Skip to content

Commit bc38185

Browse files
authored
Merge pull request #846 from terraform-linters/bump_aws_provider
Bump terraform-provider-aws to v2.70.0 from v2.68.0
2 parents 676db72 + 1af3d56 commit bc38185

18 files changed

+779
-18
lines changed

client/aws_ec2_mock.go

Lines changed: 449 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

docs/guides/compatibility.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
Some inspections implicitly assume the behavior of a specific version of provider plugins or Terraform. This always assumes the latest version and is as follows:
44

55
- Terraform v0.12.28
6-
- AWS Provider v2.68.0
6+
- AWS Provider v2.70.0
77

88
Of course, TFLint may work correctly if you run it on other versions. But, false positives/negatives can occur based on this assumption.
99

go.mod

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ module github.com/terraform-linters/tflint
33
go 1.14
44

55
require (
6-
github.com/aws/aws-sdk-go v1.32.11
6+
github.com/aws/aws-sdk-go v1.32.12
77
github.com/fatih/color v1.9.0
88
github.com/golang/mock v1.4.3
99
github.com/google/go-cmp v0.5.0
@@ -22,9 +22,9 @@ require (
2222
github.com/sourcegraph/jsonrpc2 v0.0.0-20190106185902-35a74f039c6a
2323
github.com/spf13/afero v1.3.1
2424
github.com/terraform-linters/tflint-plugin-sdk v0.3.0
25-
github.com/terraform-providers/terraform-provider-aws v2.68.0+incompatible
25+
github.com/terraform-providers/terraform-provider-aws v2.70.0+incompatible
2626
github.com/zclconf/go-cty v1.5.1
2727
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f
2828
)
2929

30-
replace github.com/terraform-providers/terraform-provider-aws v2.68.0+incompatible => github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20200625234409-8688f3adfb43
30+
replace github.com/terraform-providers/terraform-provider-aws v2.70.0+incompatible => github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20200710175044-2f23a59662cc

go.sum

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -76,9 +76,8 @@ github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3A
7676
github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
7777
github.com/aws/aws-sdk-go v1.30.12/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
7878
github.com/aws/aws-sdk-go v1.31.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
79-
github.com/aws/aws-sdk-go v1.32.3/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
80-
github.com/aws/aws-sdk-go v1.32.11 h1:1nYF+Tfccn/hnAZsuwPPMSCVUVnx3j6LKOpx/WhgH0A=
81-
github.com/aws/aws-sdk-go v1.32.11/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
79+
github.com/aws/aws-sdk-go v1.32.12 h1:l/djCeLI4ggBFWLlYUGTqkHraoLnVMubNlLXPdEtoYc=
80+
github.com/aws/aws-sdk-go v1.32.12/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
8281
github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc=
8382
github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
8483
github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
@@ -595,8 +594,8 @@ github.com/tencentcloud/tencentcloud-sdk-go v3.0.82+incompatible/go.mod h1:0PfYo
595594
github.com/tencentyun/cos-go-sdk-v5 v0.0.0-20190808065407-f07404cefc8c/go.mod h1:wk2XFUg6egk4tSDNZtXeKfe2G6690UVyt163PuUxBZk=
596595
github.com/terraform-linters/tflint-plugin-sdk v0.3.0 h1:TUMBlM17mZKMzaZtp1KLj6T6BHLTunVQ/8f2cWOaMjY=
597596
github.com/terraform-linters/tflint-plugin-sdk v0.3.0/go.mod h1:QoSqSV/8GSOrQy3OStK3EEdsA3yZm13My4BQcnx3Zic=
598-
github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20200625234409-8688f3adfb43 h1:tt30KJTNH0vBqyvbVhW+QHa2I1ciwh1XmyIl/m5fjJ4=
599-
github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20200625234409-8688f3adfb43/go.mod h1:0U3OgA2uDYSc7gNkdWA92+/BxWXwuYhWqqZ4UhM1RCw=
597+
github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20200710175044-2f23a59662cc h1:RNa/U0gK3SnatBwk9t/bCqK03u7fSvBMZMOnovUoCd0=
598+
github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20200710175044-2f23a59662cc/go.mod h1:tJCY7WQBTQPyFIf0JOkHSwTMS46J/JTa8dxhwtMcwdY=
600599
github.com/terraform-providers/terraform-provider-openstack v1.15.0/go.mod h1:2aQ6n/BtChAl1y2S60vebhyJyZXBsuAI5G4+lHrT1Ew=
601600
github.com/tetafro/godot v0.3.3/go.mod h1:pT6/T8+h6//L/LwQcFc4C0xpfy1euZwzS1sHdrFCms0=
602601
github.com/timakin/bodyclose v0.0.0-20190930140734-f7f2e9bca95e/go.mod h1:Qimiffbc6q9tBWlVV6x0P9sat/ao1xEkREYPPj9hphk=

