From e14f29cc38bfd79196f9aaaafe2c4f87c67af153 Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Tue, 11 Nov 2025 18:38:33 -0800 Subject: [PATCH 1/9] Replace aws-sdk-ruby submodule with api-models-aws Switch from AWS SDK Ruby models to official Smithy API models repository. See: https://github.com/aws/api-models-aws Related to #893 --- .gitmodules | 6 +++--- rules/models/api-models-aws | 1 + rules/models/aws-sdk-ruby | 1 - 3 files changed, 4 insertions(+), 4 deletions(-) create mode 160000 rules/models/api-models-aws delete mode 160000 rules/models/aws-sdk-ruby diff --git a/.gitmodules b/.gitmodules index 007a596d..51ea732a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,3 @@ -[submodule "rules/models/aws-sdk-ruby"] - path = rules/models/aws-sdk-ruby - url = https://github.com/aws/aws-sdk-ruby +[submodule "rules/models/api-models-aws"] + path = rules/models/api-models-aws + url = https://github.com/aws/api-models-aws diff --git a/rules/models/api-models-aws b/rules/models/api-models-aws new file mode 160000 index 00000000..60019501 --- /dev/null +++ b/rules/models/api-models-aws @@ -0,0 +1 @@ +Subproject commit 6001950176aff870331143d801f46e648a7ccb34 diff --git a/rules/models/aws-sdk-ruby b/rules/models/aws-sdk-ruby deleted file mode 160000 index 537a53ec..00000000 --- a/rules/models/aws-sdk-ruby +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 537a53ec0d03c97ffabbe5d9d52aa51d8dbac7c9 From 6aaec687114e30668e423ab95451774a172a69c6 Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Tue, 11 Nov 2025 18:40:54 -0800 Subject: [PATCH 2/9] Add Smithy model support to generator - Implement Smithy shape converter to handle traits-based format - Add service namespace resolution for qualified shape lookups - Implement staged pattern transformation with practical compatibility - Handle both enum-as-trait and enum-as-type formats - Sort enum values for deterministic output Key design decisions: - Prioritize clean, documented pattern transforms over exhaustive mapping - Accept some breaking changes for simpler architecture - Maintain critical ARN and validation pattern compatibility --- rules/models/generator/main.go | 125 ++++++- rules/models/generator/rule.go | 78 +++- rules/models/mappings/access-analyzer.hcl | 2 +- rules/models/mappings/account.hcl | 2 +- rules/models/mappings/acm-pca.hcl | 2 +- rules/models/mappings/acm.hcl | 2 +- rules/models/mappings/amplify.hcl | 2 +- rules/models/mappings/apigateway.hcl | 2 +- rules/models/mappings/apigatewayv2.hcl | 2 +- rules/models/mappings/appconfig.hcl | 2 +- .../mappings/application-autoscaling.hcl | 2 +- rules/models/mappings/appmesh.hcl | 2 +- rules/models/mappings/apprunner.hcl | 2 +- rules/models/mappings/appstream.hcl | 2 +- rules/models/mappings/appsync.hcl | 2 +- rules/models/mappings/athena.hcl | 2 +- rules/models/mappings/autoscaling.hcl | 2 +- rules/models/mappings/backup.hcl | 2 +- rules/models/mappings/batch.hcl | 2 +- rules/models/mappings/budgets.hcl | 2 +- rules/models/mappings/cloud9.hcl | 2 +- rules/models/mappings/cloudformation.hcl | 2 +- rules/models/mappings/cloudfront.hcl | 2 +- rules/models/mappings/cloudhsmv2.hcl | 2 +- rules/models/mappings/cloudwatch-event.hcl | 2 +- rules/models/mappings/cloudwatch-log.hcl | 2 +- rules/models/mappings/cloudwatch-metric.hcl | 2 +- rules/models/mappings/codeartifact.hcl | 2 +- rules/models/mappings/codebuild.hcl | 2 +- rules/models/mappings/codecommit.hcl | 2 +- rules/models/mappings/codedeploy.hcl | 2 +- rules/models/mappings/codepipeline.hcl | 2 +- .../models/mappings/codestar-connections.hcl | 2 +- rules/models/mappings/cognito-identity.hcl | 2 +- rules/models/mappings/cognito-idp.hcl | 2 +- rules/models/mappings/config.hcl | 2 +- rules/models/mappings/connect.hcl | 2 +- rules/models/mappings/cur.hcl | 2 +- rules/models/mappings/datapipeline.hcl | 2 +- rules/models/mappings/datasync.hcl | 2 +- rules/models/mappings/dax.hcl | 2 +- rules/models/mappings/devicefarm.hcl | 2 +- rules/models/mappings/directconnect.hcl | 2 +- rules/models/mappings/directory-service.hcl | 2 +- rules/models/mappings/dlm.hcl | 2 +- rules/models/mappings/dms.hcl | 14 +- rules/models/mappings/docdb.hcl | 2 +- rules/models/mappings/dynamodb.hcl | 2 +- rules/models/mappings/ec2.hcl | 8 +- rules/models/mappings/ecr-public.hcl | 2 +- rules/models/mappings/ecr.hcl | 2 +- rules/models/mappings/ecs.hcl | 4 +- rules/models/mappings/efs.hcl | 2 +- rules/models/mappings/eks.hcl | 3 +- rules/models/mappings/elasticache.hcl | 2 +- rules/models/mappings/elasticbeanstalk.hcl | 2 +- rules/models/mappings/elasticsearch.hcl | 2 +- rules/models/mappings/elastictranscoder.hcl | 2 +- rules/models/mappings/elb.hcl | 2 +- rules/models/mappings/elbv2.hcl | 2 +- rules/models/mappings/emr.hcl | 2 +- rules/models/mappings/fms.hcl | 2 +- rules/models/mappings/fsx.hcl | 2 +- rules/models/mappings/gamelift.hcl | 2 +- rules/models/mappings/glacier.hcl | 2 +- rules/models/mappings/globalaccelerator.hcl | 2 +- rules/models/mappings/glue.hcl | 2 +- rules/models/mappings/guardduty.hcl | 4 +- rules/models/mappings/iam.hcl | 2 +- rules/models/mappings/imagebuilder.hcl | 2 +- rules/models/mappings/inspector.hcl | 2 +- rules/models/mappings/iot.hcl | 2 +- rules/models/mappings/kinesis-analytics.hcl | 2 +- rules/models/mappings/kinesis-firehose.hcl | 2 +- rules/models/mappings/kinesis.hcl | 2 +- rules/models/mappings/kinesisanalyticsv2.hcl | 2 +- rules/models/mappings/kms.hcl | 2 +- rules/models/mappings/lakeformation.hcl | 2 +- rules/models/mappings/lambda.hcl | 2 +- .../models/mappings/launch-configuration.hcl | 2 +- rules/models/mappings/license-manager.hcl | 2 +- rules/models/mappings/lightsail.hcl | 2 +- rules/models/mappings/macie2.hcl | 2 +- rules/models/mappings/mediapackage.hcl | 2 +- rules/models/mappings/mediastore.hcl | 2 +- rules/models/mappings/memorydb.hcl | 2 +- rules/models/mappings/mq.hcl | 2 +- rules/models/mappings/msk.hcl | 2 +- rules/models/mappings/neptune.hcl | 2 +- rules/models/mappings/network-firewall.hcl | 2 +- rules/models/mappings/opsworks.hcl | 347 ++++++++++++++++++ rules/models/mappings/organizations.hcl | 2 +- rules/models/mappings/pinpoint.hcl | 2 +- rules/models/mappings/prometheus.hcl | 2 +- rules/models/mappings/quicksight.hcl | 2 +- rules/models/mappings/ram.hcl | 2 +- rules/models/mappings/rds.hcl | 2 +- rules/models/mappings/redshift.hcl | 4 +- rules/models/mappings/resource-groups.hcl | 2 +- .../route53-recovery-control-config.hcl | 2 +- .../mappings/route53-recovery-readiness.hcl | 2 +- rules/models/mappings/route53-resolver.hcl | 2 +- rules/models/mappings/route53.hcl | 4 +- rules/models/mappings/s3.hcl | 2 +- rules/models/mappings/s3control.hcl | 2 +- rules/models/mappings/sagemaker.hcl | 2 +- rules/models/mappings/schemas.hcl | 2 +- rules/models/mappings/secretsmanager.hcl | 2 +- rules/models/mappings/securityhub.hcl | 2 +- rules/models/mappings/service-discovery.hcl | 2 +- rules/models/mappings/service-quotas.hcl | 2 +- rules/models/mappings/servicecatalog.hcl | 2 +- rules/models/mappings/ses.hcl | 2 +- rules/models/mappings/sfn.hcl | 2 +- rules/models/mappings/shield.hcl | 2 +- rules/models/mappings/signer.hcl | 2 +- rules/models/mappings/sns.hcl | 2 +- rules/models/mappings/sqs.hcl | 2 +- rules/models/mappings/ssm.hcl | 3 +- rules/models/mappings/sso-admin.hcl | 2 +- rules/models/mappings/storagegateway.hcl | 2 +- rules/models/mappings/swf.hcl | 2 +- rules/models/mappings/timestream-write.hcl | 2 +- rules/models/mappings/transfer.hcl | 2 +- rules/models/mappings/vpc.hcl | 3 +- rules/models/mappings/waf-regional.hcl | 2 +- rules/models/mappings/waf.hcl | 2 +- rules/models/mappings/wafv2.hcl | 2 +- rules/models/mappings/workspaces.hcl | 2 +- rules/models/mappings/xray.hcl | 2 +- 130 files changed, 684 insertions(+), 149 deletions(-) create mode 100644 rules/models/mappings/opsworks.hcl diff --git a/rules/models/generator/main.go b/rules/models/generator/main.go index 14468532..462094ff 100644 --- a/rules/models/generator/main.go +++ b/rules/models/generator/main.go @@ -9,6 +9,7 @@ import ( "os" "path/filepath" "sort" + "strings" hcl "github.com/hashicorp/hcl/v2" "github.com/hashicorp/hcl/v2/gohcl" @@ -80,7 +81,13 @@ func main() { if shapeName == "any" { continue } - model := shapes[shapeName].(map[string]interface{}) + + model := findShape(shapes, shapeName) + if model == nil { + fmt.Printf("Shape `%s` not found, skipping\n", shapeName) + continue + } + schema, err := fetchSchema(mapping.Resource, attribute, model, awsProvider) if err != nil { fmt.Fprintf(os.Stderr, "Error processing `%s.%s`: %v\n", mapping.Resource, attribute, err) @@ -153,3 +160,119 @@ func validMapping(model map[string]interface{}) bool { return false } } + +// findShape locates a shape in Smithy format with namespace-qualified lookup +func findShape(shapes map[string]interface{}, shapeName string) map[string]interface{} { + // Try with service namespace qualification (Smithy format) + serviceNamespace := extractServiceNamespace(shapes) + if serviceNamespace != "" { + qualifiedName := fmt.Sprintf("%s#%s", serviceNamespace, shapeName) + if shape, ok := shapes[qualifiedName]; ok { + return convertSmithyShape(shape.(map[string]interface{})) + } + } + + // Fallback to direct lookup (legacy format or unqualified shapes) + if shape, ok := shapes[shapeName]; ok { + if shapeMap, ok := shape.(map[string]interface{}); ok { + return shapeMap + } + } + + return nil +} + +// extractServiceNamespace extracts the namespace from the Smithy service definition +func extractServiceNamespace(shapes map[string]interface{}) string { + for shapeName, shape := range shapes { + if shapeMap, ok := shape.(map[string]interface{}); ok { + if shapeType, ok := shapeMap["type"].(string); ok && shapeType == "service" { + // Extract namespace from shape name (e.g., "com.amazonaws.acmpca#ACMPrivateCA") + if parts := strings.Split(shapeName, "#"); len(parts) == 2 { + return parts[0] + } + } + } + } + return "" +} + +// convertSmithyShape converts Smithy model format to internal format +// Smithy uses traits for metadata while our internal format uses direct fields +func convertSmithyShape(smithyShape map[string]interface{}) map[string]interface{} { + result := make(map[string]interface{}) + + // Copy type + if shapeType, ok := smithyShape["type"]; ok { + result["type"] = shapeType + } + + // Extract constraints and patterns from Smithy traits + if traits, ok := smithyShape["traits"].(map[string]interface{}); ok { + // Length constraints + if lengthTrait, ok := traits["smithy.api#length"].(map[string]interface{}); ok { + if min, ok := lengthTrait["min"]; ok { + result["min"] = min + } + if max, ok := lengthTrait["max"]; ok { + result["max"] = max + } + } + + // Pattern constraint + if pattern, ok := traits["smithy.api#pattern"].(string); ok { + result["pattern"] = pattern + } + + // Enum as trait (older Smithy style) + if enumTrait, ok := traits["smithy.api#enum"]; ok { + if enumList, ok := enumTrait.([]interface{}); ok { + enumValues := make([]string, 0, len(enumList)) + for _, enumItem := range enumList { + if enumMap, ok := enumItem.(map[string]interface{}); ok { + if value, ok := enumMap["value"].(string); ok { + enumValues = append(enumValues, value) + } + } + } + sort.Strings(enumValues) + result["enum"] = enumValues + } + } + } + + // Enum as type (newer Smithy style: type="enum" with members) + if shapeType, ok := smithyShape["type"].(string); ok && shapeType == "enum" { + if members, ok := smithyShape["members"].(map[string]interface{}); ok { + enumValues := make([]string, 0, len(members)) + + // Sort member names for deterministic ordering + memberNames := make([]string, 0, len(members)) + for memberName := range members { + memberNames = append(memberNames, memberName) + } + sort.Strings(memberNames) + + // Extract enum values + for _, memberName := range memberNames { + memberData := members[memberName] + enumValue := memberName + + // Check for explicit enumValue in traits + if memberMap, ok := memberData.(map[string]interface{}); ok { + if traits, ok := memberMap["traits"].(map[string]interface{}); ok { + if enumValueTrait, ok := traits["smithy.api#enumValue"].(string); ok { + enumValue = enumValueTrait + } + } + } + enumValues = append(enumValues, enumValue) + } + + result["enum"] = enumValues + result["type"] = "string" // Normalize enum type to string + } + } + + return result +} diff --git a/rules/models/generator/rule.go b/rules/models/generator/rule.go index 88c4a9dd..3c1772b2 100644 --- a/rules/models/generator/rule.go +++ b/rules/models/generator/rule.go @@ -88,12 +88,17 @@ func fetchNumber(model map[string]interface{}, key string) int { func fetchStrings(model map[string]interface{}, key string) []string { if raw, ok := model[key]; ok { - list := raw.([]interface{}) - ret := make([]string, len(list)) - for i, v := range list { - ret[i] = v.(string) + // Handle both []interface{} and []string for compatibility + switch v := raw.(type) { + case []interface{}: + ret := make([]string, len(v)) + for i, item := range v { + ret[i] = item.(string) + } + return ret + case []string: + return v } - return ret } return []string{} } @@ -109,14 +114,73 @@ func replacePattern(pattern string) string { if pattern == "" { return pattern } - reg := regexp.MustCompile(`\\u([0-9A-F]{4})`) - replaced := reg.ReplaceAllString(pattern, `\x{$1}`) + + // Handle placeholder patterns (documentation text, not validation patterns) + if pattern == "^See rules in parameter description$" { + return "" + } + + // Convert Unicode escapes from \uXXXX to \x{XXXX} format + unicodeEscapeRegex := regexp.MustCompile(`\\u([0-9A-F]{4})`) + replaced := unicodeEscapeRegex.ReplaceAllString(pattern, `\x{$1}`) + + // Fix incomplete patterns + if replaced == "^(?s)" { + return "^(?s).*$" + } + + // Handle patterns missing anchors if !strings.HasPrefix(replaced, "^") && !strings.HasSuffix(replaced, "$") { + if replaced == "\\S" { + return "^.*\\S.*$" + } return fmt.Sprintf("^%s$", replaced) } + + // Apply compatibility transforms to maintain backward compatibility with Ruby SDK + if transformed := applyCompatibilityTransforms(replaced); transformed != "" { + return transformed + } + return replaced } +func applyCompatibilityTransforms(pattern string) string { + // IAM role ARN patterns: Smithy models end at the role prefix (e.g., "role/") + // but Terraform configurations include role paths (e.g., "role/my-app/my-role"). + // Add .* suffix to match the role name/path after the prefix. + arnRolePatterns := map[string]string{ + "^arn:aws:iam::[0-9]*:role/": "^arn:aws:iam::[0-9]*:role/.*$", + "^arn:aws:iam::\\d{12}:role/": "^arn:aws:iam::\\d{12}:role/.*$", + "^arn:aws(-[\\w]+)*:iam::[0-9]{12}:role/": "^arn:aws(-[\\w]+)*:iam::[0-9]{12}:role/.*$", + "^arn:aws(-[a-z]{1,3}){0,2}:iam::\\d+:role/": "^arn:aws(-[a-z]{1,3}){0,2}:iam::\\d+:role/.*$", + } + + // Cognito SMS authentication messages: The {####} placeholder must appear + // within a message, not be the entire message. Transform from matching + // literal "{####}" to matching any message containing "{####}". + // Example valid message: "Your code is {####}. Do not share it." + cognitoMessagePatterns := map[string]string{ + "^\\{####\\}$": "^.*\\{####\\}.*$", + } + + // WorkSpaces directory IDs: Smithy pattern has redundant end anchors ($) + // inside each alternation branch AND at the end of the pattern. + // Pattern "(foo$)|(bar$)$" is equivalent to "(foo)|(bar)" when the outer + // anchors are present. Remove inner anchors for cleaner regex. + workspacesDirectoryPatterns := map[string]string{ + "^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)$": "(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)", + } + + for _, transforms := range []map[string]string{arnRolePatterns, cognitoMessagePatterns, workspacesDirectoryPatterns} { + if transformed, exists := transforms[pattern]; exists { + return transformed + } + } + + return "" +} + func formatTest(body string) string { if strings.Contains(body, "\n") { return fmt.Sprintf("< Date: Tue, 11 Nov 2025 19:00:35 -0800 Subject: [PATCH 3/9] Remove deprecated attributes and generate rules from Smithy models - Remove deprecated attributes no longer in Terraform AWS provider: - aws_instance: cpu_core_count, cpu_threads_per_core - aws_launch_template: elastic_inference_accelerator, elastic_gpu_specifications - aws_spot_instance_request: block_duration_minutes - aws_eks_addon: resolve_conflicts - aws_redshift_cluster: snapshot_copy, logging (block types) - aws_ssm_association: instance_id - aws_flow_log: log_group_name - aws_eip: vpc - aws_dms_endpoint: s3_settings (block type) - Remove entire opsworks.hcl mapping (all OpsWorks resources removed from provider) - Successfully generate all rule files from Smithy API models - New rules added: aws_ecs_account_setting_default, aws_guardduty_member, aws_route53_record_invalid_zone_id - All enum values now alphabetically sorted for deterministic output --- docs/rules/README.md | 11 +- ...ws_accessanalyzer_analyzer_invalid_type.go | 6 +- ...a_certificate_invalid_signing_algorithm.go | 7 +- .../models/aws_alb_invalid_ip_address_type.go | 2 +- .../aws_alb_invalid_load_balancer_type.go | 2 +- .../aws_alb_listener_invalid_protocol.go | 4 +- .../aws_alb_target_group_invalid_protocol.go | 4 +- ...ws_alb_target_group_invalid_target_type.go | 2 +- rules/models/aws_ami_invalid_architecture.go | 4 +- .../aws_amplify_app_invalid_platform.go | 2 +- .../aws_amplify_branch_invalid_stage.go | 2 +- ...aws_api_gateway_authorizer_invalid_type.go | 4 +- ..._gateway_response_invalid_response_type.go | 26 +- ...ws_api_gateway_integration_invalid_type.go | 6 +- ...gateway_rest_api_invalid_api_key_source.go | 2 +- ...ateway_stage_invalid_cache_cluster_size.go | 8 +- ..._apigatewayv2_api_invalid_protocol_type.go | 2 +- ...ayv2_authorizer_invalid_authorizer_type.go | 2 +- ...v2_integration_invalid_integration_type.go | 4 +- ...ntegration_invalid_passthrough_behavior.go | 2 +- ...ewayv2_route_invalid_authorization_type.go | 2 +- ...pautoscaling_policy_invalid_policy_type.go | 2 +- ...aling_policy_invalid_scalable_dimension.go | 30 +- ...caling_policy_invalid_service_namespace.go | 20 +- ...duled_action_invalid_scalable_dimension.go | 30 +- ...eduled_action_invalid_service_namespace.go | 20 +- ...aling_target_invalid_scalable_dimension.go | 30 +- ...caling_target_invalid_service_namespace.go | 20 +- ...deployment_strategy_invalid_growth_type.go | 2 +- ...runner_connection_invalid_provider_type.go | 2 +- .../aws_appstream_fleet_invalid_fleet_type.go | 2 +- ...stream_user_invalid_authentication_type.go | 2 +- ...association_invalid_authentication_type.go | 2 +- .../aws_appsync_datasource_invalid_type.go | 10 +- ...graphql_api_invalid_authentication_type.go | 4 +- .../aws_athena_workgroup_invalid_state.go | 2 +- ...batch_compute_environment_invalid_state.go | 2 +- .../aws_batch_job_queue_invalid_state.go | 2 +- .../aws_budgets_budget_invalid_budget_type.go | 6 +- .../aws_budgets_budget_invalid_time_unit.go | 4 +- ...cloudformation_stack_invalid_on_failure.go | 2 +- ...front_distribution_invalid_http_version.go | 2 +- ...dfront_distribution_invalid_price_class.go | 2 +- ...ent_api_destination_invalid_http_method.go | 6 +- ...t_connection_invalid_authorization_type.go | 2 +- ...ubscription_filter_invalid_distribution.go | 2 +- ...etric_alarm_invalid_comparison_operator.go | 6 +- ...oudwatch_metric_alarm_invalid_namespace.go | 4 +- ...tch_metric_alarm_invalid_namespace_test.go | 2 +- ...oudwatch_metric_alarm_invalid_statistic.go | 6 +- ...ws_cloudwatch_metric_alarm_invalid_unit.go | 42 +- ...aws_codebuild_report_group_invalid_type.go | 2 +- ...ild_source_credential_invalid_auth_type.go | 4 +- ...d_source_credential_invalid_server_type.go | 2 +- ...codedeploy_app_invalid_compute_platform.go | 4 +- ...loyment_config_invalid_compute_platform.go | 4 +- ...identity_provider_invalid_provider_type.go | 4 +- ...pool_invalid_sms_authentication_message.go | 4 +- ...invalid_sms_authentication_message_test.go | 2 +- ...r_pool_invalid_sms_verification_message.go | 4 +- ...l_invalid_sms_verification_message_test.go | 2 +- ...ule_invalid_maximum_execution_frequency.go | 2 +- ...onformance_pack_invalid_template_s3_uri.go | 4 +- ...onformance_pack_invalid_template_s3_uri.go | 4 +- ...ule_invalid_maximum_execution_frequency.go | 2 +- ...ule_invalid_maximum_execution_frequency.go | 2 +- .../aws_connect_contact_flow_invalid_type.go | 10 +- ...stance_invalid_identity_management_type.go | 2 +- ...r_report_definition_invalid_compression.go | 2 +- ...cur_report_definition_invalid_s3_region.go | 38 +- ...cur_report_definition_invalid_time_unit.go | 2 +- ...s_db_proxy_endpoint_invalid_target_role.go | 2 +- ...icefarm_device_pool_invalid_project_arn.go | 4 +- ...arm_network_profile_invalid_project_arn.go | 4 +- ...s_devicefarm_upload_invalid_project_arn.go | 4 +- .../aws_devicefarm_upload_invalid_type.go | 32 +- ...ctory_service_directory_invalid_edition.go | 2 +- ...irectory_service_directory_invalid_size.go | 2 +- ...irectory_service_directory_invalid_type.go | 2 +- .../aws_dlm_lifecycle_policy_invalid_state.go | 2 +- ...replication_task_invalid_migration_type.go | 2 +- ...aws_dynamodb_table_invalid_billing_mode.go | 2 +- rules/models/aws_ebs_volume_invalid_type.go | 6 +- ...bility_zone_group_invalid_opt_in_status.go | 2 +- ...acity_reservation_invalid_end_date_type.go | 2 +- ...y_reservation_invalid_instance_platform.go | 20 +- ...c2_capacity_reservation_invalid_tenancy.go | 2 +- rules/models/aws_ec2_fleet_invalid_type.go | 4 +- .../aws_ec2_host_invalid_auto_placement.go | 2 +- .../aws_ec2_host_invalid_host_recovery.go | 2 +- ...dr_reservation_invalid_reservation_type.go | 2 +- ...r_filter_rule_invalid_traffic_direction.go | 2 +- ..._invalid_auto_accept_shared_attachments.go | 2 +- ...invalid_default_route_table_association.go | 2 +- ...invalid_default_route_table_propagation.go | 2 +- ...ec2_transit_gateway_invalid_dns_support.go | 2 +- ...eway_vpc_attachment_invalid_dns_support.go | 2 +- ...way_vpc_attachment_invalid_ipv6_support.go | 2 +- ...cs_account_setting_default_invalid_name.go | 103 + .../aws_ecs_service_invalid_launch_type.go | 2 +- .../aws_ecs_service_invalid_propagate_tags.go | 4 +- ...ecs_service_invalid_scheduling_strategy.go | 2 +- ...ws_ecs_task_definition_invalid_ipc_mode.go | 2 +- ...cs_task_definition_invalid_network_mode.go | 2 +- .../aws_ecs_task_set_invalid_launch_type.go | 2 +- ...efs_file_system_invalid_throughput_mode.go | 2 +- .../aws_eks_addon_invalid_cluster_name.go | 4 +- rules/models/aws_eks_cluster_invalid_name.go | 4 +- .../aws_eks_cluster_invalid_name_test.go | 2 +- .../aws_eks_node_group_invalid_ami_type.go | 20 +- ...ws_eks_node_group_invalid_capacity_type.go | 2 +- ...aws_elasticache_cluster_invalid_az_mode.go | 2 +- .../aws_emr_studio_invalid_auth_mode.go | 2 +- ...o_session_mapping_invalid_identity_type.go | 2 +- ...s_flow_log_invalid_log_destination_type.go | 2 +- .../aws_flow_log_invalid_traffic_type.go | 2 +- ...tap_file_system_invalid_deployment_type.go | 2 +- ...hine_invalid_root_volume_security_style.go | 4 +- ...fsx_ontap_volume_invalid_security_style.go | 4 +- ...zfs_file_system_invalid_deployment_type.go | 2 +- ...penzfs_file_system_invalid_storage_type.go | 2 +- ...fs_volume_invalid_data_compression_type.go | 2 +- ...gamelift_build_invalid_operating_system.go | 5 +- .../aws_gamelift_fleet_invalid_build_id.go | 4 +- ...amelift_fleet_invalid_ec2_instance_type.go | 856 ++++----- ...alid_new_game_session_protection_policy.go | 2 +- ...tor_accelerator_invalid_ip_address_type.go | 2 +- ...int_group_invalid_health_check_protocol.go | 2 +- ...s_glue_dev_endpoint_invalid_worker_type.go | 4 +- ...s_glue_ml_transform_invalid_worker_type.go | 4 +- ...e_resource_policy_invalid_enable_hybrid.go | 2 +- .../aws_glue_schema_invalid_compatibility.go | 4 +- rules/models/aws_glue_trigger_invalid_type.go | 4 +- ...ser_defined_function_invalid_owner_type.go | 4 +- .../aws_guardduty_filter_invalid_action.go | 2 +- .../aws_guardduty_ipset_invalid_format.go | 8 +- .../aws_guardduty_member_invalid_email.go | 93 + ...guardduty_threatintelset_invalid_format.go | 8 +- .../aws_iam_access_key_invalid_status.go | 2 +- .../aws_iam_user_ssh_key_invalid_encoding.go | 2 +- .../aws_iam_user_ssh_key_invalid_status.go | 2 +- ...imagebuilder_component_invalid_platform.go | 2 +- rules/models/aws_instance_invalid_tenancy.go | 2 +- rules/models/aws_instance_invalid_type.go | 1673 +++++++++-------- ..._kinesis_stream_invalid_encryption_type.go | 2 +- ...application_invalid_runtime_environment.go | 12 +- ...lication_invalid_service_execution_role.go | 4 +- rules/models/aws_kms_key_invalid_key_usage.go | 2 +- ...ource_mapping_invalid_starting_position.go | 4 +- .../aws_lambda_function_invalid_runtime.go | 58 +- .../aws_launch_configuration_invalid_type.go | 1673 +++++++++-------- ...s_launch_template_invalid_instance_type.go | 1673 +++++++++-------- .../models/aws_lb_invalid_ip_address_type.go | 2 +- .../aws_lb_invalid_load_balancer_type.go | 2 +- .../aws_lb_listener_invalid_protocol.go | 4 +- .../aws_lb_target_group_invalid_protocol.go | 4 +- ...aws_lb_target_group_invalid_target_type.go | 2 +- ...iguration_invalid_license_counting_type.go | 4 +- .../aws_macie2_account_invalid_status.go | 2 +- ...2_classification_job_invalid_job_status.go | 4 +- .../aws_mq_broker_invalid_deployment_mode.go | 2 +- ...ll_firewall_invalid_firewall_policy_arn.go | 4 +- ...ging_configuration_invalid_firewall_arn.go | 4 +- ...ll_resource_policy_invalid_resource_arn.go | 4 +- ...networkfirewall_rule_group_invalid_type.go | 2 +- .../aws_organizations_policy_invalid_type.go | 8 +- .../aws_placement_group_invalid_strategy.go | 2 +- ...manager_definition_invalid_workspace_id.go | 4 +- ...theus_rule_group_namespace_invalid_name.go | 4 +- ...le_group_namespace_invalid_workspace_id.go | 4 +- ...aws_quicksight_data_source_invalid_type.go | 26 +- ...s_quicksight_user_invalid_identity_type.go | 2 +- .../aws_quicksight_user_invalid_user_role.go | 6 +- ...h_check_invalid_cloudwatch_alarm_region.go | 62 +- ...invalid_insufficient_data_health_status.go | 2 +- .../aws_route53_health_check_invalid_type.go | 8 +- .../models/aws_route53_record_invalid_type.go | 18 +- .../aws_route53_record_invalid_zone_id.go | 84 + ...e53_resolver_endpoint_invalid_direction.go | 2 +- ...ewall_config_invalid_firewall_fail_open.go | 2 +- ...association_invalid_mutation_protection.go | 2 +- ...3_resolver_firewall_rule_invalid_action.go | 2 +- ...route53_resolver_rule_invalid_rule_type.go | 4 +- ...e53_zone_association_invalid_vpc_region.go | 66 +- ...nt_tiering_configuration_invalid_status.go | 2 +- .../aws_s3_bucket_invalid_request_payer.go | 2 +- .../aws_s3_bucket_object_invalid_acl.go | 8 +- ..._s3_bucket_object_invalid_storage_class.go | 18 +- .../models/aws_s3_object_copy_invalid_acl.go | 8 +- ...y_invalid_object_lock_legal_hold_status.go | 2 +- ...s3_object_copy_invalid_object_lock_mode.go | 2 +- ...ws_s3_object_copy_invalid_storage_class.go | 18 +- .../aws_sagemaker_app_invalid_app_type.go | 12 +- .../aws_sagemaker_domain_invalid_auth_mode.go | 2 +- ...notebook_instance_invalid_instance_type.go | 282 +-- ...nvalid_studio_lifecycle_config_app_type.go | 4 +- .../models/aws_schemas_schema_invalid_type.go | 1 + ...tandards_control_invalid_control_status.go | 2 +- ...esource_association_invalid_resource_id.go | 4 +- ...catalog_constraint_invalid_portfolio_id.go | 4 +- ...cecatalog_constraint_invalid_product_id.go | 4 +- ...og_portfolio_share_invalid_portfolio_id.go | 4 +- ...og_portfolio_share_invalid_principal_id.go | 4 +- ...tfolio_association_invalid_portfolio_id.go | 4 +- ...aws_servicecatalog_product_invalid_type.go | 4 +- ...tfolio_association_invalid_portfolio_id.go | 4 +- ...ortfolio_association_invalid_product_id.go | 4 +- ...association_invalid_source_portfolio_id.go | 4 +- ...log_provisioned_product_invalid_path_id.go | 4 +- ..._provisioned_product_invalid_product_id.go | 4 +- ...roduct_invalid_provisioning_artifact_id.go | 4 +- ...rovisioning_artifact_invalid_product_id.go | 4 +- ...alog_provisioning_artifact_invalid_type.go | 4 +- ...vicecatalog_service_action_invalid_name.go | 4 +- ...ail_from_invalid_behavior_on_mx_failure.go | 2 +- .../aws_ses_receipt_filter_invalid_policy.go | 2 +- ...aws_ses_receipt_rule_invalid_tls_policy.go | 2 +- ...ld_protection_group_invalid_aggregation.go | 4 +- ..._protection_group_invalid_resource_type.go | 6 +- ..._shield_protection_invalid_resource_arn.go | 4 +- ...signer_signing_job_invalid_profile_name.go | 4 +- ...aws_signer_signing_profile_invalid_name.go | 4 +- ...profile_permission_invalid_profile_name.go | 4 +- ...eet_request_invalid_allocation_strategy.go | 4 +- ...s_spot_fleet_request_invalid_fleet_type.go | 4 +- ...association_invalid_compliance_severity.go | 2 +- ...ws_ssm_document_invalid_document_format.go | 2 +- .../aws_ssm_document_invalid_document_type.go | 20 +- ...intenance_window_task_invalid_task_type.go | 4 +- .../models/aws_ssm_parameter_invalid_tier.go | 2 +- .../models/aws_ssm_parameter_invalid_type.go | 2 +- ...valid_approved_patches_compliance_level.go | 4 +- ...patch_baseline_invalid_operating_system.go | 14 +- ...count_assignment_invalid_principal_type.go | 2 +- ...teway_nfs_file_share_invalid_object_acl.go | 8 +- ...teway_smb_file_share_invalid_object_acl.go | 8 +- ...sfer_access_invalid_home_directory_type.go | 2 +- ...r_server_invalid_identity_provider_type.go | 2 +- ..._vpc_endpoint_invalid_vpc_endpoint_type.go | 2 +- .../aws_vpc_invalid_instance_tenancy.go | 2 +- ...rkspaces_directory_invalid_directory_id.go | 4 +- ...rkspaces_workspace_invalid_directory_id.go | 4 +- ...aws_xray_encryption_config_invalid_type.go | 2 +- rules/models/mappings/dms.hcl | 1 - rules/models/mappings/ec2.hcl | 6 - rules/models/mappings/eks.hcl | 1 - rules/models/mappings/opsworks.hcl | 347 ---- rules/models/mappings/redshift.hcl | 2 - rules/models/mappings/ssm.hcl | 1 - rules/models/mappings/vpc.hcl | 1 - rules/models/provider.go | 11 +- 251 files changed, 4052 insertions(+), 4097 deletions(-) create mode 100644 rules/models/aws_ecs_account_setting_default_invalid_name.go create mode 100644 rules/models/aws_guardduty_member_invalid_email.go create mode 100644 rules/models/aws_route53_record_invalid_zone_id.go delete mode 100644 rules/models/mappings/opsworks.hcl diff --git a/docs/rules/README.md b/docs/rules/README.md index 45acb48d..04a9b022 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -517,14 +517,6 @@ These rules enforce best practices and naming conventions: |aws_dms_endpoint_invalid_endpoint_type|✔| |aws_dms_endpoint_invalid_ssl_mode|✔| |aws_dms_replication_task_invalid_migration_type|✔| -|aws_dms_s3_endpoint_invalid_canned_acl_for_objects|✔| -|aws_dms_s3_endpoint_invalid_compression_type|✔| -|aws_dms_s3_endpoint_invalid_data_format|✔| -|aws_dms_s3_endpoint_invalid_date_partition_delimiter|✔| -|aws_dms_s3_endpoint_invalid_date_partition_sequence|✔| -|aws_dms_s3_endpoint_invalid_encoding_type|✔| -|aws_dms_s3_endpoint_invalid_encryption_mode|✔| -|aws_dms_s3_endpoint_invalid_parquet_version|✔| |aws_docdb_global_cluster_invalid_global_cluster_identifier|✔| |aws_dx_bgp_peer_invalid_address_family|✔| |aws_dx_hosted_private_virtual_interface_invalid_address_family|✔| @@ -574,6 +566,7 @@ These rules enforce best practices and naming conventions: |aws_ecrpublic_repository_invalid_repository_name|✔| |aws_ecrpublic_repository_policy_invalid_policy|✔| |aws_ecrpublic_repository_policy_invalid_repository_name|✔| +|aws_ecs_account_setting_default_invalid_name|✔| |aws_ecs_service_invalid_launch_type|✔| |aws_ecs_service_invalid_propagate_tags|✔| |aws_ecs_service_invalid_scheduling_strategy|✔| @@ -713,6 +706,7 @@ These rules enforce best practices and naming conventions: |aws_guardduty_ipset_invalid_location|✔| |aws_guardduty_ipset_invalid_name|✔| |aws_guardduty_member_invalid_detector_id|✔| +|aws_guardduty_member_invalid_email|✔| |aws_guardduty_organization_configuration_invalid_detector_id|✔| |aws_guardduty_publishing_destination_invalid_destination_type|✔| |aws_guardduty_publishing_destination_invalid_detector_id|✔| @@ -1023,6 +1017,7 @@ These rules enforce best practices and naming conventions: |aws_route53_record_invalid_name|✔| |aws_route53_record_invalid_set_identifier|✔| |aws_route53_record_invalid_type|✔| +|aws_route53_record_invalid_zone_id|✔| |aws_route53_resolver_dnssec_config_invalid_resource_id|✔| |aws_route53_resolver_endpoint_invalid_direction|✔| |aws_route53_resolver_firewall_config_invalid_firewall_fail_open|✔| diff --git a/rules/models/aws_accessanalyzer_analyzer_invalid_type.go b/rules/models/aws_accessanalyzer_analyzer_invalid_type.go index 06bba8f8..a35542f8 100644 --- a/rules/models/aws_accessanalyzer_analyzer_invalid_type.go +++ b/rules/models/aws_accessanalyzer_analyzer_invalid_type.go @@ -26,11 +26,11 @@ func NewAwsAccessanalyzerAnalyzerInvalidTypeRule() *AwsAccessanalyzerAnalyzerInv attributeName: "type", enum: []string{ "ACCOUNT", - "ORGANIZATION", - "ACCOUNT_UNUSED_ACCESS", - "ORGANIZATION_UNUSED_ACCESS", "ACCOUNT_INTERNAL_ACCESS", + "ACCOUNT_UNUSED_ACCESS", + "ORGANIZATION", "ORGANIZATION_INTERNAL_ACCESS", + "ORGANIZATION_UNUSED_ACCESS", }, } } diff --git a/rules/models/aws_acmpca_certificate_invalid_signing_algorithm.go b/rules/models/aws_acmpca_certificate_invalid_signing_algorithm.go index 89b3377f..f55f3b23 100644 --- a/rules/models/aws_acmpca_certificate_invalid_signing_algorithm.go +++ b/rules/models/aws_acmpca_certificate_invalid_signing_algorithm.go @@ -25,11 +25,14 @@ func NewAwsAcmpcaCertificateInvalidSigningAlgorithmRule() *AwsAcmpcaCertificateI resourceType: "aws_acmpca_certificate", attributeName: "signing_algorithm", enum: []string{ + "ML_DSA_44", + "ML_DSA_65", + "ML_DSA_87", "SHA256WITHECDSA", - "SHA384WITHECDSA", - "SHA512WITHECDSA", "SHA256WITHRSA", + "SHA384WITHECDSA", "SHA384WITHRSA", + "SHA512WITHECDSA", "SHA512WITHRSA", "SM3WITHSM2", }, diff --git a/rules/models/aws_alb_invalid_ip_address_type.go b/rules/models/aws_alb_invalid_ip_address_type.go index d5907510..577d533a 100644 --- a/rules/models/aws_alb_invalid_ip_address_type.go +++ b/rules/models/aws_alb_invalid_ip_address_type.go @@ -25,9 +25,9 @@ func NewAwsALBInvalidIPAddressTypeRule() *AwsALBInvalidIPAddressTypeRule { resourceType: "aws_alb", attributeName: "ip_address_type", enum: []string{ - "ipv4", "dualstack", "dualstack-without-public-ipv4", + "ipv4", }, } } diff --git a/rules/models/aws_alb_invalid_load_balancer_type.go b/rules/models/aws_alb_invalid_load_balancer_type.go index 7a8dba5c..4df2d619 100644 --- a/rules/models/aws_alb_invalid_load_balancer_type.go +++ b/rules/models/aws_alb_invalid_load_balancer_type.go @@ -26,8 +26,8 @@ func NewAwsALBInvalidLoadBalancerTypeRule() *AwsALBInvalidLoadBalancerTypeRule { attributeName: "load_balancer_type", enum: []string{ "application", - "network", "gateway", + "network", }, } } diff --git a/rules/models/aws_alb_listener_invalid_protocol.go b/rules/models/aws_alb_listener_invalid_protocol.go index d78eea17..96295964 100644 --- a/rules/models/aws_alb_listener_invalid_protocol.go +++ b/rules/models/aws_alb_listener_invalid_protocol.go @@ -25,13 +25,13 @@ func NewAwsALBListenerInvalidProtocolRule() *AwsALBListenerInvalidProtocolRule { resourceType: "aws_alb_listener", attributeName: "protocol", enum: []string{ + "GENEVE", "HTTP", "HTTPS", "TCP", + "TCP_UDP", "TLS", "UDP", - "TCP_UDP", - "GENEVE", }, } } diff --git a/rules/models/aws_alb_target_group_invalid_protocol.go b/rules/models/aws_alb_target_group_invalid_protocol.go index 7661d626..c312fc89 100644 --- a/rules/models/aws_alb_target_group_invalid_protocol.go +++ b/rules/models/aws_alb_target_group_invalid_protocol.go @@ -25,13 +25,13 @@ func NewAwsALBTargetGroupInvalidProtocolRule() *AwsALBTargetGroupInvalidProtocol resourceType: "aws_alb_target_group", attributeName: "protocol", enum: []string{ + "GENEVE", "HTTP", "HTTPS", "TCP", + "TCP_UDP", "TLS", "UDP", - "TCP_UDP", - "GENEVE", }, } } diff --git a/rules/models/aws_alb_target_group_invalid_target_type.go b/rules/models/aws_alb_target_group_invalid_target_type.go index 4129a4c4..f27e379f 100644 --- a/rules/models/aws_alb_target_group_invalid_target_type.go +++ b/rules/models/aws_alb_target_group_invalid_target_type.go @@ -25,10 +25,10 @@ func NewAwsALBTargetGroupInvalidTargetTypeRule() *AwsALBTargetGroupInvalidTarget resourceType: "aws_alb_target_group", attributeName: "target_type", enum: []string{ + "alb", "instance", "ip", "lambda", - "alb", }, } } diff --git a/rules/models/aws_ami_invalid_architecture.go b/rules/models/aws_ami_invalid_architecture.go index 5be1a72d..6b4c9952 100644 --- a/rules/models/aws_ami_invalid_architecture.go +++ b/rules/models/aws_ami_invalid_architecture.go @@ -25,11 +25,11 @@ func NewAwsAMIInvalidArchitectureRule() *AwsAMIInvalidArchitectureRule { resourceType: "aws_ami", attributeName: "architecture", enum: []string{ + "arm64", + "arm64_mac", "i386", "x86_64", - "arm64", "x86_64_mac", - "arm64_mac", }, } } diff --git a/rules/models/aws_amplify_app_invalid_platform.go b/rules/models/aws_amplify_app_invalid_platform.go index 84fcb12b..0b359236 100644 --- a/rules/models/aws_amplify_app_invalid_platform.go +++ b/rules/models/aws_amplify_app_invalid_platform.go @@ -26,8 +26,8 @@ func NewAwsAmplifyAppInvalidPlatformRule() *AwsAmplifyAppInvalidPlatformRule { attributeName: "platform", enum: []string{ "WEB", - "WEB_DYNAMIC", "WEB_COMPUTE", + "WEB_DYNAMIC", }, } } diff --git a/rules/models/aws_amplify_branch_invalid_stage.go b/rules/models/aws_amplify_branch_invalid_stage.go index 5d40bdff..3a17c26b 100644 --- a/rules/models/aws_amplify_branch_invalid_stage.go +++ b/rules/models/aws_amplify_branch_invalid_stage.go @@ -25,10 +25,10 @@ func NewAwsAmplifyBranchInvalidStageRule() *AwsAmplifyBranchInvalidStageRule { resourceType: "aws_amplify_branch", attributeName: "stage", enum: []string{ - "PRODUCTION", "BETA", "DEVELOPMENT", "EXPERIMENTAL", + "PRODUCTION", "PULL_REQUEST", }, } diff --git a/rules/models/aws_api_gateway_authorizer_invalid_type.go b/rules/models/aws_api_gateway_authorizer_invalid_type.go index c18ca69b..1df792f8 100644 --- a/rules/models/aws_api_gateway_authorizer_invalid_type.go +++ b/rules/models/aws_api_gateway_authorizer_invalid_type.go @@ -25,9 +25,9 @@ func NewAwsAPIGatewayAuthorizerInvalidTypeRule() *AwsAPIGatewayAuthorizerInvalid resourceType: "aws_api_gateway_authorizer", attributeName: "type", enum: []string{ - "TOKEN", - "REQUEST", "COGNITO_USER_POOLS", + "REQUEST", + "TOKEN", }, } } diff --git a/rules/models/aws_api_gateway_gateway_response_invalid_response_type.go b/rules/models/aws_api_gateway_gateway_response_invalid_response_type.go index f07d46ad..3c072ee9 100644 --- a/rules/models/aws_api_gateway_gateway_response_invalid_response_type.go +++ b/rules/models/aws_api_gateway_gateway_response_invalid_response_type.go @@ -25,26 +25,26 @@ func NewAwsAPIGatewayGatewayResponseInvalidResponseTypeRule() *AwsAPIGatewayGate resourceType: "aws_api_gateway_gateway_response", attributeName: "response_type", enum: []string{ - "DEFAULT_4XX", - "DEFAULT_5XX", - "RESOURCE_NOT_FOUND", - "UNAUTHORIZED", - "INVALID_API_KEY", "ACCESS_DENIED", - "AUTHORIZER_FAILURE", + "API_CONFIGURATION_ERROR", "AUTHORIZER_CONFIGURATION_ERROR", - "INVALID_SIGNATURE", + "AUTHORIZER_FAILURE", + "BAD_REQUEST_BODY", + "BAD_REQUEST_PARAMETERS", + "DEFAULT_4XX", + "DEFAULT_5XX", "EXPIRED_TOKEN", - "MISSING_AUTHENTICATION_TOKEN", "INTEGRATION_FAILURE", "INTEGRATION_TIMEOUT", - "API_CONFIGURATION_ERROR", - "UNSUPPORTED_MEDIA_TYPE", - "BAD_REQUEST_PARAMETERS", - "BAD_REQUEST_BODY", + "INVALID_API_KEY", + "INVALID_SIGNATURE", + "MISSING_AUTHENTICATION_TOKEN", + "QUOTA_EXCEEDED", "REQUEST_TOO_LARGE", + "RESOURCE_NOT_FOUND", "THROTTLED", - "QUOTA_EXCEEDED", + "UNAUTHORIZED", + "UNSUPPORTED_MEDIA_TYPE", "WAF_FILTERED", }, } diff --git a/rules/models/aws_api_gateway_integration_invalid_type.go b/rules/models/aws_api_gateway_integration_invalid_type.go index 795c60d1..633dae39 100644 --- a/rules/models/aws_api_gateway_integration_invalid_type.go +++ b/rules/models/aws_api_gateway_integration_invalid_type.go @@ -25,11 +25,11 @@ func NewAwsAPIGatewayIntegrationInvalidTypeRule() *AwsAPIGatewayIntegrationInval resourceType: "aws_api_gateway_integration", attributeName: "type", enum: []string{ - "HTTP", "AWS", - "MOCK", - "HTTP_PROXY", "AWS_PROXY", + "HTTP", + "HTTP_PROXY", + "MOCK", }, } } diff --git a/rules/models/aws_api_gateway_rest_api_invalid_api_key_source.go b/rules/models/aws_api_gateway_rest_api_invalid_api_key_source.go index 3cdaa272..610d504b 100644 --- a/rules/models/aws_api_gateway_rest_api_invalid_api_key_source.go +++ b/rules/models/aws_api_gateway_rest_api_invalid_api_key_source.go @@ -25,8 +25,8 @@ func NewAwsAPIGatewayRestAPIInvalidAPIKeySourceRule() *AwsAPIGatewayRestAPIInval resourceType: "aws_api_gateway_rest_api", attributeName: "api_key_source", enum: []string{ - "HEADER", "AUTHORIZER", + "HEADER", }, } } diff --git a/rules/models/aws_api_gateway_stage_invalid_cache_cluster_size.go b/rules/models/aws_api_gateway_stage_invalid_cache_cluster_size.go index 61c1a6f8..25839e1c 100644 --- a/rules/models/aws_api_gateway_stage_invalid_cache_cluster_size.go +++ b/rules/models/aws_api_gateway_stage_invalid_cache_cluster_size.go @@ -26,13 +26,13 @@ func NewAwsAPIGatewayStageInvalidCacheClusterSizeRule() *AwsAPIGatewayStageInval attributeName: "cache_cluster_size", enum: []string{ "0.5", - "1.6", - "6.1", + "118", "13.5", + "1.6", + "237", "28.4", "58.2", - "118", - "237", + "6.1", }, } } diff --git a/rules/models/aws_apigatewayv2_api_invalid_protocol_type.go b/rules/models/aws_apigatewayv2_api_invalid_protocol_type.go index bbb205a0..a81b7466 100644 --- a/rules/models/aws_apigatewayv2_api_invalid_protocol_type.go +++ b/rules/models/aws_apigatewayv2_api_invalid_protocol_type.go @@ -25,8 +25,8 @@ func NewAwsApigatewayv2APIInvalidProtocolTypeRule() *AwsApigatewayv2APIInvalidPr resourceType: "aws_apigatewayv2_api", attributeName: "protocol_type", enum: []string{ - "WEBSOCKET", "HTTP", + "WEBSOCKET", }, } } diff --git a/rules/models/aws_apigatewayv2_authorizer_invalid_authorizer_type.go b/rules/models/aws_apigatewayv2_authorizer_invalid_authorizer_type.go index 7b73345f..c76da511 100644 --- a/rules/models/aws_apigatewayv2_authorizer_invalid_authorizer_type.go +++ b/rules/models/aws_apigatewayv2_authorizer_invalid_authorizer_type.go @@ -25,8 +25,8 @@ func NewAwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule() *AwsApigatewayv2Aut resourceType: "aws_apigatewayv2_authorizer", attributeName: "authorizer_type", enum: []string{ - "REQUEST", "JWT", + "REQUEST", }, } } diff --git a/rules/models/aws_apigatewayv2_integration_invalid_integration_type.go b/rules/models/aws_apigatewayv2_integration_invalid_integration_type.go index 5a7970f0..bbcd4c55 100644 --- a/rules/models/aws_apigatewayv2_integration_invalid_integration_type.go +++ b/rules/models/aws_apigatewayv2_integration_invalid_integration_type.go @@ -26,10 +26,10 @@ func NewAwsApigatewayv2IntegrationInvalidIntegrationTypeRule() *AwsApigatewayv2I attributeName: "integration_type", enum: []string{ "AWS", + "AWS_PROXY", "HTTP", - "MOCK", "HTTP_PROXY", - "AWS_PROXY", + "MOCK", }, } } diff --git a/rules/models/aws_apigatewayv2_integration_invalid_passthrough_behavior.go b/rules/models/aws_apigatewayv2_integration_invalid_passthrough_behavior.go index 4d0e51f7..e577cb29 100644 --- a/rules/models/aws_apigatewayv2_integration_invalid_passthrough_behavior.go +++ b/rules/models/aws_apigatewayv2_integration_invalid_passthrough_behavior.go @@ -25,8 +25,8 @@ func NewAwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule() *AwsApigatewa resourceType: "aws_apigatewayv2_integration", attributeName: "passthrough_behavior", enum: []string{ - "WHEN_NO_MATCH", "NEVER", + "WHEN_NO_MATCH", "WHEN_NO_TEMPLATES", }, } diff --git a/rules/models/aws_apigatewayv2_route_invalid_authorization_type.go b/rules/models/aws_apigatewayv2_route_invalid_authorization_type.go index 4a842aa0..2871d4ea 100644 --- a/rules/models/aws_apigatewayv2_route_invalid_authorization_type.go +++ b/rules/models/aws_apigatewayv2_route_invalid_authorization_type.go @@ -25,10 +25,10 @@ func NewAwsApigatewayv2RouteInvalidAuthorizationTypeRule() *AwsApigatewayv2Route resourceType: "aws_apigatewayv2_route", attributeName: "authorization_type", enum: []string{ - "NONE", "AWS_IAM", "CUSTOM", "JWT", + "NONE", }, } } diff --git a/rules/models/aws_appautoscaling_policy_invalid_policy_type.go b/rules/models/aws_appautoscaling_policy_invalid_policy_type.go index 05443460..7cc43937 100644 --- a/rules/models/aws_appautoscaling_policy_invalid_policy_type.go +++ b/rules/models/aws_appautoscaling_policy_invalid_policy_type.go @@ -25,9 +25,9 @@ func NewAwsAppautoscalingPolicyInvalidPolicyTypeRule() *AwsAppautoscalingPolicyI resourceType: "aws_appautoscaling_policy", attributeName: "policy_type", enum: []string{ + "PredictiveScaling", "StepScaling", "TargetTrackingScaling", - "PredictiveScaling", }, } } diff --git a/rules/models/aws_appautoscaling_policy_invalid_scalable_dimension.go b/rules/models/aws_appautoscaling_policy_invalid_scalable_dimension.go index d3a16037..293e96b6 100644 --- a/rules/models/aws_appautoscaling_policy_invalid_scalable_dimension.go +++ b/rules/models/aws_appautoscaling_policy_invalid_scalable_dimension.go @@ -25,29 +25,29 @@ func NewAwsAppautoscalingPolicyInvalidScalableDimensionRule() *AwsAppautoscaling resourceType: "aws_appautoscaling_policy", attributeName: "scalable_dimension", enum: []string{ - "ecs:service:DesiredCount", - "ec2:spot-fleet-request:TargetCapacity", - "elasticmapreduce:instancegroup:InstanceCount", "appstream:fleet:DesiredCapacity", - "dynamodb:table:ReadCapacityUnits", - "dynamodb:table:WriteCapacityUnits", - "dynamodb:index:ReadCapacityUnits", - "dynamodb:index:WriteCapacityUnits", - "rds:cluster:ReadReplicaCount", - "sagemaker:variant:DesiredInstanceCount", - "custom-resource:ResourceType:Property", - "comprehend:document-classifier-endpoint:DesiredInferenceUnits", - "comprehend:entity-recognizer-endpoint:DesiredInferenceUnits", - "lambda:function:ProvisionedConcurrency", "cassandra:table:ReadCapacityUnits", "cassandra:table:WriteCapacityUnits", - "kafka:broker-storage:VolumeSize", + "comprehend:document-classifier-endpoint:DesiredInferenceUnits", + "comprehend:entity-recognizer-endpoint:DesiredInferenceUnits", + "custom-resource:ResourceType:Property", + "dynamodb:index:ReadCapacityUnits", + "dynamodb:index:WriteCapacityUnits", + "dynamodb:table:ReadCapacityUnits", + "dynamodb:table:WriteCapacityUnits", + "ec2:spot-fleet-request:TargetCapacity", + "ecs:service:DesiredCount", + "elasticmapreduce:instancegroup:InstanceCount", "elasticache:cache-cluster:Nodes", "elasticache:replication-group:NodeGroups", "elasticache:replication-group:Replicas", + "kafka:broker-storage:VolumeSize", + "lambda:function:ProvisionedConcurrency", "neptune:cluster:ReadReplicaCount", - "sagemaker:variant:DesiredProvisionedConcurrency", + "rds:cluster:ReadReplicaCount", "sagemaker:inference-component:DesiredCopyCount", + "sagemaker:variant:DesiredInstanceCount", + "sagemaker:variant:DesiredProvisionedConcurrency", "workspaces:workspacespool:DesiredUserSessions", }, } diff --git a/rules/models/aws_appautoscaling_policy_invalid_service_namespace.go b/rules/models/aws_appautoscaling_policy_invalid_service_namespace.go index aff337e6..b3eb7949 100644 --- a/rules/models/aws_appautoscaling_policy_invalid_service_namespace.go +++ b/rules/models/aws_appautoscaling_policy_invalid_service_namespace.go @@ -25,20 +25,20 @@ func NewAwsAppautoscalingPolicyInvalidServiceNamespaceRule() *AwsAppautoscalingP resourceType: "aws_appautoscaling_policy", attributeName: "service_namespace", enum: []string{ - "ecs", - "elasticmapreduce", - "ec2", "appstream", - "dynamodb", - "rds", - "sagemaker", - "custom-resource", - "comprehend", - "lambda", "cassandra", - "kafka", + "comprehend", + "custom-resource", + "dynamodb", + "ec2", + "ecs", "elasticache", + "elasticmapreduce", + "kafka", + "lambda", "neptune", + "rds", + "sagemaker", "workspaces", }, } diff --git a/rules/models/aws_appautoscaling_scheduled_action_invalid_scalable_dimension.go b/rules/models/aws_appautoscaling_scheduled_action_invalid_scalable_dimension.go index f0362b56..caad3b70 100644 --- a/rules/models/aws_appautoscaling_scheduled_action_invalid_scalable_dimension.go +++ b/rules/models/aws_appautoscaling_scheduled_action_invalid_scalable_dimension.go @@ -25,29 +25,29 @@ func NewAwsAppautoscalingScheduledActionInvalidScalableDimensionRule() *AwsAppau resourceType: "aws_appautoscaling_scheduled_action", attributeName: "scalable_dimension", enum: []string{ - "ecs:service:DesiredCount", - "ec2:spot-fleet-request:TargetCapacity", - "elasticmapreduce:instancegroup:InstanceCount", "appstream:fleet:DesiredCapacity", - "dynamodb:table:ReadCapacityUnits", - "dynamodb:table:WriteCapacityUnits", - "dynamodb:index:ReadCapacityUnits", - "dynamodb:index:WriteCapacityUnits", - "rds:cluster:ReadReplicaCount", - "sagemaker:variant:DesiredInstanceCount", - "custom-resource:ResourceType:Property", - "comprehend:document-classifier-endpoint:DesiredInferenceUnits", - "comprehend:entity-recognizer-endpoint:DesiredInferenceUnits", - "lambda:function:ProvisionedConcurrency", "cassandra:table:ReadCapacityUnits", "cassandra:table:WriteCapacityUnits", - "kafka:broker-storage:VolumeSize", + "comprehend:document-classifier-endpoint:DesiredInferenceUnits", + "comprehend:entity-recognizer-endpoint:DesiredInferenceUnits", + "custom-resource:ResourceType:Property", + "dynamodb:index:ReadCapacityUnits", + "dynamodb:index:WriteCapacityUnits", + "dynamodb:table:ReadCapacityUnits", + "dynamodb:table:WriteCapacityUnits", + "ec2:spot-fleet-request:TargetCapacity", + "ecs:service:DesiredCount", + "elasticmapreduce:instancegroup:InstanceCount", "elasticache:cache-cluster:Nodes", "elasticache:replication-group:NodeGroups", "elasticache:replication-group:Replicas", + "kafka:broker-storage:VolumeSize", + "lambda:function:ProvisionedConcurrency", "neptune:cluster:ReadReplicaCount", - "sagemaker:variant:DesiredProvisionedConcurrency", + "rds:cluster:ReadReplicaCount", "sagemaker:inference-component:DesiredCopyCount", + "sagemaker:variant:DesiredInstanceCount", + "sagemaker:variant:DesiredProvisionedConcurrency", "workspaces:workspacespool:DesiredUserSessions", }, } diff --git a/rules/models/aws_appautoscaling_scheduled_action_invalid_service_namespace.go b/rules/models/aws_appautoscaling_scheduled_action_invalid_service_namespace.go index bda86558..6e02a25a 100644 --- a/rules/models/aws_appautoscaling_scheduled_action_invalid_service_namespace.go +++ b/rules/models/aws_appautoscaling_scheduled_action_invalid_service_namespace.go @@ -25,20 +25,20 @@ func NewAwsAppautoscalingScheduledActionInvalidServiceNamespaceRule() *AwsAppaut resourceType: "aws_appautoscaling_scheduled_action", attributeName: "service_namespace", enum: []string{ - "ecs", - "elasticmapreduce", - "ec2", "appstream", - "dynamodb", - "rds", - "sagemaker", - "custom-resource", - "comprehend", - "lambda", "cassandra", - "kafka", + "comprehend", + "custom-resource", + "dynamodb", + "ec2", + "ecs", "elasticache", + "elasticmapreduce", + "kafka", + "lambda", "neptune", + "rds", + "sagemaker", "workspaces", }, } diff --git a/rules/models/aws_appautoscaling_target_invalid_scalable_dimension.go b/rules/models/aws_appautoscaling_target_invalid_scalable_dimension.go index 59c04d6d..f57ac7ad 100644 --- a/rules/models/aws_appautoscaling_target_invalid_scalable_dimension.go +++ b/rules/models/aws_appautoscaling_target_invalid_scalable_dimension.go @@ -25,29 +25,29 @@ func NewAwsAppautoscalingTargetInvalidScalableDimensionRule() *AwsAppautoscaling resourceType: "aws_appautoscaling_target", attributeName: "scalable_dimension", enum: []string{ - "ecs:service:DesiredCount", - "ec2:spot-fleet-request:TargetCapacity", - "elasticmapreduce:instancegroup:InstanceCount", "appstream:fleet:DesiredCapacity", - "dynamodb:table:ReadCapacityUnits", - "dynamodb:table:WriteCapacityUnits", - "dynamodb:index:ReadCapacityUnits", - "dynamodb:index:WriteCapacityUnits", - "rds:cluster:ReadReplicaCount", - "sagemaker:variant:DesiredInstanceCount", - "custom-resource:ResourceType:Property", - "comprehend:document-classifier-endpoint:DesiredInferenceUnits", - "comprehend:entity-recognizer-endpoint:DesiredInferenceUnits", - "lambda:function:ProvisionedConcurrency", "cassandra:table:ReadCapacityUnits", "cassandra:table:WriteCapacityUnits", - "kafka:broker-storage:VolumeSize", + "comprehend:document-classifier-endpoint:DesiredInferenceUnits", + "comprehend:entity-recognizer-endpoint:DesiredInferenceUnits", + "custom-resource:ResourceType:Property", + "dynamodb:index:ReadCapacityUnits", + "dynamodb:index:WriteCapacityUnits", + "dynamodb:table:ReadCapacityUnits", + "dynamodb:table:WriteCapacityUnits", + "ec2:spot-fleet-request:TargetCapacity", + "ecs:service:DesiredCount", + "elasticmapreduce:instancegroup:InstanceCount", "elasticache:cache-cluster:Nodes", "elasticache:replication-group:NodeGroups", "elasticache:replication-group:Replicas", + "kafka:broker-storage:VolumeSize", + "lambda:function:ProvisionedConcurrency", "neptune:cluster:ReadReplicaCount", - "sagemaker:variant:DesiredProvisionedConcurrency", + "rds:cluster:ReadReplicaCount", "sagemaker:inference-component:DesiredCopyCount", + "sagemaker:variant:DesiredInstanceCount", + "sagemaker:variant:DesiredProvisionedConcurrency", "workspaces:workspacespool:DesiredUserSessions", }, } diff --git a/rules/models/aws_appautoscaling_target_invalid_service_namespace.go b/rules/models/aws_appautoscaling_target_invalid_service_namespace.go index 11e17cad..f7e184eb 100644 --- a/rules/models/aws_appautoscaling_target_invalid_service_namespace.go +++ b/rules/models/aws_appautoscaling_target_invalid_service_namespace.go @@ -25,20 +25,20 @@ func NewAwsAppautoscalingTargetInvalidServiceNamespaceRule() *AwsAppautoscalingT resourceType: "aws_appautoscaling_target", attributeName: "service_namespace", enum: []string{ - "ecs", - "elasticmapreduce", - "ec2", "appstream", - "dynamodb", - "rds", - "sagemaker", - "custom-resource", - "comprehend", - "lambda", "cassandra", - "kafka", + "comprehend", + "custom-resource", + "dynamodb", + "ec2", + "ecs", "elasticache", + "elasticmapreduce", + "kafka", + "lambda", "neptune", + "rds", + "sagemaker", "workspaces", }, } diff --git a/rules/models/aws_appconfig_deployment_strategy_invalid_growth_type.go b/rules/models/aws_appconfig_deployment_strategy_invalid_growth_type.go index 873a997c..c76fadef 100644 --- a/rules/models/aws_appconfig_deployment_strategy_invalid_growth_type.go +++ b/rules/models/aws_appconfig_deployment_strategy_invalid_growth_type.go @@ -25,8 +25,8 @@ func NewAwsAppconfigDeploymentStrategyInvalidGrowthTypeRule() *AwsAppconfigDeplo resourceType: "aws_appconfig_deployment_strategy", attributeName: "growth_type", enum: []string{ - "LINEAR", "EXPONENTIAL", + "LINEAR", }, } } diff --git a/rules/models/aws_apprunner_connection_invalid_provider_type.go b/rules/models/aws_apprunner_connection_invalid_provider_type.go index afe32cdb..6886cab6 100644 --- a/rules/models/aws_apprunner_connection_invalid_provider_type.go +++ b/rules/models/aws_apprunner_connection_invalid_provider_type.go @@ -25,8 +25,8 @@ func NewAwsApprunnerConnectionInvalidProviderTypeRule() *AwsApprunnerConnectionI resourceType: "aws_apprunner_connection", attributeName: "provider_type", enum: []string{ - "GITHUB", "BITBUCKET", + "GITHUB", }, } } diff --git a/rules/models/aws_appstream_fleet_invalid_fleet_type.go b/rules/models/aws_appstream_fleet_invalid_fleet_type.go index 69dca16e..8afd9cb0 100644 --- a/rules/models/aws_appstream_fleet_invalid_fleet_type.go +++ b/rules/models/aws_appstream_fleet_invalid_fleet_type.go @@ -26,8 +26,8 @@ func NewAwsAppstreamFleetInvalidFleetTypeRule() *AwsAppstreamFleetInvalidFleetTy attributeName: "fleet_type", enum: []string{ "ALWAYS_ON", - "ON_DEMAND", "ELASTIC", + "ON_DEMAND", }, } } diff --git a/rules/models/aws_appstream_user_invalid_authentication_type.go b/rules/models/aws_appstream_user_invalid_authentication_type.go index 902a152f..02c7a488 100644 --- a/rules/models/aws_appstream_user_invalid_authentication_type.go +++ b/rules/models/aws_appstream_user_invalid_authentication_type.go @@ -26,9 +26,9 @@ func NewAwsAppstreamUserInvalidAuthenticationTypeRule() *AwsAppstreamUserInvalid attributeName: "authentication_type", enum: []string{ "API", + "AWS_AD", "SAML", "USERPOOL", - "AWS_AD", }, } } diff --git a/rules/models/aws_appstream_user_stack_association_invalid_authentication_type.go b/rules/models/aws_appstream_user_stack_association_invalid_authentication_type.go index e62970d5..3fc15c99 100644 --- a/rules/models/aws_appstream_user_stack_association_invalid_authentication_type.go +++ b/rules/models/aws_appstream_user_stack_association_invalid_authentication_type.go @@ -26,9 +26,9 @@ func NewAwsAppstreamUserStackAssociationInvalidAuthenticationTypeRule() *AwsApps attributeName: "authentication_type", enum: []string{ "API", + "AWS_AD", "SAML", "USERPOOL", - "AWS_AD", }, } } diff --git a/rules/models/aws_appsync_datasource_invalid_type.go b/rules/models/aws_appsync_datasource_invalid_type.go index ccdb0b68..3ad25469 100644 --- a/rules/models/aws_appsync_datasource_invalid_type.go +++ b/rules/models/aws_appsync_datasource_invalid_type.go @@ -25,15 +25,15 @@ func NewAwsAppsyncDatasourceInvalidTypeRule() *AwsAppsyncDatasourceInvalidTypeRu resourceType: "aws_appsync_datasource", attributeName: "type", enum: []string{ - "AWS_LAMBDA", + "AMAZON_BEDROCK_RUNTIME", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", - "NONE", + "AMAZON_EVENTBRIDGE", + "AMAZON_OPENSEARCH_SERVICE", + "AWS_LAMBDA", "HTTP", + "NONE", "RELATIONAL_DATABASE", - "AMAZON_OPENSEARCH_SERVICE", - "AMAZON_EVENTBRIDGE", - "AMAZON_BEDROCK_RUNTIME", }, } } diff --git a/rules/models/aws_appsync_graphql_api_invalid_authentication_type.go b/rules/models/aws_appsync_graphql_api_invalid_authentication_type.go index c8480fbf..6816a73b 100644 --- a/rules/models/aws_appsync_graphql_api_invalid_authentication_type.go +++ b/rules/models/aws_appsync_graphql_api_invalid_authentication_type.go @@ -25,11 +25,11 @@ func NewAwsAppsyncGraphqlAPIInvalidAuthenticationTypeRule() *AwsAppsyncGraphqlAP resourceType: "aws_appsync_graphql_api", attributeName: "authentication_type", enum: []string{ + "AMAZON_COGNITO_USER_POOLS", "API_KEY", "AWS_IAM", - "AMAZON_COGNITO_USER_POOLS", - "OPENID_CONNECT", "AWS_LAMBDA", + "OPENID_CONNECT", }, } } diff --git a/rules/models/aws_athena_workgroup_invalid_state.go b/rules/models/aws_athena_workgroup_invalid_state.go index dfb33465..30bdba03 100644 --- a/rules/models/aws_athena_workgroup_invalid_state.go +++ b/rules/models/aws_athena_workgroup_invalid_state.go @@ -25,8 +25,8 @@ func NewAwsAthenaWorkgroupInvalidStateRule() *AwsAthenaWorkgroupInvalidStateRule resourceType: "aws_athena_workgroup", attributeName: "state", enum: []string{ - "ENABLED", "DISABLED", + "ENABLED", }, } } diff --git a/rules/models/aws_batch_compute_environment_invalid_state.go b/rules/models/aws_batch_compute_environment_invalid_state.go index e94b13dd..c0782117 100644 --- a/rules/models/aws_batch_compute_environment_invalid_state.go +++ b/rules/models/aws_batch_compute_environment_invalid_state.go @@ -25,8 +25,8 @@ func NewAwsBatchComputeEnvironmentInvalidStateRule() *AwsBatchComputeEnvironment resourceType: "aws_batch_compute_environment", attributeName: "state", enum: []string{ - "ENABLED", "DISABLED", + "ENABLED", }, } } diff --git a/rules/models/aws_batch_job_queue_invalid_state.go b/rules/models/aws_batch_job_queue_invalid_state.go index bec0202f..4dc8a3fb 100644 --- a/rules/models/aws_batch_job_queue_invalid_state.go +++ b/rules/models/aws_batch_job_queue_invalid_state.go @@ -25,8 +25,8 @@ func NewAwsBatchJobQueueInvalidStateRule() *AwsBatchJobQueueInvalidStateRule { resourceType: "aws_batch_job_queue", attributeName: "state", enum: []string{ - "ENABLED", "DISABLED", + "ENABLED", }, } } diff --git a/rules/models/aws_budgets_budget_invalid_budget_type.go b/rules/models/aws_budgets_budget_invalid_budget_type.go index faf19699..ad85e454 100644 --- a/rules/models/aws_budgets_budget_invalid_budget_type.go +++ b/rules/models/aws_budgets_budget_invalid_budget_type.go @@ -25,12 +25,12 @@ func NewAwsBudgetsBudgetInvalidBudgetTypeRule() *AwsBudgetsBudgetInvalidBudgetTy resourceType: "aws_budgets_budget", attributeName: "budget_type", enum: []string{ - "USAGE", "COST", - "RI_UTILIZATION", "RI_COVERAGE", - "SAVINGS_PLANS_UTILIZATION", + "RI_UTILIZATION", "SAVINGS_PLANS_COVERAGE", + "SAVINGS_PLANS_UTILIZATION", + "USAGE", }, } } diff --git a/rules/models/aws_budgets_budget_invalid_time_unit.go b/rules/models/aws_budgets_budget_invalid_time_unit.go index 1ef04f29..1ab676a4 100644 --- a/rules/models/aws_budgets_budget_invalid_time_unit.go +++ b/rules/models/aws_budgets_budget_invalid_time_unit.go @@ -25,11 +25,11 @@ func NewAwsBudgetsBudgetInvalidTimeUnitRule() *AwsBudgetsBudgetInvalidTimeUnitRu resourceType: "aws_budgets_budget", attributeName: "time_unit", enum: []string{ + "ANNUALLY", + "CUSTOM", "DAILY", "MONTHLY", "QUARTERLY", - "ANNUALLY", - "CUSTOM", }, } } diff --git a/rules/models/aws_cloudformation_stack_invalid_on_failure.go b/rules/models/aws_cloudformation_stack_invalid_on_failure.go index da7568bd..60750c6b 100644 --- a/rules/models/aws_cloudformation_stack_invalid_on_failure.go +++ b/rules/models/aws_cloudformation_stack_invalid_on_failure.go @@ -25,9 +25,9 @@ func NewAwsCloudformationStackInvalidOnFailureRule() *AwsCloudformationStackInva resourceType: "aws_cloudformation_stack", attributeName: "on_failure", enum: []string{ + "DELETE", "DO_NOTHING", "ROLLBACK", - "DELETE", }, } } diff --git a/rules/models/aws_cloudfront_distribution_invalid_http_version.go b/rules/models/aws_cloudfront_distribution_invalid_http_version.go index c57d9703..a05e1621 100644 --- a/rules/models/aws_cloudfront_distribution_invalid_http_version.go +++ b/rules/models/aws_cloudfront_distribution_invalid_http_version.go @@ -27,8 +27,8 @@ func NewAwsCloudfrontDistributionInvalidHTTPVersionRule() *AwsCloudfrontDistribu enum: []string{ "http1.1", "http2", - "http3", "http2and3", + "http3", }, } } diff --git a/rules/models/aws_cloudfront_distribution_invalid_price_class.go b/rules/models/aws_cloudfront_distribution_invalid_price_class.go index a72f8479..162b47e6 100644 --- a/rules/models/aws_cloudfront_distribution_invalid_price_class.go +++ b/rules/models/aws_cloudfront_distribution_invalid_price_class.go @@ -25,10 +25,10 @@ func NewAwsCloudfrontDistributionInvalidPriceClassRule() *AwsCloudfrontDistribut resourceType: "aws_cloudfront_distribution", attributeName: "price_class", enum: []string{ + "None", "PriceClass_100", "PriceClass_200", "PriceClass_All", - "None", }, } } diff --git a/rules/models/aws_cloudwatch_event_api_destination_invalid_http_method.go b/rules/models/aws_cloudwatch_event_api_destination_invalid_http_method.go index 3ba080ea..a8da8079 100644 --- a/rules/models/aws_cloudwatch_event_api_destination_invalid_http_method.go +++ b/rules/models/aws_cloudwatch_event_api_destination_invalid_http_method.go @@ -25,13 +25,13 @@ func NewAwsCloudwatchEventAPIDestinationInvalidHTTPMethodRule() *AwsCloudwatchEv resourceType: "aws_cloudwatch_event_api_destination", attributeName: "http_method", enum: []string{ - "POST", + "DELETE", "GET", "HEAD", "OPTIONS", - "PUT", "PATCH", - "DELETE", + "POST", + "PUT", }, } } diff --git a/rules/models/aws_cloudwatch_event_connection_invalid_authorization_type.go b/rules/models/aws_cloudwatch_event_connection_invalid_authorization_type.go index 51992c32..ad4f63b1 100644 --- a/rules/models/aws_cloudwatch_event_connection_invalid_authorization_type.go +++ b/rules/models/aws_cloudwatch_event_connection_invalid_authorization_type.go @@ -25,9 +25,9 @@ func NewAwsCloudwatchEventConnectionInvalidAuthorizationTypeRule() *AwsCloudwatc resourceType: "aws_cloudwatch_event_connection", attributeName: "authorization_type", enum: []string{ + "API_KEY", "BASIC", "OAUTH_CLIENT_CREDENTIALS", - "API_KEY", }, } } diff --git a/rules/models/aws_cloudwatch_log_subscription_filter_invalid_distribution.go b/rules/models/aws_cloudwatch_log_subscription_filter_invalid_distribution.go index 0b34ddce..8fb4ea0b 100644 --- a/rules/models/aws_cloudwatch_log_subscription_filter_invalid_distribution.go +++ b/rules/models/aws_cloudwatch_log_subscription_filter_invalid_distribution.go @@ -25,8 +25,8 @@ func NewAwsCloudwatchLogSubscriptionFilterInvalidDistributionRule() *AwsCloudwat resourceType: "aws_cloudwatch_log_subscription_filter", attributeName: "distribution", enum: []string{ - "Random", "ByLogStream", + "Random", }, } } diff --git a/rules/models/aws_cloudwatch_metric_alarm_invalid_comparison_operator.go b/rules/models/aws_cloudwatch_metric_alarm_invalid_comparison_operator.go index 7cb58e9e..a399bf6a 100644 --- a/rules/models/aws_cloudwatch_metric_alarm_invalid_comparison_operator.go +++ b/rules/models/aws_cloudwatch_metric_alarm_invalid_comparison_operator.go @@ -27,11 +27,11 @@ func NewAwsCloudwatchMetricAlarmInvalidComparisonOperatorRule() *AwsCloudwatchMe enum: []string{ "GreaterThanOrEqualToThreshold", "GreaterThanThreshold", - "LessThanThreshold", - "LessThanOrEqualToThreshold", + "GreaterThanUpperThreshold", "LessThanLowerOrGreaterThanUpperThreshold", "LessThanLowerThreshold", - "GreaterThanUpperThreshold", + "LessThanOrEqualToThreshold", + "LessThanThreshold", }, } } diff --git a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go index 58189e32..1fded47a 100644 --- a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go +++ b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go @@ -29,7 +29,7 @@ func NewAwsCloudwatchMetricAlarmInvalidNamespaceRule() *AwsCloudwatchMetricAlarm attributeName: "namespace", max: 255, min: 1, - pattern: regexp.MustCompile(`^[^:].*$`), + pattern: regexp.MustCompile(`^[^:]`), } } @@ -90,7 +90,7 @@ func (r *AwsCloudwatchMetricAlarmInvalidNamespaceRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[^:].*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[^:]`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go index eefd5fe6..58affec9 100644 --- a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go +++ b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go @@ -24,7 +24,7 @@ resource "aws_cloudwatch_metric_alarm" "foo" { Expected: helper.Issues{ { Rule: NewAwsCloudwatchMetricAlarmInvalidNamespaceRule(), - Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(":EC2"), `^[^:].*$`), + Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(":EC2"), `^[^:]`), }, }, }, diff --git a/rules/models/aws_cloudwatch_metric_alarm_invalid_statistic.go b/rules/models/aws_cloudwatch_metric_alarm_invalid_statistic.go index 5d63d780..601017e0 100644 --- a/rules/models/aws_cloudwatch_metric_alarm_invalid_statistic.go +++ b/rules/models/aws_cloudwatch_metric_alarm_invalid_statistic.go @@ -25,11 +25,11 @@ func NewAwsCloudwatchMetricAlarmInvalidStatisticRule() *AwsCloudwatchMetricAlarm resourceType: "aws_cloudwatch_metric_alarm", attributeName: "statistic", enum: []string{ - "SampleCount", "Average", - "Sum", - "Minimum", "Maximum", + "Minimum", + "SampleCount", + "Sum", }, } } diff --git a/rules/models/aws_cloudwatch_metric_alarm_invalid_unit.go b/rules/models/aws_cloudwatch_metric_alarm_invalid_unit.go index eb8e0ee5..c66fbea9 100644 --- a/rules/models/aws_cloudwatch_metric_alarm_invalid_unit.go +++ b/rules/models/aws_cloudwatch_metric_alarm_invalid_unit.go @@ -25,33 +25,33 @@ func NewAwsCloudwatchMetricAlarmInvalidUnitRule() *AwsCloudwatchMetricAlarmInval resourceType: "aws_cloudwatch_metric_alarm", attributeName: "unit", enum: []string{ - "Seconds", - "Microseconds", - "Milliseconds", - "Bytes", - "Kilobytes", - "Megabytes", - "Gigabytes", - "Terabytes", "Bits", - "Kilobits", - "Megabits", - "Gigabits", - "Terabits", - "Percent", - "Count", + "Bits/Second", + "Bytes", "Bytes/Second", - "Kilobytes/Second", - "Megabytes/Second", + "Count", + "Count/Second", + "Gigabits", + "Gigabits/Second", + "Gigabytes", "Gigabytes/Second", - "Terabytes/Second", - "Bits/Second", + "Kilobits", "Kilobits/Second", + "Kilobytes", + "Kilobytes/Second", + "Megabits", "Megabits/Second", - "Gigabits/Second", - "Terabits/Second", - "Count/Second", + "Megabytes", + "Megabytes/Second", + "Microseconds", + "Milliseconds", "None", + "Percent", + "Seconds", + "Terabits", + "Terabits/Second", + "Terabytes", + "Terabytes/Second", }, } } diff --git a/rules/models/aws_codebuild_report_group_invalid_type.go b/rules/models/aws_codebuild_report_group_invalid_type.go index 63a2681e..17c17619 100644 --- a/rules/models/aws_codebuild_report_group_invalid_type.go +++ b/rules/models/aws_codebuild_report_group_invalid_type.go @@ -25,8 +25,8 @@ func NewAwsCodebuildReportGroupInvalidTypeRule() *AwsCodebuildReportGroupInvalid resourceType: "aws_codebuild_report_group", attributeName: "type", enum: []string{ - "TEST", "CODE_COVERAGE", + "TEST", }, } } diff --git a/rules/models/aws_codebuild_source_credential_invalid_auth_type.go b/rules/models/aws_codebuild_source_credential_invalid_auth_type.go index b4e05824..bf2b9752 100644 --- a/rules/models/aws_codebuild_source_credential_invalid_auth_type.go +++ b/rules/models/aws_codebuild_source_credential_invalid_auth_type.go @@ -25,10 +25,10 @@ func NewAwsCodebuildSourceCredentialInvalidAuthTypeRule() *AwsCodebuildSourceCre resourceType: "aws_codebuild_source_credential", attributeName: "auth_type", enum: []string{ - "OAUTH", "BASIC_AUTH", - "PERSONAL_ACCESS_TOKEN", "CODECONNECTIONS", + "OAUTH", + "PERSONAL_ACCESS_TOKEN", "SECRETS_MANAGER", }, } diff --git a/rules/models/aws_codebuild_source_credential_invalid_server_type.go b/rules/models/aws_codebuild_source_credential_invalid_server_type.go index adc2b032..d52f0d4f 100644 --- a/rules/models/aws_codebuild_source_credential_invalid_server_type.go +++ b/rules/models/aws_codebuild_source_credential_invalid_server_type.go @@ -25,8 +25,8 @@ func NewAwsCodebuildSourceCredentialInvalidServerTypeRule() *AwsCodebuildSourceC resourceType: "aws_codebuild_source_credential", attributeName: "server_type", enum: []string{ - "GITHUB", "BITBUCKET", + "GITHUB", "GITHUB_ENTERPRISE", "GITLAB", "GITLAB_SELF_MANAGED", diff --git a/rules/models/aws_codedeploy_app_invalid_compute_platform.go b/rules/models/aws_codedeploy_app_invalid_compute_platform.go index e9097654..afc3675b 100644 --- a/rules/models/aws_codedeploy_app_invalid_compute_platform.go +++ b/rules/models/aws_codedeploy_app_invalid_compute_platform.go @@ -25,9 +25,9 @@ func NewAwsCodedeployAppInvalidComputePlatformRule() *AwsCodedeployAppInvalidCom resourceType: "aws_codedeploy_app", attributeName: "compute_platform", enum: []string{ - "Server", - "Lambda", "ECS", + "Lambda", + "Server", }, } } diff --git a/rules/models/aws_codedeploy_deployment_config_invalid_compute_platform.go b/rules/models/aws_codedeploy_deployment_config_invalid_compute_platform.go index 9d4e59c3..7765aaea 100644 --- a/rules/models/aws_codedeploy_deployment_config_invalid_compute_platform.go +++ b/rules/models/aws_codedeploy_deployment_config_invalid_compute_platform.go @@ -25,9 +25,9 @@ func NewAwsCodedeployDeploymentConfigInvalidComputePlatformRule() *AwsCodedeploy resourceType: "aws_codedeploy_deployment_config", attributeName: "compute_platform", enum: []string{ - "Server", - "Lambda", "ECS", + "Lambda", + "Server", }, } } diff --git a/rules/models/aws_cognito_identity_provider_invalid_provider_type.go b/rules/models/aws_cognito_identity_provider_invalid_provider_type.go index 343eb68d..1e61cddb 100644 --- a/rules/models/aws_cognito_identity_provider_invalid_provider_type.go +++ b/rules/models/aws_cognito_identity_provider_invalid_provider_type.go @@ -25,12 +25,12 @@ func NewAwsCognitoIdentityProviderInvalidProviderTypeRule() *AwsCognitoIdentityP resourceType: "aws_cognito_identity_provider", attributeName: "provider_type", enum: []string{ - "SAML", "Facebook", "Google", "LoginWithAmazon", - "SignInWithApple", "OIDC", + "SAML", + "SignInWithApple", }, } } diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go index 89a8a4a7..0a47e8e3 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go @@ -29,7 +29,7 @@ func NewAwsCognitoUserPoolInvalidSmsAuthenticationMessageRule() *AwsCognitoUserP attributeName: "sms_authentication_message", max: 140, min: 6, - pattern: regexp.MustCompile(`^.