diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 43cc0d8..2c41d70 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,13 +1,11 @@
 repos:
   - repo: https://github.com/mineiros-io/pre-commit-hooks
-    rev: v0.1.4
+    rev: v0.2.2
     hooks:
       - id: terraform-fmt
       - id: terraform-validate
         exclude: ^examples|.terraform/
       - id: tflint
-      - id: gofmt
-      - id: goimports
-      - id: golint
+      - id: golangci-lint
       - id: phony-targets
       - id: markdown-link-check
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..3df41c0
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,95 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.3.0] - 2020-08-03
+### Changed
+- Add support for 3.x terraform AWS provider
+
+### Removed
+- Remove deprecated `region` argument (BREAKING CHANGE)
+
+## [0.2.2] - 2020-07-23
+### Added
+- Add Changelog.md.
+### Changed
+- Migrate CI from SemaphoreCI to GitHub Actions.
+- Migrate to [golangci-lint](https://github.com/golangci/golangci-lint) instead
+  of native go tools for pre-commit hooks.
+
+## [0.2.1] - 2020-06-13
+### Added
+- Work around a terraform issue in `module_depends_on` argument.
+
+## [0.2.0] - 2020-06-08
+### Added
+- Implement `module_enabled` and `module_depends_on` this replaces the `create` flag.
+- This replaces the backward-incompatible v0.1.5 which we removed right after
+  noticing the issue.
+### Changed
+- Upgrade documentation.
+- Update build-system.
+
+## [0.1.4] - 2020-04-14
+### Added
+- Add access point support.
+### Changed
+- Refactored examples.
+
+## [0.1.3] - 2020-03-23
+### Added
+- Allow log delivery from ELBs in different regions.
+
+## [0.1.2] - 2020-03-19
+### Added
+- Add ELB log delivery option to the module.
+
+## [0.1.1] - 2020-03-04
+### Added
+- Add the option to grant read-only access to existing Cloudfront Origin Access
+  Identities via `origin_access_identities`.
+
+## [0.1.0] - 2020-02-29
+### Added
+- Add support for Origin Access Identity Access from Cloudfront.
+
+## [0.0.3] - 2020-01-24
+### Changed
+- Update minimum Terraform version to 0.12.20,
+  so we can take advantage of `try` and `can`.
+- Update README.md with and align it with our new format.
+
+## [0.0.2] - 2020-01-20
+### Added
+- SemaphoreCI Integration that will run build, pre-commit checks and unit tests.
+- Add an example and a simple test case.
+- Further elaboration in README.md.
+
+## [0.0.1] - 2020-01-02
+### Added
+- Bucket public access blocking all set to true by default.
+- Server-Side-Encryption (SSE) at rest enabled by default (AES256).
+- Bucket ACL defaults to canned private ACL.
+- Server-Side-Encryption (SSE) enabled by default
+- Added support for Versioning, Bucket Logging, Lifecycle Rules, Request Payer,
+  Cross-Origin Resource Sharing (CORS), Acceleration Status, Bucket Policy and Tags.
+
+<!-- markdown-link-check-disable -->
+[Unreleased]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.3.0...HEAD
+[0.3.0]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.2.2...v0.3.0
+[0.2.2]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.2.1...v0.2.2
+<!-- markdown-link-check-enable -->
+[0.2.1]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.2.0...v0.2.1
+[0.2.0]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.1.4...v0.2.0
+[0.1.4]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.1.3...v0.1.4
+[0.1.3]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.1.2...v0.1.3
+[0.1.2]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.1.1...v0.1.2
+[0.1.1]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.1.0...v0.1.1
+[0.1.0]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.0.3...v0.1.0
+[0.0.3]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.0.2...v0.0.3
+[0.0.2]: https://github.com/mineiros-io/terraform-aws-s3-bucket/compare/v0.0.1...v0.0.2
+[0.0.1]: https://github.com/mineiros-io/terraform-aws-s3-bucket/releases/tag/v0.0.1
diff --git a/README.md b/README.md
index f053c80..b19d9d3 100644
--- a/README.md
+++ b/README.md
@@ -96,7 +96,7 @@ Most basic usage creating a random named secure AWS bucket.
 ```hcl
 module "bucket" {
   source  = "mineiros-io/s3-bucket/aws"
-  version = "~> 0.2.1"
+  version = "~> 0.3.0"
 }
 ```
 
@@ -154,11 +154,6 @@ See [variables.tf] and [examples/] for details and use-cases.
   Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`.
   Default is `null`.
 
-- **`region`**: *(Optional `string`)*
-
-  If specified, the AWS region this bucket should reside in.
-  Default is the region used by the callee.
-
 - **`request_payer`**: *(Optional `string`)*
 
   Specifies who should bear the cost of Amazon S3 data transfer. Can be either `BucketOwner` or `Requester`.
@@ -289,7 +284,7 @@ See [variables.tf] and [examples/] for details and use-cases.
 
