github.com/jpreese/tflint@v0.19.2-0.20200908152133-b01686250fb6/README.md (about) 1 # TFLint 2 [![Build Status](https://github.com/terraform-linters/tflint/workflows/build/badge.svg?branch=master)](https://github.com/terraform-linters/tflint/actions) 3 [![GitHub release](https://img.shields.io/github/release/terraform-linters/tflint.svg)](https://github.com/terraform-linters/tflint/releases/latest) 4 [![Terraform Compatibility](https://img.shields.io/badge/terraform-%3E%3D%200.12-blue)](docs/guides/compatibility.md) 5 [![Docker Hub](https://img.shields.io/badge/docker-ready-blue.svg)](https://hub.docker.com/r/wata727/tflint/) 6 [![License: MPL 2.0](https://img.shields.io/badge/License-MPL%202.0-blue.svg)](LICENSE) 7 [![Go Report Card](https://goreportcard.com/badge/github.com/terraform-linters/tflint)](https://goreportcard.com/report/github.com/terraform-linters/tflint) 8 9 TFLint is a [Terraform](https://www.terraform.io/) linter focused on possible errors, best practices, etc. 10 11 ## Why TFLint is required? 12 13 Terraform is a great tool for Infrastructure as Code. However, many of these tools don't validate provider-specific issues. For example, see the following configuration file: 14 15 ```hcl 16 resource "aws_instance" "foo" { 17 ami = "ami-0ff8a91507f77f867" 18 instance_type = "t1.2xlarge" # invalid type! 19 } 20 ``` 21 22 Since `t1.2xlarge` is a nonexistent instance type, an error will occur when you run `terraform apply`. But `terraform plan` and `terraform validate` cannot find this possible error beforehand. That's because it's an AWS provider-specific issue and it's valid as a Terraform configuration. 23 24 TFLint finds such errors in advance: 25 26 ![demo](docs/assets/demo.gif) 27 28 ## Installation 29 30 You can download the binary built for your architecture from [the latest release](https://github.com/terraform-linters/tflint/releases/latest). The following is an example of installation on macOS: 31 32 ```console 33 $ curl --location https://github.com/terraform-linters/tflint/releases/download/v0.19.1/tflint_darwin_amd64.zip --output tflint_darwin_amd64.zip 34 $ unzip tflint_darwin_amd64.zip 35 Archive: tflint_darwin_amd64.zip 36 inflating: tflint 37 $ install tflint /usr/local/bin 38 $ tflint -v 39 ``` 40 41 For Linux based OS, you can use the [`install_linux.sh`](https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh) to automate the installation process, or try the following oneliner to download latest binary for AMD64 architecture. 42 ``` 43 $ curl -L "$(curl -Ls https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" -o tflint.zip && unzip tflint.zip && rm tflint.zip 44 ``` 45 46 ### Homebrew 47 48 macOS users can also use [Homebrew](https://brew.sh) to install TFLint: 49 50 ```console 51 $ brew install tflint 52 ``` 53 54 ### Chocolatey 55 56 Windows users can use [Chocolatey](https://chocolatey.org): 57 58 ```cmd 59 choco install tflint 60 ``` 61 62 ### Docker 63 64 You can also use [TFLint via Docker](https://hub.docker.com/r/wata727/tflint/). 65 66 ```console 67 $ docker run --rm -v $(pwd):/data -t wata727/tflint 68 ``` 69 70 ## Features 71 72 700+ rules are available. See [Rules](docs/rules). 73 74 ## Providers 75 76 TFLint supports multiple providers via plugins. The following is the Major Cloud support status. 77 78 |name|status|description| 79 |---|---|---| 80 |[AWS](https://github.com/terraform-linters/tflint-ruleset-aws)|Available|Inspections for AWS resources are now built into TFLint. So, it is not necessary to install the plugin separately. In the future, these will be cut out to the plugin, but all are in progress.| 81 |[Azure](https://github.com/terraform-linters/tflint-ruleset-azurerm)|Experimental|Experimental support has been started. You can inspect Azure resources by installing the plugin.| 82 |[Google Cloud Platform](https://github.com/terraform-linters/tflint-ruleset-google)|Work in Progress|Everything is working and not available.| 83 84 Please see the [documentation](docs/guides/extend.md) about the plugin system. 85 86 ## Limitations 87 88 TFLint load configurations in the same way as Terraform v0.13. This means that it cannot inspect configurations that cannot be parsed on Terraform v0.13. 89 90 See [Compatibility with Terraform](docs/guides/compatibility.md) for details. 91 92 ## Usage 93 94 TFLint inspects all configurations under the current directory by default. You can also change the behavior with the following options: 95 96 ``` 97 $ tflint --help 98 Usage: 99 tflint [OPTIONS] [FILE or DIR...] 100 101 Application Options: 102 -v, --version Print TFLint version 103 --langserver Start language server 104 -f, --format=[default|json|checkstyle|junit] Output format (default: default) 105 -c, --config=FILE Config file name (default: .tflint.hcl) 106 --ignore-module=SOURCE Ignore module sources 107 --enable-rule=RULE_NAME Enable rules from the command line 108 --disable-rule=RULE_NAME Disable rules from the command line 109 --only=RULE_NAME Enable only this rule, disabling all other defaults. Can be specified multiple times 110 --var-file=FILE Terraform variable file name 111 --var='foo=bar' Set a Terraform variable 112 --module Inspect modules 113 --deep Enable deep check mode 114 --aws-access-key=ACCESS_KEY AWS access key used in deep check mode 115 --aws-secret-key=SECRET_KEY AWS secret key used in deep check mode 116 --aws-profile=PROFILE AWS shared credential profile name used in deep check mode 117 --aws-creds-file=FILE AWS shared credentials file path used in deep checking 118 --aws-region=REGION AWS region used in deep check mode 119 --force Return zero exit status even if issues found 120 --no-color Disable colorized output 121 --loglevel=[trace|debug|info|warn|error] Change the loglevel (default: none) 122 123 Help Options: 124 -h, --help Show this help message 125 ``` 126 127 See [User guide](docs/guides) for each option. 128 129 ## Exit Statuses 130 131 TFLint returns the following exit statuses on exit: 132 133 - 0: No issues found 134 - 2: Errors occurred 135 - 3: No errors occurred, but issues found 136 137 ## FAQ 138 ### Does TFLint check modules recursively? 139 - No. TFLint always checks only the current root module (no recursive check) 140 141 ### Do I need to install Terraform for TFLint to work? 142 - No. TFLint works as a single binary because Terraform is embedded as a library. Note that this means that the version of Terraform used is determined for each TFLint version. See also [Compatibility with Terraform](docs/guides/compatibility.md). 143 144 ### TFLint causes a loading error in my code that is valid in Terraform. Why? 145 - First, check the version of Terraform you are using. Terraform v0.12 introduced a major syntax change, and unfortunately TFLint only supports that new syntax. 146 147 ## Debugging 148 149 If you don't get the expected behavior, you can see the detailed logs when running with `TFLINT_LOG` environment variable. 150 151 ```console 152 $ TFLINT_LOG=debug tflint 153 ``` 154 155 ## Developing 156 157 See [Developer guide](docs/DEVELOPING.md).