*\{####\}.*$`), + pattern: regexp.MustCompile(`^\{####\}$`), } } @@ -90,7 +90,7 @@ func (r *AwsCognitoUserPoolInvalidSmsAuthenticationMessageRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\{####\}.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\{####\}$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go index 83f53b48..2a2ed470 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go @@ -24,7 +24,7 @@ resource "aws_cognito_user_pool" "foo" { Expected: helper.Issues{ { Rule: NewAwsCognitoUserPoolInvalidSmsAuthenticationMessageRule(), - Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Authentication code"), `^.*\{####\}.*$`), + Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Authentication code"), `^\{####\}$`), }, }, }, diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go index 6c17d746..5cef20e4 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go @@ -29,7 +29,7 @@ func NewAwsCognitoUserPoolInvalidSmsVerificationMessageRule() *AwsCognitoUserPoo attributeName: "sms_verification_message", max: 140, min: 6, - pattern: regexp.MustCompile(`^.*\{####\}.*$`), + pattern: regexp.MustCompile(`^\{####\}$`), } } @@ -90,7 +90,7 @@ func (r *AwsCognitoUserPoolInvalidSmsVerificationMessageRule) Check(runner tflin if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\{####\}.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\{####\}$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go index 97fb8346..64323cd9 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go @@ -24,7 +24,7 @@ resource "aws_cognito_user_pool" "foo" { Expected: helper.Issues{ { Rule: NewAwsCognitoUserPoolInvalidSmsVerificationMessageRule(), - Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Verification code"), `^.*\{####\}.*$`), + Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Verification code"), `^\{####\}$`), }, }, }, diff --git a/rules/models/aws_config_config_rule_invalid_maximum_execution_frequency.go b/rules/models/aws_config_config_rule_invalid_maximum_execution_frequency.go index 868768cf..94b815e2 100644 --- a/rules/models/aws_config_config_rule_invalid_maximum_execution_frequency.go +++ b/rules/models/aws_config_config_rule_invalid_maximum_execution_frequency.go @@ -26,8 +26,8 @@ func NewAwsConfigConfigRuleInvalidMaximumExecutionFrequencyRule() *AwsConfigConf attributeName: "maximum_execution_frequency", enum: []string{ "One_Hour", - "Three_Hours", "Six_Hours", + "Three_Hours", "Twelve_Hours", "TwentyFour_Hours", }, diff --git a/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go b/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go index 518b6f47..7dbc4638 100644 --- a/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go +++ b/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go @@ -29,7 +29,7 @@ func NewAwsConfigConformancePackInvalidTemplateS3URIRule() *AwsConfigConformance attributeName: "template_s3_uri", max: 1024, min: 1, - pattern: regexp.MustCompile(`^s3://.*$`), + pattern: regexp.MustCompile(`^s3://`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigConformancePackInvalidTemplateS3URIRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go b/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go index 1b971c37..205f50c9 100644 --- a/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go +++ b/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go @@ -29,7 +29,7 @@ func NewAwsConfigOrganizationConformancePackInvalidTemplateS3URIRule() *AwsConfi attributeName: "template_s3_uri", max: 1024, min: 1, - pattern: regexp.MustCompile(`^s3://.*$`), + pattern: regexp.MustCompile(`^s3://`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigOrganizationConformancePackInvalidTemplateS3URIRule) Check(run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_config_organization_custom_rule_invalid_maximum_execution_frequency.go b/rules/models/aws_config_organization_custom_rule_invalid_maximum_execution_frequency.go index f1d3d6d6..1ea29758 100644 --- a/rules/models/aws_config_organization_custom_rule_invalid_maximum_execution_frequency.go +++ b/rules/models/aws_config_organization_custom_rule_invalid_maximum_execution_frequency.go @@ -26,8 +26,8 @@ func NewAwsConfigOrganizationCustomRuleInvalidMaximumExecutionFrequencyRule() *A attributeName: "maximum_execution_frequency", enum: []string{ "One_Hour", - "Three_Hours", "Six_Hours", + "Three_Hours", "Twelve_Hours", "TwentyFour_Hours", }, diff --git a/rules/models/aws_config_organization_managed_rule_invalid_maximum_execution_frequency.go b/rules/models/aws_config_organization_managed_rule_invalid_maximum_execution_frequency.go index 0bf5b2c9..ce017cd0 100644 --- a/rules/models/aws_config_organization_managed_rule_invalid_maximum_execution_frequency.go +++ b/rules/models/aws_config_organization_managed_rule_invalid_maximum_execution_frequency.go @@ -26,8 +26,8 @@ func NewAwsConfigOrganizationManagedRuleInvalidMaximumExecutionFrequencyRule() * attributeName: "maximum_execution_frequency", enum: []string{ "One_Hour", - "Three_Hours", "Six_Hours", + "Three_Hours", "Twelve_Hours", "TwentyFour_Hours", }, diff --git a/rules/models/aws_connect_contact_flow_invalid_type.go b/rules/models/aws_connect_contact_flow_invalid_type.go index 7fec2fba..68febfc5 100644 --- a/rules/models/aws_connect_contact_flow_invalid_type.go +++ b/rules/models/aws_connect_contact_flow_invalid_type.go @@ -25,16 +25,16 @@ func NewAwsConnectContactFlowInvalidTypeRule() *AwsConnectContactFlowInvalidType resourceType: "aws_connect_contact_flow", attributeName: "type", enum: []string{ + "AGENT_HOLD", + "AGENT_TRANSFER", + "AGENT_WHISPER", + "CAMPAIGN", "CONTACT_FLOW", - "CUSTOMER_QUEUE", "CUSTOMER_HOLD", + "CUSTOMER_QUEUE", "CUSTOMER_WHISPER", - "AGENT_HOLD", - "AGENT_WHISPER", "OUTBOUND_WHISPER", - "AGENT_TRANSFER", "QUEUE_TRANSFER", - "CAMPAIGN", }, } } diff --git a/rules/models/aws_connect_instance_invalid_identity_management_type.go b/rules/models/aws_connect_instance_invalid_identity_management_type.go index 7d6a9b53..2d25a01b 100644 --- a/rules/models/aws_connect_instance_invalid_identity_management_type.go +++ b/rules/models/aws_connect_instance_invalid_identity_management_type.go @@ -25,9 +25,9 @@ func NewAwsConnectInstanceInvalidIdentityManagementTypeRule() *AwsConnectInstanc resourceType: "aws_connect_instance", attributeName: "identity_management_type", enum: []string{ - "SAML", "CONNECT_MANAGED", "EXISTING_DIRECTORY", + "SAML", }, } } diff --git a/rules/models/aws_cur_report_definition_invalid_compression.go b/rules/models/aws_cur_report_definition_invalid_compression.go index 651dac5e..9fec3649 100644 --- a/rules/models/aws_cur_report_definition_invalid_compression.go +++ b/rules/models/aws_cur_report_definition_invalid_compression.go @@ -25,9 +25,9 @@ func NewAwsCurReportDefinitionInvalidCompressionRule() *AwsCurReportDefinitionIn resourceType: "aws_cur_report_definition", attributeName: "compression", enum: []string{ - "ZIP", "GZIP", "Parquet", + "ZIP", }, } } diff --git a/rules/models/aws_cur_report_definition_invalid_s3_region.go b/rules/models/aws_cur_report_definition_invalid_s3_region.go index fa31ec02..e1d6c524 100644 --- a/rules/models/aws_cur_report_definition_invalid_s3_region.go +++ b/rules/models/aws_cur_report_definition_invalid_s3_region.go @@ -25,34 +25,34 @@ func NewAwsCurReportDefinitionInvalidS3RegionRule() *AwsCurReportDefinitionInval resourceType: "aws_cur_report_definition", attributeName: "s3_region", enum: []string{ + "me-south-1", + "cn-north-1", + "ca-central-1", "af-south-1", + "eu-central-1", "ap-east-1", - "ap-south-1", "ap-south-2", - "ap-southeast-1", - "ap-southeast-2", - "ap-southeast-3", - "ap-northeast-1", - "ap-northeast-2", - "ap-northeast-3", - "ca-central-1", - "eu-central-1", - "eu-central-2", "eu-west-1", + "ap-southeast-3", "eu-west-2", - "eu-west-3", - "eu-north-1", "eu-south-1", + "ap-south-1", + "cn-northwest-1", + "us-west-1", + "us-east-2", + "us-west-2", + "ap-northeast-3", + "eu-west-3", + "sa-east-1", + "ap-northeast-2", + "ap-southeast-1", "eu-south-2", + "eu-north-1", + "ap-southeast-2", + "ap-northeast-1", "me-central-1", - "me-south-1", - "sa-east-1", "us-east-1", - "us-east-2", - "us-west-1", - "us-west-2", - "cn-north-1", - "cn-northwest-1", + "eu-central-2", }, } } diff --git a/rules/models/aws_cur_report_definition_invalid_time_unit.go b/rules/models/aws_cur_report_definition_invalid_time_unit.go index 6b23f03f..cfd56b7f 100644 --- a/rules/models/aws_cur_report_definition_invalid_time_unit.go +++ b/rules/models/aws_cur_report_definition_invalid_time_unit.go @@ -25,8 +25,8 @@ func NewAwsCurReportDefinitionInvalidTimeUnitRule() *AwsCurReportDefinitionInval resourceType: "aws_cur_report_definition", attributeName: "time_unit", enum: []string{ - "HOURLY", "DAILY", + "HOURLY", "MONTHLY", }, } diff --git a/rules/models/aws_db_proxy_endpoint_invalid_target_role.go b/rules/models/aws_db_proxy_endpoint_invalid_target_role.go index dd326fad..a0cecddd 100644 --- a/rules/models/aws_db_proxy_endpoint_invalid_target_role.go +++ b/rules/models/aws_db_proxy_endpoint_invalid_target_role.go @@ -25,8 +25,8 @@ func NewAwsDBProxyEndpointInvalidTargetRoleRule() *AwsDBProxyEndpointInvalidTarg resourceType: "aws_db_proxy_endpoint", attributeName: "target_role", enum: []string{ - "READ_WRITE", "READ_ONLY", + "READ_WRITE", }, } } diff --git a/rules/models/aws_devicefarm_device_pool_invalid_project_arn.go b/rules/models/aws_devicefarm_device_pool_invalid_project_arn.go index cdd3121f..76fd2fde 100644 --- a/rules/models/aws_devicefarm_device_pool_invalid_project_arn.go +++ b/rules/models/aws_devicefarm_device_pool_invalid_project_arn.go @@ -29,7 +29,7 @@ func NewAwsDevicefarmDevicePoolInvalidProjectArnRule() *AwsDevicefarmDevicePoolI attributeName: "project_arn", max: 1011, min: 32, - pattern: regexp.MustCompile(`^arn:aws:devicefarm:.+`), + pattern: regexp.MustCompile(`^arn:aws:devicefarm:.+$`), } } @@ -90,7 +90,7 @@ func (r *AwsDevicefarmDevicePoolInvalidProjectArnRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws:devicefarm:.+`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws:devicefarm:.+$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_devicefarm_network_profile_invalid_project_arn.go b/rules/models/aws_devicefarm_network_profile_invalid_project_arn.go index a6aac288..f01ac53d 100644 --- a/rules/models/aws_devicefarm_network_profile_invalid_project_arn.go +++ b/rules/models/aws_devicefarm_network_profile_invalid_project_arn.go @@ -29,7 +29,7 @@ func NewAwsDevicefarmNetworkProfileInvalidProjectArnRule() *AwsDevicefarmNetwork attributeName: "project_arn", max: 1011, min: 32, - pattern: regexp.MustCompile(`^arn:aws:devicefarm:.+`), + pattern: regexp.MustCompile(`^arn:aws:devicefarm:.+$`), } } @@ -90,7 +90,7 @@ func (r *AwsDevicefarmNetworkProfileInvalidProjectArnRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws:devicefarm:.+`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws:devicefarm:.+$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_devicefarm_upload_invalid_project_arn.go b/rules/models/aws_devicefarm_upload_invalid_project_arn.go index b931c65f..4bf41ed3 100644 --- a/rules/models/aws_devicefarm_upload_invalid_project_arn.go +++ b/rules/models/aws_devicefarm_upload_invalid_project_arn.go @@ -29,7 +29,7 @@ func NewAwsDevicefarmUploadInvalidProjectArnRule() *AwsDevicefarmUploadInvalidPr attributeName: "project_arn", max: 1011, min: 32, - pattern: regexp.MustCompile(`^arn:aws:devicefarm:.+`), + pattern: regexp.MustCompile(`^arn:aws:devicefarm:.+$`), } } @@ -90,7 +90,7 @@ func (r *AwsDevicefarmUploadInvalidProjectArnRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws:devicefarm:.+`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws:devicefarm:.+$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_devicefarm_upload_invalid_type.go b/rules/models/aws_devicefarm_upload_invalid_type.go index 9e2b5b93..b847d0c4 100644 --- a/rules/models/aws_devicefarm_upload_invalid_type.go +++ b/rules/models/aws_devicefarm_upload_invalid_type.go @@ -26,36 +26,36 @@ func NewAwsDevicefarmUploadInvalidTypeRule() *AwsDevicefarmUploadInvalidTypeRule attributeName: "type", enum: []string{ "ANDROID_APP", - "IOS_APP", - "WEB_APP", - "EXTERNAL_DATA", "APPIUM_JAVA_JUNIT_TEST_PACKAGE", + "APPIUM_JAVA_JUNIT_TEST_SPEC", "APPIUM_JAVA_TESTNG_TEST_PACKAGE", - "APPIUM_PYTHON_TEST_PACKAGE", + "APPIUM_JAVA_TESTNG_TEST_SPEC", "APPIUM_NODE_TEST_PACKAGE", + "APPIUM_NODE_TEST_SPEC", + "APPIUM_PYTHON_TEST_PACKAGE", + "APPIUM_PYTHON_TEST_SPEC", "APPIUM_RUBY_TEST_PACKAGE", + "APPIUM_RUBY_TEST_SPEC", "APPIUM_WEB_JAVA_JUNIT_TEST_PACKAGE", + "APPIUM_WEB_JAVA_JUNIT_TEST_SPEC", "APPIUM_WEB_JAVA_TESTNG_TEST_PACKAGE", - "APPIUM_WEB_PYTHON_TEST_PACKAGE", + "APPIUM_WEB_JAVA_TESTNG_TEST_SPEC", "APPIUM_WEB_NODE_TEST_PACKAGE", + "APPIUM_WEB_NODE_TEST_SPEC", + "APPIUM_WEB_PYTHON_TEST_PACKAGE", + "APPIUM_WEB_PYTHON_TEST_SPEC", "APPIUM_WEB_RUBY_TEST_PACKAGE", + "APPIUM_WEB_RUBY_TEST_SPEC", "CALABASH_TEST_PACKAGE", + "EXTERNAL_DATA", "INSTRUMENTATION_TEST_PACKAGE", + "INSTRUMENTATION_TEST_SPEC", + "IOS_APP", "UIAUTOMATION_TEST_PACKAGE", "UIAUTOMATOR_TEST_PACKAGE", + "WEB_APP", "XCTEST_TEST_PACKAGE", "XCTEST_UI_TEST_PACKAGE", - "APPIUM_JAVA_JUNIT_TEST_SPEC", - "APPIUM_JAVA_TESTNG_TEST_SPEC", - "APPIUM_PYTHON_TEST_SPEC", - "APPIUM_NODE_TEST_SPEC", - "APPIUM_RUBY_TEST_SPEC", - "APPIUM_WEB_JAVA_JUNIT_TEST_SPEC", - "APPIUM_WEB_JAVA_TESTNG_TEST_SPEC", - "APPIUM_WEB_PYTHON_TEST_SPEC", - "APPIUM_WEB_NODE_TEST_SPEC", - "APPIUM_WEB_RUBY_TEST_SPEC", - "INSTRUMENTATION_TEST_SPEC", "XCTEST_UI_TEST_SPEC", }, } diff --git a/rules/models/aws_directory_service_directory_invalid_edition.go b/rules/models/aws_directory_service_directory_invalid_edition.go index 34f100a8..1ed4033c 100644 --- a/rules/models/aws_directory_service_directory_invalid_edition.go +++ b/rules/models/aws_directory_service_directory_invalid_edition.go @@ -26,8 +26,8 @@ func NewAwsDirectoryServiceDirectoryInvalidEditionRule() *AwsDirectoryServiceDir attributeName: "edition", enum: []string{ "Enterprise", - "Standard", "Hybrid", + "Standard", }, } } diff --git a/rules/models/aws_directory_service_directory_invalid_size.go b/rules/models/aws_directory_service_directory_invalid_size.go index 1b10126c..7135af87 100644 --- a/rules/models/aws_directory_service_directory_invalid_size.go +++ b/rules/models/aws_directory_service_directory_invalid_size.go @@ -25,8 +25,8 @@ func NewAwsDirectoryServiceDirectoryInvalidSizeRule() *AwsDirectoryServiceDirect resourceType: "aws_directory_service_directory", attributeName: "size", enum: []string{ - "Small", "Large", + "Small", }, } } diff --git a/rules/models/aws_directory_service_directory_invalid_type.go b/rules/models/aws_directory_service_directory_invalid_type.go index 12455eae..072fe1f1 100644 --- a/rules/models/aws_directory_service_directory_invalid_type.go +++ b/rules/models/aws_directory_service_directory_invalid_type.go @@ -25,10 +25,10 @@ func NewAwsDirectoryServiceDirectoryInvalidTypeRule() *AwsDirectoryServiceDirect resourceType: "aws_directory_service_directory", attributeName: "type", enum: []string{ - "SimpleAD", "ADConnector", "MicrosoftAD", "SharedMicrosoftAD", + "SimpleAD", }, } } diff --git a/rules/models/aws_dlm_lifecycle_policy_invalid_state.go b/rules/models/aws_dlm_lifecycle_policy_invalid_state.go index 2ea7b00f..5fa2cfea 100644 --- a/rules/models/aws_dlm_lifecycle_policy_invalid_state.go +++ b/rules/models/aws_dlm_lifecycle_policy_invalid_state.go @@ -25,8 +25,8 @@ func NewAwsDlmLifecyclePolicyInvalidStateRule() *AwsDlmLifecyclePolicyInvalidSta resourceType: "aws_dlm_lifecycle_policy", attributeName: "state", enum: []string{ - "ENABLED", "DISABLED", + "ENABLED", }, } } diff --git a/rules/models/aws_dms_replication_task_invalid_migration_type.go b/rules/models/aws_dms_replication_task_invalid_migration_type.go index dcf15f12..1b0ed4d5 100644 --- a/rules/models/aws_dms_replication_task_invalid_migration_type.go +++ b/rules/models/aws_dms_replication_task_invalid_migration_type.go @@ -25,8 +25,8 @@ func NewAwsDmsReplicationTaskInvalidMigrationTypeRule() *AwsDmsReplicationTaskIn resourceType: "aws_dms_replication_task", attributeName: "migration_type", enum: []string{ - "full-load", "cdc", + "full-load", "full-load-and-cdc", }, } diff --git a/rules/models/aws_dynamodb_table_invalid_billing_mode.go b/rules/models/aws_dynamodb_table_invalid_billing_mode.go index 0186811e..55c4e44f 100644 --- a/rules/models/aws_dynamodb_table_invalid_billing_mode.go +++ b/rules/models/aws_dynamodb_table_invalid_billing_mode.go @@ -25,8 +25,8 @@ func NewAwsDynamoDBTableInvalidBillingModeRule() *AwsDynamoDBTableInvalidBilling resourceType: "aws_dynamodb_table", attributeName: "billing_mode", enum: []string{ - "PROVISIONED", "PAY_PER_REQUEST", + "PROVISIONED", }, } } diff --git a/rules/models/aws_ebs_volume_invalid_type.go b/rules/models/aws_ebs_volume_invalid_type.go index e4d2d342..ddef4349 100644 --- a/rules/models/aws_ebs_volume_invalid_type.go +++ b/rules/models/aws_ebs_volume_invalid_type.go @@ -25,13 +25,13 @@ func NewAwsEbsVolumeInvalidTypeRule() *AwsEbsVolumeInvalidTypeRule { resourceType: "aws_ebs_volume", attributeName: "type", enum: []string{ - "standard", + "gp2", + "gp3", "io1", "io2", - "gp2", "sc1", "st1", - "gp3", + "standard", }, } } diff --git a/rules/models/aws_ec2_availability_zone_group_invalid_opt_in_status.go b/rules/models/aws_ec2_availability_zone_group_invalid_opt_in_status.go index 0da7fede..0e814542 100644 --- a/rules/models/aws_ec2_availability_zone_group_invalid_opt_in_status.go +++ b/rules/models/aws_ec2_availability_zone_group_invalid_opt_in_status.go @@ -25,8 +25,8 @@ func NewAwsEc2AvailabilityZoneGroupInvalidOptInStatusRule() *AwsEc2AvailabilityZ resourceType: "aws_ec2_availability_zone_group", attributeName: "opt_in_status", enum: []string{ - "opted-in", "not-opted-in", + "opted-in", }, } } diff --git a/rules/models/aws_ec2_capacity_reservation_invalid_end_date_type.go