   Specify a list of Cloudfront OAIs to grant read-only access to.
   If in addition a new origin access identity is created via the `create_origin_access_identity`
-  attribute, all identities will be granted access. 
+  attribute, all identities will be granted access.
   **Attention:** Objects shared that way need
   to be owned by the account the bucket belongs to and can not be owned by other accounts
   (e.g. when uploaded through cross-account-access).
diff --git a/examples/secure-s3-bucket/README.md b/examples/secure-s3-bucket/README.md
index 27b64a2..1c1cd94 100644
--- a/examples/secure-s3-bucket/README.md
+++ b/examples/secure-s3-bucket/README.md
@@ -20,7 +20,7 @@ The code in [main.tf] defines...
 ```hcl
 module "example-app-bucket" {
   source  = "mineiros-io/s3-bucket/aws"
-  version = "~> 0.2.1"
+  version = "~> 0.3.0"
 
   bucket_prefix = "app"
 
@@ -40,7 +40,7 @@ module "example-app-bucket" {
 
 module "example-log-bucket" {
   source  = "mineiros-io/s3-bucket/aws"
-  version = "~> 0.2.1"
+  version = "~> 0.3.0"
 
   bucket_prefix = "log"
 
diff --git a/examples/secure-s3-bucket/main.tf b/examples/secure-s3-bucket/main.tf
index 13a7fda..7813b11 100644
--- a/examples/secure-s3-bucket/main.tf
+++ b/examples/secure-s3-bucket/main.tf
@@ -5,7 +5,7 @@
 
 provider "aws" {
   region  = "us-east-1"
-  version = "~> 2.0"
+  version = "~> 3.0"
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
@@ -14,7 +14,7 @@ provider "aws" {
 
 module "example-app-bucket" {
   source  = "mineiros-io/s3-bucket/aws"
-  version = "~> 0.2.1"
+  version = "~> 0.3.0"
 
   bucket_prefix = "app"
 
@@ -38,7 +38,7 @@ module "example-app-bucket" {
 
 module "example-log-bucket" {
   source  = "mineiros-io/s3-bucket/aws"
-  version = "~> 0.2.1"
+  version = "~> 0.3.0"
 
   bucket_prefix = "log"
 
diff --git a/go.sum b/go.sum
index 67c5b18..f9a541c 100644
--- a/go.sum
+++ b/go.sum
@@ -420,6 +420,7 @@ golang.org/x/sys v0.0.0-20191110163157-d32e6e3b99c4 h1:Hynbrlo6LbYI3H1IqXpkVDOcX
 golang.org/x/sys v0.0.0-20191110163157-d32e6e3b99c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200107162124-548cf772de50 h1:YvQ10rzcqWXLlJZ3XCUoO25savxmscf4+SC+ZqiCHhA=
 golang.org/x/sys v0.0.0-20200107162124-548cf772de50/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -471,6 +472,7 @@ google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9Ywl
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM=
 google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
diff --git a/main.tf b/main.tf
index 7b5420a..7ac7fc2 100644
--- a/main.tf
+++ b/main.tf
@@ -37,7 +37,6 @@ resource "aws_s3_bucket" "bucket" {
   tags                = var.tags
   force_destroy       = var.force_destroy
   acceleration_status = var.acceleration_status
-  region              = var.region
   request_payer       = var.request_payer
 
   dynamic "cors_rule" {
diff --git a/test/secure-s3-bucket/main.tf b/test/secure-s3-bucket/main.tf
index 5607f5d..1b50b54 100644
--- a/test/secure-s3-bucket/main.tf
+++ b/test/secure-s3-bucket/main.tf
@@ -4,7 +4,8 @@
 # ---------------------------------------------------------------------------------------------------------------------
 
 provider "aws" {
-  region = var.aws_region
+  version = "~> 3.0"
+  region  = var.aws_region
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
@@ -14,7 +15,6 @@ provider "aws" {
 module "example-app-bucket" {
   source = "../.."
 
-  region     = var.aws_region
   versioning = true
 
   logging = {
@@ -51,8 +51,7 @@ module "example-app-bucket" {
 module "example-log-bucket" {
   source = "../.."
 
-  region = var.aws_region
-  acl    = "log-delivery-write"
+  acl = "log-delivery-write"
 
   # this is just for running the example even if logs already exist
   # this should not be set in production as all objects will be unrecoverably destroyed
diff --git a/test/secure-s3-bucket/versions.tf b/test/secure-s3-bucket/versions.tf
deleted file mode 100644
index 1487177..0000000
--- a/test/secure-s3-bucket/versions.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-# ---------------------------------------------------------------------------------------------------------------------
-# SET TERRAFORM AND PROVIDER REQUIREMENTS FOR RUNNING THIS MODULE
-# ---------------------------------------------------------------------------------------------------------------------
-
-terraform {
-  required_version = "~> 0.12.20"
-
-  required_providers {
-    aws = "~> 2.0"
-  }
-}
diff --git a/variables.tf b/variables.tf
index e090515..fad436c 100644
--- a/variables.tf
+++ b/variables.tf
@@ -8,12 +8,6 @@
 # These variables have defaults, but may be overridden.
 # ---------------------------------------------------------------------------------------------------------------------
 
-variable "region" {
-  description = "If specified, the AWS region this bucket should reside in. (default: region of the callee)."
-  type        = string
-  default     = null
-}
-
 variable "bucket" {
   description = "The name of the bucket. (forces new resource, default: unique random name)"
   type        = string
diff --git a/versions.tf b/versions.tf
index 64d7902..9c3668f 100644
--- a/versions.tf
+++ b/versions.tf
@@ -6,6 +6,6 @@ terraform {
   required_version = "~> 0.12.20"
 
   required_providers {
-    aws = "~> 2.51"
+    aws = ">= 2.51, < 4.0"
   }
 }