context, req provider.ConfigureRequest,
 	if !(providerConfig.Token.IsUnknown() || providerConfig.Token.IsNull()) {
 		sdkConfig.Token = providerConfig.Token.ValueString()
 	}
-	if !(providerConfig.Region.IsUnknown() || providerConfig.Region.IsNull()) {
-		providerData.Region = providerConfig.Region.ValueString()
-	}
-	if !(providerConfig.ArgusCustomEndpoint.IsUnknown() || providerConfig.ArgusCustomEndpoint.IsNull()) {
-		providerData.ArgusCustomEndpoint = providerConfig.ArgusCustomEndpoint.ValueString()
+	if !(providerConfig.DefaultRegion.IsUnknown() || providerConfig.DefaultRegion.IsNull()) {
+		providerData.DefaultRegion = providerConfig.DefaultRegion.ValueString()
+	} else if !(providerConfig.Region.IsUnknown() || providerConfig.Region.IsNull()) { // nolint:staticcheck // preliminary handling of deprecated attribute
+		providerData.Region = providerConfig.Region.ValueString() // nolint:staticcheck // preliminary handling of deprecated attribute
 	}
 	if !(providerConfig.DNSCustomEndpoint.IsUnknown() || providerConfig.DNSCustomEndpoint.IsNull()) {
 		providerData.DnsCustomEndpoint = providerConfig.DNSCustomEndpoint.ValueString()