b/rules/models/aws_ec2_capacity_reservation_invalid_end_date_type.go index de3934d8..c5457c7c 100644 --- a/rules/models/aws_ec2_capacity_reservation_invalid_end_date_type.go +++ b/rules/models/aws_ec2_capacity_reservation_invalid_end_date_type.go @@ -25,8 +25,8 @@ func NewAwsEc2CapacityReservationInvalidEndDateTypeRule() *AwsEc2CapacityReserva resourceType: "aws_ec2_capacity_reservation", attributeName: "end_date_type", enum: []string{ - "unlimited", "limited", + "unlimited", }, } } diff --git a/rules/models/aws_ec2_capacity_reservation_invalid_instance_platform.go b/rules/models/aws_ec2_capacity_reservation_invalid_instance_platform.go index 9f6c5fc8..668c4b87 100644 --- a/rules/models/aws_ec2_capacity_reservation_invalid_instance_platform.go +++ b/rules/models/aws_ec2_capacity_reservation_invalid_instance_platform.go @@ -26,23 +26,23 @@ func NewAwsEc2CapacityReservationInvalidInstancePlatformRule() *AwsEc2CapacityRe attributeName: "instance_platform", enum: []string{ "Linux/UNIX", + "Linux with SQL Server Enterprise", + "Linux with SQL Server Standard", + "Linux with SQL Server Web", "Red Hat Enterprise Linux", + "RHEL with HA", + "RHEL with HA and SQL Server Enterprise", + "RHEL with HA and SQL Server Standard", + "RHEL with SQL Server Enterprise", + "RHEL with SQL Server Standard", + "RHEL with SQL Server Web", "SUSE Linux", + "Ubuntu Pro", "Windows", "Windows with SQL Server", "Windows with SQL Server Enterprise", "Windows with SQL Server Standard", "Windows with SQL Server Web", - "Linux with SQL Server Standard", - "Linux with SQL Server Web", - "Linux with SQL Server Enterprise", - "RHEL with SQL Server Standard", - "RHEL with SQL Server Enterprise", - "RHEL with SQL Server Web", - "RHEL with HA", - "RHEL with HA and SQL Server Standard", - "RHEL with HA and SQL Server Enterprise", - "Ubuntu Pro", }, } } diff --git a/rules/models/aws_ec2_capacity_reservation_invalid_tenancy.go b/rules/models/aws_ec2_capacity_reservation_invalid_tenancy.go index d7640168..0c6fad29 100644 --- a/rules/models/aws_ec2_capacity_reservation_invalid_tenancy.go +++ b/rules/models/aws_ec2_capacity_reservation_invalid_tenancy.go @@ -25,8 +25,8 @@ func NewAwsEc2CapacityReservationInvalidTenancyRule() *AwsEc2CapacityReservation resourceType: "aws_ec2_capacity_reservation", attributeName: "tenancy", enum: []string{ - "default", "dedicated", + "default", }, } } diff --git a/rules/models/aws_ec2_fleet_invalid_type.go b/rules/models/aws_ec2_fleet_invalid_type.go index e75e1b71..b913caac 100644 --- a/rules/models/aws_ec2_fleet_invalid_type.go +++ b/rules/models/aws_ec2_fleet_invalid_type.go @@ -25,9 +25,9 @@ func NewAwsEc2FleetInvalidTypeRule() *AwsEc2FleetInvalidTypeRule { resourceType: "aws_ec2_fleet", attributeName: "type", enum: []string{ - "request", - "maintain", "instant", + "maintain", + "request", }, } } diff --git a/rules/models/aws_ec2_host_invalid_auto_placement.go b/rules/models/aws_ec2_host_invalid_auto_placement.go index 62b0ba47..f5e7f031 100644 --- a/rules/models/aws_ec2_host_invalid_auto_placement.go +++ b/rules/models/aws_ec2_host_invalid_auto_placement.go @@ -25,8 +25,8 @@ func NewAwsEc2HostInvalidAutoPlacementRule() *AwsEc2HostInvalidAutoPlacementRule resourceType: "aws_ec2_host", attributeName: "auto_placement", enum: []string{ - "on", "off", + "on", }, } } diff --git a/rules/models/aws_ec2_host_invalid_host_recovery.go b/rules/models/aws_ec2_host_invalid_host_recovery.go index 7ad600d2..63bf59e5 100644 --- a/rules/models/aws_ec2_host_invalid_host_recovery.go +++ b/rules/models/aws_ec2_host_invalid_host_recovery.go @@ -25,8 +25,8 @@ func NewAwsEc2HostInvalidHostRecoveryRule() *AwsEc2HostInvalidHostRecoveryRule { resourceType: "aws_ec2_host", attributeName: "host_recovery", enum: []string{ - "on", "off", + "on", }, } } diff --git a/rules/models/aws_ec2_subnet_cidr_reservation_invalid_reservation_type.go b/rules/models/aws_ec2_subnet_cidr_reservation_invalid_reservation_type.go index 423240d9..f64a6208 100644 --- a/rules/models/aws_ec2_subnet_cidr_reservation_invalid_reservation_type.go +++ b/rules/models/aws_ec2_subnet_cidr_reservation_invalid_reservation_type.go @@ -25,8 +25,8 @@ func NewAwsEc2SubnetCidrReservationInvalidReservationTypeRule() *AwsEc2SubnetCid resourceType: "aws_ec2_subnet_cidr_reservation", attributeName: "reservation_type", enum: []string{ - "prefix", "explicit", + "prefix", }, } } diff --git a/rules/models/aws_ec2_traffic_mirror_filter_rule_invalid_traffic_direction.go b/rules/models/aws_ec2_traffic_mirror_filter_rule_invalid_traffic_direction.go index e8ae42bd..fdcb778d 100644 --- a/rules/models/aws_ec2_traffic_mirror_filter_rule_invalid_traffic_direction.go +++ b/rules/models/aws_ec2_traffic_mirror_filter_rule_invalid_traffic_direction.go @@ -25,8 +25,8 @@ func NewAwsEc2TrafficMirrorFilterRuleInvalidTrafficDirectionRule() *AwsEc2Traffi resourceType: "aws_ec2_traffic_mirror_filter_rule", attributeName: "traffic_direction", enum: []string{ - "ingress", "egress", + "ingress", }, } } diff --git a/rules/models/aws_ec2_transit_gateway_invalid_auto_accept_shared_attachments.go b/rules/models/aws_ec2_transit_gateway_invalid_auto_accept_shared_attachments.go index d62b148d..b31814e3 100644 --- a/rules/models/aws_ec2_transit_gateway_invalid_auto_accept_shared_attachments.go +++ b/rules/models/aws_ec2_transit_gateway_invalid_auto_accept_shared_attachments.go @@ -25,8 +25,8 @@ func NewAwsEc2TransitGatewayInvalidAutoAcceptSharedAttachmentsRule() *AwsEc2Tran resourceType: "aws_ec2_transit_gateway", attributeName: "auto_accept_shared_attachments", enum: []string{ - "enable", "disable", + "enable", }, } } diff --git a/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_association.go b/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_association.go index cdf6e089..3b977146 100644 --- a/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_association.go +++ b/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_association.go @@ -25,8 +25,8 @@ func NewAwsEc2TransitGatewayInvalidDefaultRouteTableAssociationRule() *AwsEc2Tra resourceType: "aws_ec2_transit_gateway", attributeName: "default_route_table_association", enum: []string{ - "enable", "disable", + "enable", }, } } diff --git a/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_propagation.go b/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_propagation.go index 50dc6da7..a147abe4 100644 --- a/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_propagation.go +++ b/rules/models/aws_ec2_transit_gateway_invalid_default_route_table_propagation.go @@ -25,8 +25,8 @@ func NewAwsEc2TransitGatewayInvalidDefaultRouteTablePropagationRule() *AwsEc2Tra resourceType: "aws_ec2_transit_gateway", attributeName: "default_route_table_propagation", enum: []string{ - "enable", "disable", + "enable", }, } } diff --git a/rules/models/aws_ec2_transit_gateway_invalid_dns_support.go b/rules/models/aws_ec2_transit_gateway_invalid_dns_support.go index 97652725..1e76c420 100644 --- a/rules/models/aws_ec2_transit_gateway_invalid_dns_support.go +++ b/rules/models/aws_ec2_transit_gateway_invalid_dns_support.go @@ -25,8 +25,8 @@ func NewAwsEc2TransitGatewayInvalidDNSSupportRule() *AwsEc2TransitGatewayInvalid resourceType: "aws_ec2_transit_gateway", attributeName: "dns_support", enum: []string{ - "enable", "disable", + "enable", }, } } diff --git a/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_dns_support.go b/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_dns_support.go index 8f79fdbc..6678018e 100644 --- a/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_dns_support.go +++ b/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_dns_support.go @@ -25,8 +25,8 @@ func NewAwsEc2TransitGatewayVpcAttachmentInvalidDNSSupportRule() *AwsEc2TransitG resourceType: "aws_ec2_transit_gateway_vpc_attachment", attributeName: "dns_support", enum: []string{ - "enable", "disable", + "enable", }, } } diff --git a/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_ipv6_support.go b/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_ipv6_support.go index ede421ed..2d574010 100644 --- a/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_ipv6_support.go +++ b/rules/models/aws_ec2_transit_gateway_vpc_attachment_invalid_ipv6_support.go @@ -25,8 +25,8 @@ func NewAwsEc2TransitGatewayVpcAttachmentInvalidIpv6SupportRule() *AwsEc2Transit resourceType: "aws_ec2_transit_gateway_vpc_attachment", attributeName: "ipv6_support", enum: []string{ - "enable", "disable", + "enable", }, } } diff --git a/rules/models/aws_ecs_account_setting_default_invalid_name.go b/rules/models/aws_ecs_account_setting_default_invalid_name.go new file mode 100644 index 00000000..27da5fc2 --- /dev/null +++ b/rules/models/aws_ecs_account_setting_default_invalid_name.go @@ -0,0 +1,103 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/logger" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsEcsAccountSettingDefaultInvalidNameRule checks the pattern is valid +type AwsEcsAccountSettingDefaultInvalidNameRule struct { + tflint.DefaultRule + + resourceType string + attributeName string + enum []string +} + +// NewAwsEcsAccountSettingDefaultInvalidNameRule returns new rule with default attributes +func NewAwsEcsAccountSettingDefaultInvalidNameRule() *AwsEcsAccountSettingDefaultInvalidNameRule { + return &AwsEcsAccountSettingDefaultInvalidNameRule{ + resourceType: "aws_ecs_account_setting_default", + attributeName: "name", + enum: []string{ + "awsvpcTrunking", + "containerInsights", + "containerInstanceLongArnFormat", + "defaultLogDriverMode", + "fargateFIPSMode", + "fargateTaskRetirementWaitPeriod", + "guardDutyActivate", + "serviceLongArnFormat", + "tagResourceAuthorization", + "taskLongArnFormat", + }, + } +} + +// Name returns the rule name +func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Name() string { + return "aws_ecs_account_setting_default_invalid_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Check(runner tflint.Runner) error { + logger.Trace("Check `%s` rule", r.Name()) + + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{ + {Name: r.attributeName}, + }, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func (val string) error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssue( + r, + fmt.Sprintf(`"%s" is an invalid value as name`, truncateLongMessage(val)), + attribute.Expr.Range(), + ) + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/models/aws_ecs_service_invalid_launch_type.go b/rules/models/aws_ecs_service_invalid_launch_type.go index 4c5abf69..416c358a 100644 --- a/rules/models/aws_ecs_service_invalid_launch_type.go +++ b/rules/models/aws_ecs_service_invalid_launch_type.go @@ -26,8 +26,8 @@ func NewAwsEcsServiceInvalidLaunchTypeRule() *AwsEcsServiceInvalidLaunchTypeRule attributeName: "launch_type", enum: []string{ "EC2", - "FARGATE", "EXTERNAL", + "FARGATE", "MANAGED_INSTANCES", }, } diff --git a/rules/models/aws_ecs_service_invalid_propagate_tags.go b/rules/models/aws_ecs_service_invalid_propagate_tags.go index 29dece98..fdf88226 100644 --- a/rules/models/aws_ecs_service_invalid_propagate_tags.go +++ b/rules/models/aws_ecs_service_invalid_propagate_tags.go @@ -25,9 +25,9 @@ func NewAwsEcsServiceInvalidPropagateTagsRule() *AwsEcsServiceInvalidPropagateTa resourceType: "aws_ecs_service", attributeName: "propagate_tags", enum: []string{ - "TASK_DEFINITION", - "SERVICE", "NONE", + "SERVICE", + "TASK_DEFINITION", }, } } diff --git a/rules/models/aws_ecs_service_invalid_scheduling_strategy.go b/rules/models/aws_ecs_service_invalid_scheduling_strategy.go index b9e1630c..cc4b4af1 100644 --- a/rules/models/aws_ecs_service_invalid_scheduling_strategy.go +++ b/rules/models/aws_ecs_service_invalid_scheduling_strategy.go @@ -25,8 +25,8 @@ func NewAwsEcsServiceInvalidSchedulingStrategyRule() *AwsEcsServiceInvalidSchedu resourceType: "aws_ecs_service", attributeName: "scheduling_strategy", enum: []string{ - "REPLICA", "DAEMON", + "REPLICA", }, } } diff --git a/rules/models/aws_ecs_task_definition_invalid_ipc_mode.go b/rules/models/aws_ecs_task_definition_invalid_ipc_mode.go index c8e4aa5b..c5558cf7 100644 --- a/rules/models/aws_ecs_task_definition_invalid_ipc_mode.go +++ b/rules/models/aws_ecs_task_definition_invalid_ipc_mode.go @@ -26,8 +26,8 @@ func NewAwsEcsTaskDefinitionInvalidIpcModeRule() *AwsEcsTaskDefinitionInvalidIpc attributeName: "ipc_mode", enum: []string{ "host", - "task", "none", + "task", }, } } diff --git a/rules/models/aws_ecs_task_definition_invalid_network_mode.go b/rules/models/aws_ecs_task_definition_invalid_network_mode.go index 3f231b00..6491ac72 100644 --- a/rules/models/aws_ecs_task_definition_invalid_network_mode.go +++ b/rules/models/aws_ecs_task_definition_invalid_network_mode.go @@ -25,9 +25,9 @@ func NewAwsEcsTaskDefinitionInvalidNetworkModeRule() *AwsEcsTaskDefinitionInvali resourceType: "aws_ecs_task_definition", attributeName: "network_mode", enum: []string{ + "awsvpc", "bridge", "host", - "awsvpc", "none", }, } diff --git a/rules/models/aws_ecs_task_set_invalid_launch_type.go b/rules/models/aws_ecs_task_set_invalid_launch_type.go index 98eee0ca..37675876 100644 --- a/rules/models/aws_ecs_task_set_invalid_launch_type.go +++ b/rules/models/aws_ecs_task_set_invalid_launch_type.go @@ -26,8 +26,8 @@ func NewAwsEcsTaskSetInvalidLaunchTypeRule() *AwsEcsTaskSetInvalidLaunchTypeRule attributeName: "launch_type", enum: []string{ "EC2", - "FARGATE", "EXTERNAL", + "FARGATE", "MANAGED_INSTANCES", }, } diff --git a/rules/models/aws_efs_file_system_invalid_throughput_mode.go b/rules/models/aws_efs_file_system_invalid_throughput_mode.go index 1fe979dc..aa82d61b 100644 --- a/rules/models/aws_efs_file_system_invalid_throughput_mode.go +++ b/rules/models/aws_efs_file_system_invalid_throughput_mode.go @@ -26,8 +26,8 @@ func NewAwsEfsFileSystemInvalidThroughputModeRule() *AwsEfsFileSystemInvalidThro attributeName: "throughput_mode", enum: []string{ "bursting", - "provisioned", "elastic", + "provisioned", }, } } diff --git a/rules/models/aws_eks_addon_invalid_cluster_name.go b/rules/models/aws_eks_addon_invalid_cluster_name.go index 17d551a0..308e8736 100644 --- a/rules/models/aws_eks_addon_invalid_cluster_name.go +++ b/rules/models/aws_eks_addon_invalid_cluster_name.go @@ -29,7 +29,7 @@ func NewAwsEksAddonInvalidClusterNameRule() *AwsEksAddonInvalidClusterNameRule { attributeName: "cluster_name", max: 100, min: 1, - pattern: regexp.MustCompile(`^[0-9A-Za-z][A-Za-z0-9\-_]*`), + pattern: regexp.MustCompile(`^[0-9A-Za-z][A-Za-z0-9\-_]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsEksAddonInvalidClusterNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][A-Za-z0-9\-_]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][A-Za-z0-9\-_]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_eks_cluster_invalid_name.go b/rules/models/aws_eks_cluster_invalid_name.go index 0d769e68..f9341387 100644 --- a/rules/models/aws_eks_cluster_invalid_name.go +++ b/rules/models/aws_eks_cluster_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsEksClusterInvalidNameRule() *AwsEksClusterInvalidNameRule { attributeName: "name", max: 100, min: 1, - pattern: regexp.MustCompile(`^[0-9A-Za-z][A-Za-z0-9\-_]*`), + pattern: regexp.MustCompile(`^[0-9A-Za-z][A-Za-z0-9\-_]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsEksClusterInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][A-Za-z0-9\-_]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][A-Za-z0-9\-_]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_eks_cluster_invalid_name_test.go b/rules/models/aws_eks_cluster_invalid_name_test.go index 8770a3d1..1d058684 100644 --- a/rules/models/aws_eks_cluster_invalid_name_test.go +++ b/rules/models/aws_eks_cluster_invalid_name_test.go @@ -24,7 +24,7 @@ resource "aws_eks_cluster" "foo" { Expected: helper.Issues{ { Rule: NewAwsEksClusterInvalidNameRule(), - Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("@example"), `^[0-9A-Za-z][A-Za-z0-9\-_]*`), + Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("@example"), `^[0-9A-Za-z][A-Za-z0-9\-_]*$`), }, }, }, diff --git a/rules/models/aws_eks_node_group_invalid_ami_type.go b/rules/models/aws_eks_node_group_invalid_ami_type.go index 4006f2a4..d89ce021 100644 --- a/rules/models/aws_eks_node_group_invalid_ami_type.go +++ b/rules/models/aws_eks_node_group_invalid_ami_type.go @@ -25,25 +25,25 @@ func NewAwsEksNodeGroupInvalidAMITypeRule() *AwsEksNodeGroupInvalidAMITypeRule { resourceType: "aws_eks_node_group", attributeName: "ami_type", enum: []string{ + "AL2023_ARM_64_NVIDIA", + "AL2023_ARM_64_STANDARD", + "AL2023_x86_64_NEURON", + "AL2023_x86_64_NVIDIA", + "AL2023_x86_64_STANDARD", + "AL2_ARM_64", "AL2_x86_64", "AL2_x86_64_GPU", - "AL2_ARM_64", - "CUSTOM", "BOTTLEROCKET_ARM_64", - "BOTTLEROCKET_x86_64", "BOTTLEROCKET_ARM_64_FIPS", - "BOTTLEROCKET_x86_64_FIPS", "BOTTLEROCKET_ARM_64_NVIDIA", + "BOTTLEROCKET_x86_64", + "BOTTLEROCKET_x86_64_FIPS", "BOTTLEROCKET_x86_64_NVIDIA", + "CUSTOM", "WINDOWS_CORE_2019_x86_64", - "WINDOWS_FULL_2019_x86_64", "WINDOWS_CORE_2022_x86_64", + "WINDOWS_FULL_2019_x86_64", "WINDOWS_FULL_2022_x86_64", - "AL2023_x86_64_STANDARD", - "AL2023_ARM_64_STANDARD", - "AL2023_x86_64_NEURON", - "AL2023_x86_64_NVIDIA", - "AL2023_ARM_64_NVIDIA", }, } } diff --git a/rules/models/aws_eks_node_group_invalid_capacity_type.go b/rules/models/aws_eks_node_group_invalid_capacity_type.go index 78b7a898..2daca50e 100644 --- a/rules/models/aws_eks_node_group_invalid_capacity_type.go +++ b/rules/models/aws_eks_node_group_invalid_capacity_type.go @@ -25,9 +25,9 @@ func NewAwsEksNodeGroupInvalidCapacityTypeRule() *AwsEksNodeGroupInvalidCapacity resourceType: "aws_eks_node_group", attributeName: "capacity_type", enum: []string{ + "CAPACITY_BLOCK", "ON_DEMAND", "SPOT", - "CAPACITY_BLOCK", }, } } diff --git a/rules/models/aws_elasticache_cluster_invalid_az_mode.go b/rules/models/aws_elasticache_cluster_invalid_az_mode.go index 5a689c3a..44705fec 100644 --- a/rules/models/aws_elasticache_cluster_invalid_az_mode.go +++ b/rules/models/aws_elasticache_cluster_invalid_az_mode.go @@ -25,8 +25,8 @@ func