rules/awsrules/models/aws-sdk-go

Submodule aws-sdk-go updated 219 files

rules/awsrules/models/aws_efs_file_system_invalid_creation_token.go

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,9 @@
33
package models
44

55
import (
6+
"fmt"
67
"log"
8+
"regexp"
79

810
hcl "github.com/hashicorp/hcl/v2"
911
"github.com/terraform-linters/tflint/tflint"
@@ -15,6 +17,7 @@ type AwsEfsFileSystemInvalidCreationTokenRule struct {
1517
attributeName string
1618
max int
1719
min int
20+
pattern *regexp.Regexp
1821
}
1922

2023
// NewAwsEfsFileSystemInvalidCreationTokenRule returns new rule with default attributes
@@ -24,6 +27,7 @@ func NewAwsEfsFileSystemInvalidCreationTokenRule() *AwsEfsFileSystemInvalidCreat
2427
attributeName: "creation_token",
2528
max: 64,
2629
min: 1,
30+
pattern: regexp.MustCompile(`^.+$`),
2731
}
2832
}
2933

@@ -70,6 +74,13 @@ func (r *AwsEfsFileSystemInvalidCreationTokenRule) Check(runner *tflint.Runner)
7074
attribute.Expr.Range(),
7175
)
7276
}
77+
if !r.pattern.MatchString(val) {
78+
runner.EmitIssue(
79+
r,
80+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.+$`),
81+
attribute.Expr.Range(),
82+
)
83+
}
7384
return nil
7485
})
7586
})

rules/awsrules/models/aws_efs_file_system_invalid_kms_key_id.go

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,9 @@
33
package models
44

55
import (
6+
"fmt"
67
"log"
8+
"regexp"
79

810
hcl "github.com/hashicorp/hcl/v2"
911
"github.com/terraform-linters/tflint/tflint"
@@ -14,7 +16,7 @@ type AwsEfsFileSystemInvalidKmsKeyIDRule struct {
1416
resourceType string
1517
attributeName string
1618
max int
17-
min int
19+
pattern *regexp.Regexp
1820
}
1921

2022
// NewAwsEfsFileSystemInvalidKmsKeyIDRule returns new rule with default attributes
@@ -23,7 +25,7 @@ func NewAwsEfsFileSystemInvalidKmsKeyIDRule() *AwsEfsFileSystemInvalidKmsKeyIDRu
2325
resourceType: "aws_efs_file_system",
2426
attributeName: "kms_key_id",
2527
max: 2048,
26-
min: 1,
28+
pattern: regexp.MustCompile(`^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|alias/[a-zA-Z0-9/_-]+|(arn:aws[-a-z]*:kms:[a-z0-9-]+:\d{12}:((key/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})|(alias/[a-zA-Z0-9/_-]+))))$`),
2729
}
2830
}
2931

