github.com/wata727/tflint@v0.12.2-0.20191013070026-96dd0d36f385/rules/awsrules/aws_s3_bucket_invalid_region.go

github.com/wata727/tflint@v0.12.2-0.20191013070026-96dd0d36f385/rules/awsrules/aws_s3_bucket_invalid_region.go (about)

     1  package awsrules
     2  
     3  import (
     4  	"log"
     5  
     6  	hcl "github.com/hashicorp/hcl/v2"
     7  	"github.com/wata727/tflint/tflint"
     8  )
     9  
    10  // AwsS3BucketInvalidRegionRule checks the pattern is valid
    11  type AwsS3BucketInvalidRegionRule struct {
    12  	resourceType  string
    13  	attributeName string
    14  	enum          []string
    15  }
    16  
    17  // NewAwsS3BucketInvalidRegionRule returns new rule with default attributes
    18  func NewAwsS3BucketInvalidRegionRule() *AwsS3BucketInvalidRegionRule {
    19  	return &AwsS3BucketInvalidRegionRule{
    20  		resourceType:  "aws_s3_bucket",
    21  		attributeName: "region",
    22  		enum: []string{
    23  			"EU",
    24  			"us-east-1",
    25  			"us-east-2",
    26  			"eu-west-1",
    27  			"eu-west-2",
    28  			"eu-west-3",
    29  			"eu-north-1",
    30  			"us-west-1",
    31  			"us-west-2",
    32  			"ap-east-1",
    33  			"ap-south-1",
    34  			"ap-southeast-1",
    35  			"ap-southeast-2",
    36  			"ap-northeast-1",
    37  			"ap-northeast-2",
    38  			"ap-northeast-3",
    39  			"ca-central-1",
    40  			"sa-east-1",
    41  			"cn-north-1",
    42  			"cn-northwest-1",
    43  			"eu-central-1",
    44  			"me-south-1",
    45  		},
    46  	}
    47  }
    48  
    49  // Name returns the rule name
    50  func (r *AwsS3BucketInvalidRegionRule) Name() string {
    51  	return "aws_s3_bucket_invalid_region"
    52  }
    53  
    54  // Enabled returns whether the rule is enabled by default
    55  func (r *AwsS3BucketInvalidRegionRule) Enabled() bool {
    56  	return true
    57  }
    58  
    59  // Severity returns the rule severity
    60  func (r *AwsS3BucketInvalidRegionRule) Severity() string {
    61  	return tflint.ERROR
    62  }
    63  
    64  // Link returns the rule reference link
    65  func (r *AwsS3BucketInvalidRegionRule) Link() string {
    66  	return ""
    67  }
    68  
    69  // Check checks the pattern is valid
    70  func (r *AwsS3BucketInvalidRegionRule) Check(runner *tflint.Runner) error {
    71  	log.Printf("[TRACE] Check `%s` rule for `%s` runner", r.Name(), runner.TFConfigPath())
    72  
    73  	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
    74  		var val string
    75  		err := runner.EvaluateExpr(attribute.Expr, &val)
    76  
    77  		return runner.EnsureNoError(err, func() error {
    78  			found := false
    79  			for _, item := range r.enum {
    80  				if item == val {
    81  					found = true
    82  				}
    83  			}
    84  			if !found {
    85  				runner.EmitIssue(
    86  					r,
    87  					`region is not a valid value`,
    88  					attribute.Expr.Range(),
    89  				)
    90  			}
    91  			return nil
    92  		})
    93  	})
    94  }