NewAwsElastiCacheClusterInvalidAzModeRule() *AwsElastiCacheClusterInvalidAz resourceType: "aws_elasticache_cluster", attributeName: "az_mode", enum: []string{ - "single-az", "cross-az", + "single-az", }, } } diff --git a/rules/models/aws_emr_studio_invalid_auth_mode.go b/rules/models/aws_emr_studio_invalid_auth_mode.go index 1fa3dcdd..22a1d5de 100644 --- a/rules/models/aws_emr_studio_invalid_auth_mode.go +++ b/rules/models/aws_emr_studio_invalid_auth_mode.go @@ -25,8 +25,8 @@ func NewAwsEmrStudioInvalidAuthModeRule() *AwsEmrStudioInvalidAuthModeRule { resourceType: "aws_emr_studio", attributeName: "auth_mode", enum: []string{ - "SSO", "IAM", + "SSO", }, } } diff --git a/rules/models/aws_emr_studio_session_mapping_invalid_identity_type.go b/rules/models/aws_emr_studio_session_mapping_invalid_identity_type.go index f03720b6..f1fa1982 100644 --- a/rules/models/aws_emr_studio_session_mapping_invalid_identity_type.go +++ b/rules/models/aws_emr_studio_session_mapping_invalid_identity_type.go @@ -25,8 +25,8 @@ func NewAwsEmrStudioSessionMappingInvalidIdentityTypeRule() *AwsEmrStudioSession resourceType: "aws_emr_studio_session_mapping", attributeName: "identity_type", enum: []string{ - "USER", "GROUP", + "USER", }, } } diff --git a/rules/models/aws_flow_log_invalid_log_destination_type.go b/rules/models/aws_flow_log_invalid_log_destination_type.go index 3deb0a89..864f6cfa 100644 --- a/rules/models/aws_flow_log_invalid_log_destination_type.go +++ b/rules/models/aws_flow_log_invalid_log_destination_type.go @@ -26,8 +26,8 @@ func NewAwsFlowLogInvalidLogDestinationTypeRule() *AwsFlowLogInvalidLogDestinati attributeName: "log_destination_type", enum: []string{ "cloud-watch-logs", - "s3", "kinesis-data-firehose", + "s3", }, } } diff --git a/rules/models/aws_flow_log_invalid_traffic_type.go b/rules/models/aws_flow_log_invalid_traffic_type.go index 90c93e55..39cd7222 100644 --- a/rules/models/aws_flow_log_invalid_traffic_type.go +++ b/rules/models/aws_flow_log_invalid_traffic_type.go @@ -26,8 +26,8 @@ func NewAwsFlowLogInvalidTrafficTypeRule() *AwsFlowLogInvalidTrafficTypeRule { attributeName: "traffic_type", enum: []string{ "ACCEPT", - "REJECT", "ALL", + "REJECT", }, } } diff --git a/rules/models/aws_fsx_ontap_file_system_invalid_deployment_type.go b/rules/models/aws_fsx_ontap_file_system_invalid_deployment_type.go index b781dc1c..306cc28c 100644 --- a/rules/models/aws_fsx_ontap_file_system_invalid_deployment_type.go +++ b/rules/models/aws_fsx_ontap_file_system_invalid_deployment_type.go @@ -26,9 +26,9 @@ func NewAwsFsxOntapFileSystemInvalidDeploymentTypeRule() *AwsFsxOntapFileSystemI attributeName: "deployment_type", enum: []string{ "MULTI_AZ_1", + "MULTI_AZ_2", "SINGLE_AZ_1", "SINGLE_AZ_2", - "MULTI_AZ_2", }, } } diff --git a/rules/models/aws_fsx_ontap_storage_virtual_machine_invalid_root_volume_security_style.go b/rules/models/aws_fsx_ontap_storage_virtual_machine_invalid_root_volume_security_style.go index 8a5b94f8..ed4c671f 100644 --- a/rules/models/aws_fsx_ontap_storage_virtual_machine_invalid_root_volume_security_style.go +++ b/rules/models/aws_fsx_ontap_storage_virtual_machine_invalid_root_volume_security_style.go @@ -25,9 +25,9 @@ func NewAwsFsxOntapStorageVirtualMachineInvalidRootVolumeSecurityStyleRule() *Aw resourceType: "aws_fsx_ontap_storage_virtual_machine", attributeName: "root_volume_security_style", enum: []string{ - "UNIX", - "NTFS", "MIXED", + "NTFS", + "UNIX", }, } } diff --git a/rules/models/aws_fsx_ontap_volume_invalid_security_style.go b/rules/models/aws_fsx_ontap_volume_invalid_security_style.go index 2015e0ad..d45f6cd8 100644 --- a/rules/models/aws_fsx_ontap_volume_invalid_security_style.go +++ b/rules/models/aws_fsx_ontap_volume_invalid_security_style.go @@ -25,9 +25,9 @@ func NewAwsFsxOntapVolumeInvalidSecurityStyleRule() *AwsFsxOntapVolumeInvalidSec resourceType: "aws_fsx_ontap_volume", attributeName: "security_style", enum: []string{ - "UNIX", - "NTFS", "MIXED", + "NTFS", + "UNIX", }, } } diff --git a/rules/models/aws_fsx_openzfs_file_system_invalid_deployment_type.go b/rules/models/aws_fsx_openzfs_file_system_invalid_deployment_type.go index d8ac89b6..a820a1fb 100644 --- a/rules/models/aws_fsx_openzfs_file_system_invalid_deployment_type.go +++ b/rules/models/aws_fsx_openzfs_file_system_invalid_deployment_type.go @@ -25,11 +25,11 @@ func NewAwsFsxOpenzfsFileSystemInvalidDeploymentTypeRule() *AwsFsxOpenzfsFileSys resourceType: "aws_fsx_openzfs_file_system", attributeName: "deployment_type", enum: []string{ + "MULTI_AZ_1", "SINGLE_AZ_1", "SINGLE_AZ_2", "SINGLE_AZ_HA_1", "SINGLE_AZ_HA_2", - "MULTI_AZ_1", }, } } diff --git a/rules/models/aws_fsx_openzfs_file_system_invalid_storage_type.go b/rules/models/aws_fsx_openzfs_file_system_invalid_storage_type.go index b45e590c..a7157077 100644 --- a/rules/models/aws_fsx_openzfs_file_system_invalid_storage_type.go +++ b/rules/models/aws_fsx_openzfs_file_system_invalid_storage_type.go @@ -25,9 +25,9 @@ func NewAwsFsxOpenzfsFileSystemInvalidStorageTypeRule() *AwsFsxOpenzfsFileSystem resourceType: "aws_fsx_openzfs_file_system", attributeName: "storage_type", enum: []string{ - "SSD", "HDD", "INTELLIGENT_TIERING", + "SSD", }, } } diff --git a/rules/models/aws_fsx_openzfs_volume_invalid_data_compression_type.go b/rules/models/aws_fsx_openzfs_volume_invalid_data_compression_type.go index 6e2311bf..5d72775c 100644 --- a/rules/models/aws_fsx_openzfs_volume_invalid_data_compression_type.go +++ b/rules/models/aws_fsx_openzfs_volume_invalid_data_compression_type.go @@ -25,9 +25,9 @@ func NewAwsFsxOpenzfsVolumeInvalidDataCompressionTypeRule() *AwsFsxOpenzfsVolume resourceType: "aws_fsx_openzfs_volume", attributeName: "data_compression_type", enum: []string{ + "LZ4", "NONE", "ZSTD", - "LZ4", }, } } diff --git a/rules/models/aws_gamelift_build_invalid_operating_system.go b/rules/models/aws_gamelift_build_invalid_operating_system.go index 3b9a4f0e..ae158c85 100644 --- a/rules/models/aws_gamelift_build_invalid_operating_system.go +++ b/rules/models/aws_gamelift_build_invalid_operating_system.go @@ -25,11 +25,12 @@ func NewAwsGameliftBuildInvalidOperatingSystemRule() *AwsGameliftBuildInvalidOpe resourceType: "aws_gamelift_build", attributeName: "operating_system", enum: []string{ - "WINDOWS_2012", "AMAZON_LINUX", "AMAZON_LINUX_2", - "WINDOWS_2016", "AMAZON_LINUX_2023", + "WINDOWS_2012", + "WINDOWS_2016", + "WINDOWS_2022", }, } } diff --git a/rules/models/aws_gamelift_fleet_invalid_build_id.go b/rules/models/aws_gamelift_fleet_invalid_build_id.go index 3c88ed47..4ff94803 100644 --- a/rules/models/aws_gamelift_fleet_invalid_build_id.go +++ b/rules/models/aws_gamelift_fleet_invalid_build_id.go @@ -25,7 +25,7 @@ func NewAwsGameliftFleetInvalidBuildIDRule() *AwsGameliftFleetInvalidBuildIDRule return &AwsGameliftFleetInvalidBuildIDRule{ resourceType: "aws_gamelift_fleet", attributeName: "build_id", - pattern: regexp.MustCompile(`^build-\S+`), + pattern: regexp.MustCompile(`^build-\S+$`), } } @@ -72,7 +72,7 @@ func (r *AwsGameliftFleetInvalidBuildIDRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^build-\S+`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^build-\S+$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_gamelift_fleet_invalid_ec2_instance_type.go b/rules/models/aws_gamelift_fleet_invalid_ec2_instance_type.go index ff0ee6ad..16954721 100644 --- a/rules/models/aws_gamelift_fleet_invalid_ec2_instance_type.go +++ b/rules/models/aws_gamelift_fleet_invalid_ec2_instance_type.go @@ -25,511 +25,511 @@ func NewAwsGameliftFleetInvalidEc2InstanceTypeRule() *AwsGameliftFleetInvalidEc2 resourceType: "aws_gamelift_fleet", attributeName: "ec2_instance_type", enum: []string{ - "t2.micro", - "t2.small", - "t2.medium", - "t2.large", - "c3.large", - "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", - "c4.large", - "c4.xlarge", + "c3.large", + "c3.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", - "c5.large", - "c5.xlarge", - "c5.2xlarge", - "c5.4xlarge", - "c5.9xlarge", + "c4.large", + "c4.xlarge", "c5.12xlarge", "c5.18xlarge", "c5.24xlarge", - "c5a.large", - "c5a.xlarge", - "c5a.2xlarge", - "c5a.4xlarge", - "c5a.8xlarge", + "c5.2xlarge", + "c5.4xlarge", + "c5.9xlarge", + "c5.large", + "c5.xlarge", "c5a.12xlarge", "c5a.16xlarge", "c5a.24xlarge", - "r3.large", - "r3.xlarge", - "r3.2xlarge", - "r3.4xlarge", - "r3.8xlarge", - "r4.large", - "r4.xlarge", - "r4.2xlarge", - "r4.4xlarge", - "r4.8xlarge", - "r4.16xlarge", - "r5.large", - "r5.xlarge", - "r5.2xlarge", - "r5.4xlarge", - "r5.8xlarge", - "r5.12xlarge", - "r5.16xlarge", - "r5.24xlarge", - "r5a.large", - "r5a.xlarge", - "r5a.2xlarge", - "r5a.4xlarge", - "r5a.8xlarge", - "r5a.12xlarge", - "r5a.16xlarge", - "r5a.24xlarge", - "m3.medium", - "m3.large", - "m3.xlarge", - "m3.2xlarge", - "m4.large", - "m4.xlarge", - "m4.2xlarge", - "m4.4xlarge", - "m4.10xlarge", - "m5.large", - "m5.xlarge", - "m5.2xlarge", - "m5.4xlarge", - "m5.8xlarge", - "m5.12xlarge", - "m5.16xlarge", - "m5.24xlarge", - "m5a.large", - "m5a.xlarge", - "m5a.2xlarge", - "m5a.4xlarge", - "m5a.8xlarge", - "m5a.12xlarge", - "m5a.16xlarge", - "m5a.24xlarge", - "c5d.large", - "c5d.xlarge", - "c5d.2xlarge", - "c5d.4xlarge", - "c5d.9xlarge", - "c5d.12xlarge", - "c5d.18xlarge", - "c5d.24xlarge", - "c6a.large", - "c6a.xlarge", - "c6a.2xlarge", - "c6a.4xlarge", - "c6a.8xlarge", - "c6a.12xlarge", - "c6a.16xlarge", - "c6a.24xlarge", - "c6i.large", - "c6i.xlarge", - "c6i.2xlarge", - "c6i.4xlarge", - "c6i.8xlarge", - "c6i.12xlarge", - "c6i.16xlarge", - "c6i.24xlarge", - "r5d.large", - "r5d.xlarge", - "r5d.2xlarge", - "r5d.4xlarge", - "r5d.8xlarge", - "r5d.12xlarge", - "r5d.16xlarge", - "r5d.24xlarge", - "m6g.medium", - "m6g.large", - "m6g.xlarge", - "m6g.2xlarge", - "m6g.4xlarge", - "m6g.8xlarge", - "m6g.12xlarge", - "m6g.16xlarge", - "c6g.medium", - "c6g.large", - "c6g.xlarge", - "c6g.2xlarge", - "c6g.4xlarge", - "c6g.8xlarge", - "c6g.12xlarge", - "c6g.16xlarge", - "r6g.medium", - "r6g.large", - "r6g.xlarge", - "r6g.2xlarge", - "r6g.4xlarge", - "r6g.8xlarge", - "r6g.12xlarge", - "r6g.16xlarge", - "c6gn.medium", - "c6gn.large", - "c6gn.xlarge", - "c6gn.2xlarge", - "c6gn.4xlarge", - "c6gn.8xlarge", - "c6gn.12xlarge", - "c6gn.16xlarge", - "c7g.medium", - "c7g.large", - "c7g.xlarge", - "c7g.2xlarge", - "c7g.4xlarge", - "c7g.8xlarge", - "c7g.12xlarge", - "c7g.16xlarge", - "r7g.medium", - "r7g.large", - "r7g.xlarge", - "r7g.2xlarge", - "r7g.4xlarge", - "r7g.8xlarge", - "r7g.12xlarge", - "r7g.16xlarge", - "m7g.medium", - "m7g.large", - "m7g.xlarge", - "m7g.2xlarge", - "m7g.4xlarge", - "m7g.8xlarge", - "m7g.12xlarge", - "m7g.16xlarge", - "g5g.xlarge", - "g5g.2xlarge", - "g5g.4xlarge", - "g5g.8xlarge", - "g5g.16xlarge", - "r6i.large", - "r6i.xlarge", - "r6i.2xlarge", - "r6i.4xlarge", - "r6i.8xlarge", - "r6i.12xlarge", - "r6i.16xlarge", - "c6gd.medium", - "c6gd.large", - "c6gd.xlarge", - "c6gd.2xlarge", - "c6gd.4xlarge", - "c6gd.8xlarge", - "c6gd.12xlarge", - "c6gd.16xlarge", - "c6in.large", - "c6in.xlarge", - "c6in.2xlarge", - "c6in.4xlarge", - "c6in.8xlarge", - "c6in.12xlarge", - "c6in.16xlarge", - "c7a.medium", - "c7a.large", - "c7a.xlarge", - "c7a.2xlarge", - "c7a.4xlarge", - "c7a.8xlarge", - "c7a.12xlarge", - "c7a.16xlarge", - "c7gd.medium", - "c7gd.large", - "c7gd.xlarge", - "c7gd.2xlarge", - "c7gd.4xlarge", - "c7gd.8xlarge", - "c7gd.12xlarge", - "c7gd.16xlarge", - "c7gn.medium", - "c7gn.large", - "c7gn.xlarge", - "c7gn.2xlarge", - "c7gn.4xlarge", - "c7gn.8xlarge", - "c7gn.12xlarge", - "c7gn.16xlarge", - "c7i.large", - "c7i.xlarge", - "c7i.2xlarge", - "c7i.4xlarge", - "c7i.8xlarge", - "c7i.12xlarge", - "c7i.16xlarge", - "m6a.large", - "m6a.xlarge", - "m6a.2xlarge", - "m6a.4xlarge", - "m6a.8xlarge", - "m6a.12xlarge", - "m6a.16xlarge", - "m6gd.medium", - "m6gd.large", - "m6gd.xlarge", - "m6gd.2xlarge", - "m6gd.4xlarge", - "m6gd.8xlarge", - "m6gd.12xlarge", - "m6gd.16xlarge", - "m6i.large", - "m6i.xlarge", - "m6i.2xlarge", - "m6i.4xlarge", - "m6i.8xlarge", - "m6i.12xlarge", - "m6i.16xlarge", - "m7a.medium", - "m7a.large", - "m7a.xlarge", - "m7a.2xlarge", - "m7a.4xlarge", - "m7a.8xlarge", - "m7a.12xlarge", - "m7a.16xlarge", - "m7gd.medium", - "m7gd.large", - "m7gd.xlarge", - "m7gd.2xlarge", - "m7gd.4xlarge", - "m7gd.8xlarge", - "m7gd.12xlarge", - "m7gd.16xlarge", - "m7i.large", - "m7i.xlarge", - "m7i.2xlarge", - "m7i.4xlarge", - "m7i.8xlarge", - "m7i.12xlarge", - "m7i.16xlarge", - "r6gd.medium", - "r6gd.large", - "r6gd.xlarge", - "r6gd.2xlarge", - "r6gd.4xlarge", - "r6gd.8xlarge", - "r6gd.12xlarge", - "r6gd.16xlarge", - "r7a.medium", - "r7a.large", - "r7a.xlarge", - "r7a.2xlarge", - "r7a.4xlarge", - "r7a.8xlarge", - "r7a.12xlarge", - "r7a.16xlarge", - "r7gd.medium", - "r7gd.large", - "r7gd.xlarge", - "r7gd.2xlarge", - "r7gd.4xlarge", - "r7gd.8xlarge", - "r7gd.12xlarge", - "r7gd.16xlarge", - "r7i.large", - "r7i.xlarge", - "r7i.2xlarge", - "r7i.4xlarge", - "r7i.8xlarge", - "r7i.12xlarge", - "r7i.16xlarge", - "r7i.24xlarge", - "r7i.48xlarge", - "c5ad.large", - "c5ad.xlarge", - "c5ad.2xlarge", - "c5ad.4xlarge", - "c5ad.8xlarge", + "c5a.2xlarge", + "c5a.4xlarge", + "c5a.8xlarge", + "c5a.large", + "c5a.xlarge", "c5ad.12xlarge", "c5ad.16xlarge", "c5ad.24xlarge", - "c5n.large", - "c5n.xlarge", + "c5ad.2xlarge", + "c5ad.4xlarge", + "c5ad.8xlarge", + "c5ad.large", + "c5ad.xlarge", + "c5d.12xlarge", + "c5d.18xlarge", + "c5d.24xlarge", + "c5d.2xlarge", + "c5d.4xlarge", + "c5d.9xlarge", + "c5d.large", + "c5d.xlarge", + "c5n.18xlarge", "c5n.2xlarge", "c5n.4xlarge", - "c5n.9xlarge", - "c5n.18xlarge", - "r5ad.large", - "r5ad.xlarge", - "r5ad.2xlarge", - "r5ad.4xlarge", - "r5ad.8xlarge", - "r5ad.12xlarge", - "r5ad.16xlarge", - "r5ad.24xlarge", - "c6id.large", - "c6id.xlarge", - "c6id.2xlarge", - "c6id.4xlarge", - "c6id.8xlarge", + "c5n.9xlarge", + "c5n.large", + "c5n.xlarge", + "c6a.12xlarge", + "c6a.16xlarge", + "c6a.24xlarge", + "c6a.2xlarge", + "c6a.32xlarge", + "c6a.48xlarge", + "c6a.4xlarge", + "c6a.8xlarge", + "c6a.large", + "c6a.xlarge", + "c6g.12xlarge", + "c6g.16xlarge", + "c6g.2xlarge", + "c6g.4xlarge", + "c6g.8xlarge", + "c6g.large", + "c6g.medium", + "c6g.xlarge", + "c6gd.12xlarge", + "c6gd.16xlarge", + "c6gd.2xlarge", + "c6gd.4xlarge", + "c6gd.8xlarge", + "c6gd.large", + "c6gd.medium", + "c6gd.xlarge", + "c6gn.12xlarge", + "c6gn.16xlarge", + "c6gn.2xlarge", + "c6gn.4xlarge", + "c6gn.8xlarge", + "c6gn.large", + "c6gn.medium", + "c6gn.xlarge", + "c6i.12xlarge", + "c6i.16xlarge", + "c6i.24xlarge", + "c6i.2xlarge", + "c6i.32xlarge", + "c6i.4xlarge", + "c6i.8xlarge", + "c6i.large", + "c6i.xlarge", "c6id.12xlarge", "c6id.16xlarge", "c6id.24xlarge", + "c6id.2xlarge", "c6id.32xlarge", - "c8g.medium", - "c8g.large", - "c8g.xlarge", - "c8g.2xlarge", - "c8g.4xlarge", - "c8g.8xlarge", + "c6id.4xlarge", + "c6id.8xlarge", + "c6id.large", + "c6id.xlarge", + "c6in.12xlarge", + "c6in.16xlarge", + "c6in.24xlarge", + "c6in.2xlarge", + "c6in.32xlarge", + "c6in.4xlarge", + "c6in.8xlarge", + "c6in.large", + "c6in.xlarge", + "c7a.12xlarge", + "c7a.16xlarge", + "c7a.24xlarge", + "c7a.2xlarge", + "c7a.32xlarge", + "c7a.48xlarge", + "c7a.4xlarge", + "c7a.8xlarge", + "c7a.large", + "c7a.medium", + "c7a.xlarge", + "c7g.12xlarge", + "c7g.16xlarge", + "c7g.2xlarge", + "c7g.4xlarge", + "c7g.8xlarge", + "c7g.large", + "c7g.medium", + "c7g.xlarge", + "c7gd.12xlarge", + "c7gd.16xlarge", + "c7gd.2xlarge", + "c7gd.4xlarge", + "c7gd.8xlarge", + "c7gd.large", + "c7gd.medium", + "c7gd.xlarge", + "c7gn.12xlarge", + "c7gn.16xlarge", + "c7gn.2xlarge", + "c7gn.4xlarge", + "c7gn.8xlarge", + "c7gn.large", + "c7gn.medium", + "c7gn.xlarge", + "c7i.12xlarge", + "c7i.16xlarge", + "c7i.24xlarge", + "c7i.2xlarge", + "c7i.48xlarge", + "c7i.4xlarge", + "c7i.8xlarge", + "c7i.large", + "c7i.xlarge", "c8g.12xlarge", "c8g.16xlarge", "c8g.24xlarge", + "c8g.2xlarge", "c8g.48xlarge", - "m5ad.large", - "m5ad.xlarge", - "m5ad.2xlarge", - "m5ad.4xlarge", - "m5ad.8xlarge", + "c8g.4xlarge", + "c8g.8xlarge", + "c8g.large", + "c8g.medium", + "c8g.xlarge", + "g5g.16xlarge", + "g5g.2xlarge", + "g5g.4xlarge", + "g5g.8xlarge", + "g5g.xlarge", + "m3.2xlarge", + "m3.large", + "m3.medium", + "m3.xlarge", + "m4.10xlarge", + "m4.16xlarge", + "m4.2xlarge", + "m4.4xlarge", + "m4.large", + "m4.xlarge", + "m5.12xlarge", + "m5.16xlarge", + "m5.24xlarge", + "m5.2xlarge", + "m5.4xlarge", + "m5.8xlarge", + "m5.large", + "m5.xlarge", + "m5a.12xlarge", + "m5a.16xlarge", + "m5a.24xlarge", + "m5a.2xlarge", + "m5a.4xlarge", + "m5a.8xlarge", + "m5a.large", + "m5a.xlarge", "m5ad.12xlarge", "m5ad.16xlarge", "m5ad.24xlarge", - "m5d.large", - "m5d.xlarge", - "m5d.2xlarge", - "m5d.4xlarge", - "m5d.8xlarge", + "m5ad.2xlarge", + "m5ad.4xlarge", + "m5ad.8xlarge", + "m5ad.large", + "m5ad.xlarge", "m5d.12xlarge", "m5d.16xlarge", "m5d.24xlarge", - "m5dn.large", - "m5dn.xlarge", - "m5dn.2xlarge", - "m5dn.4xlarge", - "m5dn.8xlarge", + "m5d.2xlarge", + "m5d.4xlarge", + "m5d.8xlarge", + "m5d.large", + "m5d.xlarge", "m5dn.12xlarge", "m5dn.16xlarge", "m5dn.24xlarge", - "m5n.large", - "m5n.xlarge", - "m5n.2xlarge", - "m5n.4xlarge", - "m5n.8xlarge", + "m5dn.2xlarge", + "m5dn.4xlarge", + "m5dn.8xlarge", + "m5dn.large", + "m5dn.xlarge", "m5n.12xlarge", "m5n.16xlarge", "m5n.24xlarge", - "m6id.large", - "m6id.xlarge", - "m6id.2xlarge", - "m6id.4xlarge", - "m6id.8xlarge", + "m5n.2xlarge", + "m5n.4xlarge", + "m5n.8xlarge", + "m5n.large", + "m5n.xlarge", + "m6a.12xlarge", + "m6a.16xlarge", + "m6a.24xlarge", + "m6a.2xlarge", + "m6a.32xlarge", + "m6a.48xlarge", + "m6a.4xlarge", + "m6a.8xlarge", + "m6a.large", + "m6a.xlarge", + "m6g.12xlarge", + "m6g.16xlarge", + "m6g.2xlarge", + "m6g.4xlarge", + "m6g.8xlarge", + "m6g.large", + "m6g.medium", + "m6g.xlarge", + "m6gd.12xlarge", + "m6gd.16xlarge", + "m6gd.2xlarge", + "m6gd.4xlarge", + "m6gd.8xlarge", + "m6gd.large", + "m6gd.medium", + "m6gd.xlarge", + "m6i.12xlarge", + "m6i.16xlarge", + "m6i.24xlarge", + "m6i.2xlarge", + "m6i.32xlarge", + "m6i.4xlarge", + "m6i.8xlarge", + "m6i.large", + "m6i.xlarge", "m6id.12xlarge", "m6id.16xlarge", "m6id.24xlarge", + "m6id.2xlarge", "m6id.32xlarge", - "m6idn.large", - "m6idn.xlarge", - "m6idn.2xlarge", - "m6idn.4xlarge", - "m6idn.8xlarge", + "m6id.4xlarge", + "