@@ -63,10 +65,10 @@ func (r *AwsEfsFileSystemInvalidKmsKeyIDRule) Check(runner *tflint.Runner) error
6365
attribute.Expr.Range(),
6466
)
6567
}
66-
if len(val) < r.min {
68+
if !r.pattern.MatchString(val) {
6769
runner.EmitIssue(
6870
r,
69-
"kms_key_id must be 1 characters or higher",
71+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|alias/[a-zA-Z0-9/_-]+|(arn:aws[-a-z]*:kms:[a-z0-9-]+:\d{12}:((key/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})|(alias/[a-zA-Z0-9/_-]+))))$`),
7072
attribute.Expr.Range(),
7173
)
7274
}
Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
// This file generated by `generator/`. DO NOT EDIT
2+
3+
package models
4+
5+
import (
6+
"fmt"
7+
"log"
8+
"regexp"
9+
10+
hcl "github.com/hashicorp/hcl/v2"
11+
"github.com/terraform-linters/tflint/tflint"
12+
)
13+
14+
// AwsEfsMountTargetInvalidFileSystemIDRule checks the pattern is valid
15+
type AwsEfsMountTargetInvalidFileSystemIDRule struct {
16+
resourceType string
17+
attributeName string
18+
max int
19+
pattern *regexp.Regexp
20+
}
21+
22+
// NewAwsEfsMountTargetInvalidFileSystemIDRule returns new rule with default attributes
23+
func NewAwsEfsMountTargetInvalidFileSystemIDRule() *AwsEfsMountTargetInvalidFileSystemIDRule {
24+
return &AwsEfsMountTargetInvalidFileSystemIDRule{
25+
resourceType: "aws_efs_mount_target",
26+
attributeName: "file_system_id",
27+
max: 128,
28+
pattern: regexp.MustCompile(`^(arn:aws[-a-z]*:elasticfilesystem:[0-9a-z-:]+:file-system/fs-[0-9a-f]{8,40}|fs-[0-9a-f]{8,40})$`),
29+
}
30+
}
31+
32+
// Name returns the rule name
33+
func (r *AwsEfsMountTargetInvalidFileSystemIDRule) Name() string {
34+
return "aws_efs_mount_target_invalid_file_system_id"
35+
}
36+
37+
// Enabled returns whether the rule is enabled by default
38+
func (r *AwsEfsMountTargetInvalidFileSystemIDRule) Enabled() bool {
39+
return true
40+
}
41+
42+
// Severity returns the rule severity
43+
func (r *AwsEfsMountTargetInvalidFileSystemIDRule) Severity() string {
44+
return tflint.ERROR
45+
}
46+
47+
// Link returns the rule reference link
48+
func (r *AwsEfsMountTargetInvalidFileSystemIDRule) Link() string {
49+
return ""
50+
}
51+
52+
// Check checks the pattern is valid
53+
func (r *AwsEfsMountTargetInvalidFileSystemIDRule) Check(runner *tflint.Runner) error {
54+
log.Printf("[TRACE] Check `%s` rule for `%s` runner", r.Name(), runner.TFConfigPath())
55+
56+
return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
57+
var val string
58+
err := runner.EvaluateExpr(attribute.Expr, &val)
59+
60+
return runner.EnsureNoError(err, func() error {
61+
if len(val) > r.max {
62+
runner.EmitIssue(
63+
r,
64+
"file_system_id must be 128 characters or less",
65+
attribute.Expr.Range(),
66+
)
67+
}
68+
if !r.pattern.MatchString(val) {
69+
runner.EmitIssue(
70+
r,
71+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(arn:aws[-a-z]*:elasticfilesystem:[0-9a-z-:]+:file-system/fs-[0-9a-f]{8,40}|fs-[0-9a-f]{8,40})$`),
72+
attribute.Expr.Range(),
73+
)
74+
}
75+
return nil
76+
})
77+
})
78+
}
Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
// This file generated by `generator/`. DO NOT EDIT
2+
3+
package models
4+
5+
import (
6+
"fmt"
7+
"log"
8+
"regexp"
9+
10+
hcl "github.com/hashicorp/hcl/v2"
11+
"github.com/terraform-linters/tflint/tflint"
12+
)
13+
14+
// AwsEfsMountTargetInvalidIPAddressRule checks the pattern is valid
15+
type AwsEfsMountTargetInvalidIPAddressRule struct {
16+
resourceType string
17+
attributeName string
18+
max int
19+
min int
20+
pattern *regexp.Regexp
21+
}
22+
23+
// NewAwsEfsMountTargetInvalidIPAddressRule returns new rule with default attributes
24+
func NewAwsEfsMountTargetInvalidIPAddressRule() *AwsEfsMountTargetInvalidIPAddressRule {
25+
return &AwsEfsMountTargetInvalidIPAddressRule{
26+
resourceType: "aws_efs_mount_target",
27+
attributeName: "ip_address",
28+
max: 15,
29+
min: 7,
30+
pattern: regexp.MustCompile(`^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$`),
31+
}
32+
}
33+
34+
// Name returns the rule name
35+
func (r *AwsEfsMountTargetInvalidIPAddressRule) Name() string {
36+
return "aws_efs_mount_target_invalid_ip_address"
37+
}
38+
39+
// Enabled returns whether the rule is enabled by default
40+
func (r *AwsEfsMountTargetInvalidIPAddressRule) Enabled() bool {
41+
return true
42+
}
43+
44+
// Severity returns the rule severity
45+
func (r *AwsEfsMountTargetInvalidIPAddressRule) Severity() string {
46+
return tflint.ERROR
47+
}
48+
49+
// Link returns the rule reference link
50+
func (r *AwsEfsMountTargetInvalidIPAddressRule) Link() string {
51+
return ""
52+
}
53+
54+
// Check checks the pattern is valid
55+
func (r *AwsEfsMountTargetInvalidIPAddressRule) Check(runner *tflint.Runner) error {
56+
log.Printf("[TRACE] Check `%s` rule for `%s` runner", r.Name(), runner.TFConfigPath())
57+
58+
return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
59+
var val string
60+
err := runner.EvaluateExpr(attribute.Expr, &val)
61+
62+
return runner.EnsureNoError(err, func() error {
63+
if len(val) > r.max {
64+
runner.EmitIssue(
65+
r,
66+
"ip_address must be 15 characters or less",
67+
attribute.Expr.Range(),
68+
)
69+
}
70+
if len(val) < r.min {
71+
runner.EmitIssue(
72+
r,
73+
"ip_address must be 7 characters or higher",
74+
attribute.Expr.Range(),
75+
)
76+
}
77+
if !r.pattern.MatchString(val) {
78+
runner.EmitIssue(
79+
r,
80+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$`),
81+
attribute.Expr.Range(),
82+
)
83+
}
84+
return nil
85+
})
86+
})
87+
}
Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
// This file generated by `generator/`. DO NOT EDIT
2+
3+
package models
4+
5+
import (
6+
"fmt"
7+
"log"
8+
"regexp"
9+
10+
hcl "github.com/hashicorp/hcl/v2"
11+
"github.com/terraform-linters/tflint/tflint"
12+
)
13+
14+
// AwsEfsMountTargetInvalidSubnetIDRule checks the pattern is valid
15+
type AwsEfsMountTargetInvalidSubnetIDRule struct {
16+
resourceType string
17+
attributeName string
18+
max int
19+
min int
20+
pattern *regexp.Regexp
21+
}
22+
23+
// NewAwsEfsMountTargetInvalidSubnetIDRule returns new rule with default attributes
24+
func NewAwsEfsMountTargetInvalidSubnetIDRule() *AwsEfsMountTargetInvalidSubnetIDRule {
25+
return &AwsEfsMountTargetInvalidSubnetIDRule{
26+
resourceType: "aws_efs_mount_target",
27+
attributeName: "subnet_id",
28+
max: 47,
29+
min: 15,
30+
pattern: regexp.MustCompile(`^subnet-[0-9a-f]{8,40}$`),
31+
}
32+
}
33+
34+
// Name returns the rule name
35+
func (r *AwsEfsMountTargetInvalidSubnetIDRule) Name() string {
36+
return "aws_efs_mount_target_invalid_subnet_id"
37+
}
38+
39+
// Enabled returns whether the rule is enabled by default
40+
func (r *AwsEfsMountTargetInvalidSubnetIDRule) Enabled() bool {
41+
return true
42+
}
43+
44+
// Severity returns the rule severity
45+
func (r *AwsEfsMountTargetInvalidSubnetIDRule) Severity() string {
46+
return tflint.ERROR
47+
}
48+
49+
// Link returns the rule reference link
50+
func (r *AwsEfsMountTargetInvalidSubnetIDRule) Link() string {
51+
return ""
52+
}
53+
54+
// Check checks the pattern is valid
55+
func (r *AwsEfsMountTargetInvalidSubnetIDRule) Check(runner *tflint.Runner) error {
56+
log.Printf("[TRACE] Check `%s` rule for `%s` runner", r.Name(), runner.TFConfigPath())
57+
58+
return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
59+
var val string
60+
err := runner.EvaluateExpr(attribute.Expr, &val)
61+
62+
return runner.EnsureNoError(err, func() error {
63+
if len(val) > r.max {
64+
runner.EmitIssue(
65+
r,
66+
"subnet_id must be 47 characters or less",
67+
attribute.Expr.Range(),
68+
)
69+
}
70+
if len(val) < r.min {
71+
runner.EmitIssue(
72+
r,
73+
"subnet_id must be 15 characters or higher",
74+
attribute.Expr.Range(),
75+
)
76+
}
77+
if !r.pattern.MatchString(val) {
78+
runner.EmitIssue(
79+
r,
80+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^subnet-[0-9a-f]{8,40}$`),
81+
attribute.Expr.Range(),
82+
)
83+
}
84+
return nil
85+
})
86+
})
87+
}

rules/awsrules/models/aws_organizations_policy_invalid_type.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ func NewAwsOrganizationsPolicyInvalidTypeRule() *AwsOrganizationsPolicyInvalidTy
2626
"SERVICE_CONTROL_POLICY",
2727
"TAG_POLICY",
2828
"BACKUP_POLICY",
29+
"AISERVICES_OPT_OUT_POLICY",
2930
},
3031
}
3132
}

0 commit comments

Comments
 (0)