m6id.8xlarge", + "m6id.large", + "m6id.xlarge", "m6idn.12xlarge", "m6idn.16xlarge", "m6idn.24xlarge", + "m6idn.2xlarge", "m6idn.32xlarge", - "m6in.large", - "m6in.xlarge", - "m6in.2xlarge", - "m6in.4xlarge", - "m6in.8xlarge", + "m6idn.4xlarge", + "m6idn.8xlarge", + "m6idn.large", + "m6idn.xlarge", "m6in.12xlarge", - "m6in.16xlarge", - "m6in.24xlarge", - "m6in.32xlarge", - "m8g.medium", - "m8g.large", - "m8g.xlarge", - "m8g.2xlarge", - "m8g.4xlarge", - "m8g.8xlarge", + "m6in.16xlarge", + "m6in.24xlarge", + "m6in.2xlarge", + "m6in.32xlarge", + "m6in.4xlarge", + "m6in.8xlarge", + "m6in.large", + "m6in.xlarge", + "m7a.12xlarge", + "m7a.16xlarge", + "m7a.24xlarge", + "m7a.2xlarge", + "m7a.32xlarge", + "m7a.48xlarge", + "m7a.4xlarge", + "m7a.8xlarge", + "m7a.large", + "m7a.medium", + "m7a.xlarge", + "m7g.12xlarge", + "m7g.16xlarge", + "m7g.2xlarge", + "m7g.4xlarge", + "m7g.8xlarge", + "m7g.large", + "m7g.medium", + "m7g.xlarge", + "m7gd.12xlarge", + "m7gd.16xlarge", + "m7gd.2xlarge", + "m7gd.4xlarge", + "m7gd.8xlarge", + "m7gd.large", + "m7gd.medium", + "m7gd.xlarge", + "m7i.12xlarge", + "m7i.16xlarge", + "m7i.24xlarge", + "m7i.2xlarge", + "m7i.48xlarge", + "m7i.4xlarge", + "m7i.8xlarge", + "m7i.large", + "m7i.xlarge", "m8g.12xlarge", "m8g.16xlarge", "m8g.24xlarge", + "m8g.2xlarge", "m8g.48xlarge", - "r5dn.large", - "r5dn.xlarge", - "r5dn.2xlarge", - "r5dn.4xlarge", - "r5dn.8xlarge", + "m8g.4xlarge", + "m8g.8xlarge", + "m8g.large", + "m8g.medium", + "m8g.xlarge", + "r3.2xlarge", + "r3.4xlarge", + "r3.8xlarge", + "r3.large", + "r3.xlarge", + "r4.16xlarge", + "r4.2xlarge", + "r4.4xlarge", + "r4.8xlarge", + "r4.large", + "r4.xlarge", + "r5.12xlarge", + "r5.16xlarge", + "r5.24xlarge", + "r5.2xlarge", + "r5.4xlarge", + "r5.8xlarge", + "r5.large", + "r5.xlarge", + "r5a.12xlarge", + "r5a.16xlarge", + "r5a.24xlarge", + "r5a.2xlarge", + "r5a.4xlarge", + "r5a.8xlarge", + "r5a.large", + "r5a.xlarge", + "r5ad.12xlarge", + "r5ad.16xlarge", + "r5ad.24xlarge", + "r5ad.2xlarge", + "r5ad.4xlarge", + "r5ad.8xlarge", + "r5ad.large", + "r5ad.xlarge", + "r5d.12xlarge", + "r5d.16xlarge", + "r5d.24xlarge", + "r5d.2xlarge", + "r5d.4xlarge", + "r5d.8xlarge", + "r5d.large", + "r5d.xlarge", "r5dn.12xlarge", "r5dn.16xlarge", "r5dn.24xlarge", - "r5n.large", - "r5n.xlarge", - "r5n.2xlarge", - "r5n.4xlarge", - "r5n.8xlarge", + "r5dn.2xlarge", + "r5dn.4xlarge", + "r5dn.8xlarge", + "r5dn.large", + "r5dn.xlarge", "r5n.12xlarge", "r5n.16xlarge", "r5n.24xlarge", - "r6a.large", - "r6a.xlarge", - "r6a.2xlarge", - "r6a.4xlarge", - "r6a.8xlarge", + "r5n.2xlarge", + "r5n.4xlarge", + "r5n.8xlarge", + "r5n.large", + "r5n.xlarge", "r6a.12xlarge", "r6a.16xlarge", "r6a.24xlarge", + "r6a.2xlarge", "r6a.32xlarge", "r6a.48xlarge", - "r6id.large", - "r6id.xlarge", - "r6id.2xlarge", - "r6id.4xlarge", - "r6id.8xlarge", + "r6a.4xlarge", + "r6a.8xlarge", + "r6a.large", + "r6a.xlarge", + "r6g.12xlarge", + "r6g.16xlarge", + "r6g.2xlarge", + "r6g.4xlarge", + "r6g.8xlarge", + "r6g.large", + "r6g.medium", + "r6g.xlarge", + "r6gd.12xlarge", + "r6gd.16xlarge", + "r6gd.2xlarge", + "r6gd.4xlarge", + "r6gd.8xlarge", + "r6gd.large", + "r6gd.medium", + "r6gd.xlarge", + "r6i.12xlarge", + "r6i.16xlarge", + "r6i.24xlarge", + "r6i.2xlarge", + "r6i.32xlarge", + "r6i.4xlarge", + "r6i.8xlarge", + "r6i.large", + "r6i.xlarge", "r6id.12xlarge", "r6id.16xlarge", "r6id.24xlarge", + "r6id.2xlarge", "r6id.32xlarge", - "r6idn.large", - "r6idn.xlarge", - "r6idn.2xlarge", - "r6idn.4xlarge", - "r6idn.8xlarge", + "r6id.4xlarge", + "r6id.8xlarge", + "r6id.large", + "r6id.xlarge", "r6idn.12xlarge", "r6idn.16xlarge", "r6idn.24xlarge", + "r6idn.2xlarge", "r6idn.32xlarge", - "r6in.large", - "r6in.xlarge", - "r6in.2xlarge", - "r6in.4xlarge", - "r6in.8xlarge", + "r6idn.4xlarge", + "r6idn.8xlarge", + "r6idn.large", + "r6idn.xlarge", "r6in.12xlarge", "r6in.16xlarge", "r6in.24xlarge", + "r6in.2xlarge", "r6in.32xlarge", - "r8g.medium", - "r8g.large", - "r8g.xlarge", - "r8g.2xlarge", - "r8g.4xlarge", - "r8g.8xlarge", + "r6in.4xlarge", + "r6in.8xlarge", + "r6in.large", + "r6in.xlarge", + "r7a.12xlarge", + "r7a.16xlarge", + "r7a.24xlarge", + "r7a.2xlarge", + "r7a.32xlarge", + "r7a.48xlarge", + "r7a.4xlarge", + "r7a.8xlarge", + "r7a.large", + "r7a.medium", + "r7a.xlarge", + "r7g.12xlarge", + "r7g.16xlarge", + "r7g.2xlarge", + "r7g.4xlarge", + "r7g.8xlarge", + "r7g.large", + "r7g.medium", + "r7g.xlarge", + "r7gd.12xlarge", + "r7gd.16xlarge", + "r7gd.2xlarge", + "r7gd.4xlarge", + "r7gd.8xlarge", + "r7gd.large", + "r7gd.medium", + "r7gd.xlarge", + "r7i.12xlarge", + "r7i.16xlarge", + "r7i.24xlarge", + "r7i.2xlarge", + "r7i.48xlarge", + "r7i.4xlarge", + "r7i.8xlarge", + "r7i.large", + "r7i.xlarge", "r8g.12xlarge", "r8g.16xlarge", "r8g.24xlarge", + "r8g.2xlarge", "r8g.48xlarge", - "m4.16xlarge", - "c6a.32xlarge", - "c6a.48xlarge", - "c6i.32xlarge", - "r6i.24xlarge", - "r6i.32xlarge", - "c6in.24xlarge", - "c6in.32xlarge", - "c7a.24xlarge", - "c7a.32xlarge", - "c7a.48xlarge", - "c7i.24xlarge", - "c7i.48xlarge", - "m6a.24xlarge", - "m6a.32xlarge", - "m6a.48xlarge", - "m6i.24xlarge", - "m6i.32xlarge", - "m7a.24xlarge", - "m7a.32xlarge", - "m7a.48xlarge", - "m7i.24xlarge", - "m7i.48xlarge", - "r7a.24xlarge", - "r7a.32xlarge", - "r7a.48xlarge", + "r8g.4xlarge", + "r8g.8xlarge", + "r8g.large", + "r8g.medium", + "r8g.xlarge", + "t2.large", + "t2.medium", + "t2.micro", + "t2.small", }, } } diff --git a/rules/models/aws_gamelift_fleet_invalid_new_game_session_protection_policy.go b/rules/models/aws_gamelift_fleet_invalid_new_game_session_protection_policy.go index 3a842565..d1d35aab 100644 --- a/rules/models/aws_gamelift_fleet_invalid_new_game_session_protection_policy.go +++ b/rules/models/aws_gamelift_fleet_invalid_new_game_session_protection_policy.go @@ -25,8 +25,8 @@ func NewAwsGameliftFleetInvalidNewGameSessionProtectionPolicyRule() *AwsGamelift resourceType: "aws_gamelift_fleet", attributeName: "new_game_session_protection_policy", enum: []string{ - "NoProtection", "FullProtection", + "NoProtection", }, } } diff --git a/rules/models/aws_globalaccelerator_accelerator_invalid_ip_address_type.go b/rules/models/aws_globalaccelerator_accelerator_invalid_ip_address_type.go index 54bc7174..6f2fa532 100644 --- a/rules/models/aws_globalaccelerator_accelerator_invalid_ip_address_type.go +++ b/rules/models/aws_globalaccelerator_accelerator_invalid_ip_address_type.go @@ -25,8 +25,8 @@ func NewAwsGlobalacceleratorAcceleratorInvalidIPAddressTypeRule() *AwsGlobalacce resourceType: "aws_globalaccelerator_accelerator", attributeName: "ip_address_type", enum: []string{ - "IPV4", "DUAL_STACK", + "IPV4", }, } } diff --git a/rules/models/aws_globalaccelerator_endpoint_group_invalid_health_check_protocol.go b/rules/models/aws_globalaccelerator_endpoint_group_invalid_health_check_protocol.go index 297a38e9..ede0c7eb 100644 --- a/rules/models/aws_globalaccelerator_endpoint_group_invalid_health_check_protocol.go +++ b/rules/models/aws_globalaccelerator_endpoint_group_invalid_health_check_protocol.go @@ -25,9 +25,9 @@ func NewAwsGlobalacceleratorEndpointGroupInvalidHealthCheckProtocolRule() *AwsGl resourceType: "aws_globalaccelerator_endpoint_group", attributeName: "health_check_protocol", enum: []string{ - "TCP", "HTTP", "HTTPS", + "TCP", }, } } diff --git a/rules/models/aws_glue_dev_endpoint_invalid_worker_type.go b/rules/models/aws_glue_dev_endpoint_invalid_worker_type.go index 4512c535..26636b45 100644 --- a/rules/models/aws_glue_dev_endpoint_invalid_worker_type.go +++ b/rules/models/aws_glue_dev_endpoint_invalid_worker_type.go @@ -25,12 +25,12 @@ func NewAwsGlueDevEndpointInvalidWorkerTypeRule() *AwsGlueDevEndpointInvalidWork resourceType: "aws_glue_dev_endpoint", attributeName: "worker_type", enum: []string{ - "Standard", + "G.025X", "G.1X", "G.2X", - "G.025X", "G.4X", "G.8X", + "Standard", "Z.2X", }, } diff --git a/rules/models/aws_glue_ml_transform_invalid_worker_type.go b/rules/models/aws_glue_ml_transform_invalid_worker_type.go index 82266d32..9e048710 100644 --- a/rules/models/aws_glue_ml_transform_invalid_worker_type.go +++ b/rules/models/aws_glue_ml_transform_invalid_worker_type.go @@ -25,12 +25,12 @@ func NewAwsGlueMlTransformInvalidWorkerTypeRule() *AwsGlueMlTransformInvalidWork resourceType: "aws_glue_ml_transform", attributeName: "worker_type", enum: []string{ - "Standard", + "G.025X", "G.1X", "G.2X", - "G.025X", "G.4X", "G.8X", + "Standard", "Z.2X", }, } diff --git a/rules/models/aws_glue_resource_policy_invalid_enable_hybrid.go b/rules/models/aws_glue_resource_policy_invalid_enable_hybrid.go index 267d96e3..fa057c0b 100644 --- a/rules/models/aws_glue_resource_policy_invalid_enable_hybrid.go +++ b/rules/models/aws_glue_resource_policy_invalid_enable_hybrid.go @@ -25,8 +25,8 @@ func NewAwsGlueResourcePolicyInvalidEnableHybridRule() *AwsGlueResourcePolicyInv resourceType: "aws_glue_resource_policy", attributeName: "enable_hybrid", enum: []string{ - "TRUE", "FALSE", + "TRUE", }, } } diff --git a/rules/models/aws_glue_schema_invalid_compatibility.go b/rules/models/aws_glue_schema_invalid_compatibility.go index 6c9f5830..dfef1408 100644 --- a/rules/models/aws_glue_schema_invalid_compatibility.go +++ b/rules/models/aws_glue_schema_invalid_compatibility.go @@ -25,14 +25,14 @@ func NewAwsGlueSchemaInvalidCompatibilityRule() *AwsGlueSchemaInvalidCompatibili resourceType: "aws_glue_schema", attributeName: "compatibility", enum: []string{ - "NONE", - "DISABLED", "BACKWARD", "BACKWARD_ALL", + "DISABLED", "FORWARD", "FORWARD_ALL", "FULL", "FULL_ALL", + "NONE", }, } } diff --git a/rules/models/aws_glue_trigger_invalid_type.go b/rules/models/aws_glue_trigger_invalid_type.go index da1937e6..4d2a0fcd 100644 --- a/rules/models/aws_glue_trigger_invalid_type.go +++ b/rules/models/aws_glue_trigger_invalid_type.go @@ -25,10 +25,10 @@ func NewAwsGlueTriggerInvalidTypeRule() *AwsGlueTriggerInvalidTypeRule { resourceType: "aws_glue_trigger", attributeName: "type", enum: []string{ - "SCHEDULED", "CONDITIONAL", - "ON_DEMAND", "EVENT", + "ON_DEMAND", + "SCHEDULED", }, } } diff --git a/rules/models/aws_glue_user_defined_function_invalid_owner_type.go b/rules/models/aws_glue_user_defined_function_invalid_owner_type.go index 0d9dc77a..8adcc183 100644 --- a/rules/models/aws_glue_user_defined_function_invalid_owner_type.go +++ b/rules/models/aws_glue_user_defined_function_invalid_owner_type.go @@ -25,9 +25,9 @@ func NewAwsGlueUserDefinedFunctionInvalidOwnerTypeRule() *AwsGlueUserDefinedFunc resourceType: "aws_glue_user_defined_function", attributeName: "owner_type", enum: []string{ - "USER", - "ROLE", "GROUP", + "ROLE", + "USER", }, } } diff --git a/rules/models/aws_guardduty_filter_invalid_action.go b/rules/models/aws_guardduty_filter_invalid_action.go index 9ade810e..6abeb55f 100644 --- a/rules/models/aws_guardduty_filter_invalid_action.go +++ b/rules/models/aws_guardduty_filter_invalid_action.go @@ -29,8 +29,8 @@ func NewAwsGuarddutyFilterInvalidActionRule() *AwsGuarddutyFilterInvalidActionRu max: 300, min: 1, enum: []string{ - "NOOP", "ARCHIVE", + "NOOP", }, } } diff --git a/rules/models/aws_guardduty_ipset_invalid_format.go b/rules/models/aws_guardduty_ipset_invalid_format.go index ad929259..ede066e4 100644 --- a/rules/models/aws_guardduty_ipset_invalid_format.go +++ b/rules/models/aws_guardduty_ipset_invalid_format.go @@ -29,12 +29,12 @@ func NewAwsGuarddutyIpsetInvalidFormatRule() *AwsGuarddutyIpsetInvalidFormatRule max: 300, min: 1, enum: []string{ - "TXT", - "STIX", - "OTX_CSV", "ALIEN_VAULT", - "PROOF_POINT", "FIRE_EYE", + "OTX_CSV", + "PROOF_POINT", + "STIX", + "TXT", }, } } diff --git a/rules/models/aws_guardduty_member_invalid_email.go b/rules/models/aws_guardduty_member_invalid_email.go new file mode 100644 index 00000000..202fb5b2 --- /dev/null +++ b/rules/models/aws_guardduty_member_invalid_email.go @@ -0,0 +1,93 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/logger" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsGuarddutyMemberInvalidEmailRule checks the pattern is valid +type AwsGuarddutyMemberInvalidEmailRule struct { + tflint.DefaultRule + + resourceType string + attributeName string + max int + min int +} + +// NewAwsGuarddutyMemberInvalidEmailRule returns new rule with default attributes +func NewAwsGuarddutyMemberInvalidEmailRule() *AwsGuarddutyMemberInvalidEmailRule { + return &AwsGuarddutyMemberInvalidEmailRule{ + resourceType: "aws_guardduty_member", + attributeName: "email", + max: 64, + min: 6, + } +} + +// Name returns the rule name +func (r *AwsGuarddutyMemberInvalidEmailRule) Name() string { + return "aws_guardduty_member_invalid_email" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsGuarddutyMemberInvalidEmailRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsGuarddutyMemberInvalidEmailRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsGuarddutyMemberInvalidEmailRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsGuarddutyMemberInvalidEmailRule) Check(runner tflint.Runner) error { + logger.Trace("Check `%s` rule", r.Name()) + + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{ + {Name: r.attributeName}, + }, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func (val string) error { + if len(val) > r.max { + runner.EmitIssue( + r, + "email must be 64 characters or less", + attribute.Expr.Range(), + ) + } + if len(val) < r.min { + runner.EmitIssue( + r, + "email must be 6 characters or higher", + attribute.Expr.Range(), + ) + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/models/aws_guardduty_threatintelset_invalid_format.go b/rules/models/aws_guardduty_threatintelset_invalid_format.go index 877a0a95..581aaa60 100644 --- a/rules/models/aws_guardduty_threatintelset_invalid_format.go +++ b/rules/models/aws_guardduty_threatintelset_invalid_format.go @@ -29,12 +29,12 @@ func NewAwsGuarddutyThreatintelsetInvalidFormatRule() *AwsGuarddutyThreatintelse max: 300, min: 1, enum: []string{ - "TXT", - "STIX", - "OTX_CSV", "ALIEN_VAULT", - "PROOF_POINT", "FIRE_EYE", + "OTX_CSV", + "PROOF_POINT", + "STIX", + "TXT", }, } } diff --git a/rules/models/aws_iam_access_key_invalid_status.go b/rules/models/aws_iam_access_key_invalid_status.go index 2c0ebdad..60fcfd0e 100644 --- a/rules/models/aws_iam_access_key_invalid_status.go +++ b/rules/models/aws_iam_access_key_invalid_status.go @@ -26,8 +26,8 @@ func NewAwsIAMAccessKeyInvalidStatusRule() *AwsIAMAccessKeyInvalidStatusRule { attributeName: "status", enum: []string{ "Active", - "Inactive", "Expired", + "Inactive", }, } } diff --git a/rules/models/aws_iam_user_ssh_key_invalid_encoding.go b/rules/models/aws_iam_user_ssh_key_invalid_encoding.go index 22eac05f..020891d9 100644 --- a/rules/models/aws_iam_user_ssh_key_invalid_encoding.go +++ b/rules/models/aws_iam_user_ssh_key_invalid_encoding.go @@ -25,8 +25,8 @@ func NewAwsIAMUserSSHKeyInvalidEncodingRule() *AwsIAMUserSSHKeyInvalidEncodingRu resourceType: "aws_iam_user_ssh_key", attributeName: "encoding", enum: []string{ - "SSH", "PEM", + "SSH", }, } } diff --git a/rules/models/aws_iam_user_ssh_key_invalid_status.go b/rules/models/aws_iam_user_ssh_key_invalid_status.go index 565cda04..46530853 100644 --- a/rules/models/aws_iam_user_ssh_key_invalid_status.go +++ b/rules/models/aws_iam_user_ssh_key_invalid_status.go @@ -26,8 +26,8 @@ func NewAwsIAMUserSSHKeyInvalidStatusRule() *AwsIAMUserSSHKeyInvalidStatusRule { attributeName: "status", enum: []string{ "Active", - "Inactive", "Expired", + "Inactive", }, } } diff --git a/rules/models/aws_imagebuilder_component_invalid_platform.go b/rules/models/aws_imagebuilder_component_invalid_platform.go index e6e144dd..9f6083d7 100644 --- a/rules/models/aws_imagebuilder_component_invalid_platform.go +++ b/rules/models/aws_imagebuilder_component_invalid_platform.go @@ -25,9 +25,9 @@ func NewAwsImagebuilderComponentInvalidPlatformRule() *AwsImagebuilderComponentI resourceType: "aws_imagebuilder_component", attributeName: "platform", enum: []string{ - "Windows", "Linux", "macOS", + "Windows", }, } } diff --git a/rules/models/aws_instance_invalid_tenancy.go b/rules/models/aws_instance_invalid_tenancy.go index 32b8aded..7fa6d69c 100644 --- a/rules/models/aws_instance_invalid_tenancy.go +++ b/rules/models/aws_instance_invalid_tenancy.go @@ -25,8 +25,8 @@ func NewAwsInstanceInvalidTenancyRule() *AwsInstanceInvalidTenancyRule { resourceType: "aws_instance", attributeName: "tenancy", enum: []string{ - "default", "dedicated", + "default", "host", }, } diff --git a/rules/models/aws_instance_invalid_type.go b/rules/models/aws_instance_invalid_type.go index 492d4951..cbe87ad4 100644 --- a/rules/models/aws_instance_invalid_type.go +++ b/rules/models/aws_instance_invalid_type.go @@ -25,1078 +25,1091 @@ func NewAwsInstanceInvalidTypeRule() *AwsInstanceInvalidTypeRule { resourceType: "aws_instance", attributeName: "instance_type", enum: []string{ - "a1.medium", - "a1.large", - "a1.xlarge", "a1.2xlarge", "a1.4xlarge", + "a1.large", + "a1.medium", "a1.metal", + "a1.xlarge", "c1.medium", "c1.xlarge", - "c3.large", - "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", - "c4.large", - "c4.xlarge", + "c3.large", + "c3.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", - "c5.large", - "c5.xlarge", - "c5.2xlarge", - "c5.4xlarge", - "c5.9xlarge", + "c4.large", + "c4.xlarge", "c5.12xlarge", "c5.18xlarge", "c5.24xlarge", + "c5.2xlarge", + "c5.4xlarge", + "c5.9xlarge", + "c5.large", "c5.metal", - "c5a.large", - "c5a.xlarge", - "c5a.2xlarge", - "c5a.4xlarge", - "c5a.8xlarge", + "c5.xlarge", "c5a.12xlarge", "c5a.16xlarge", "c5a.24xlarge", - "c5ad.large", - "c5ad.xlarge", - "c5ad.2xlarge", - "c5ad.4xlarge", - "c5ad.8xlarge", + "c5a.2xlarge", + "c5a.4xlarge", + "c5a.8xlarge", + "c5a.large", + "c5a.xlarge", "c5ad.12xlarge", "c5ad.16xlarge", "c5ad.24xlarge", - "c5d.large", - "c5d.xlarge", - "c5d.2xlarge", - "c5d.4xlarge", - "c5d.9xlarge", + "c5ad.2xlarge", + "c5ad.4xlarge", + "c5ad.8xlarge", + "c5ad.large", + "c5ad.xlarge", "c5d.12xlarge", "c5d.18xlarge", "c5d.24xlarge", + "c5d.2xlarge", + "c5d.4xlarge", + "c5d.9xlarge", + "c5d.large", "c5d.metal", - "c5n.large", - "c5n.xlarge", + "c5d.xlarge", + "c5n.18xlarge", "c5n.2xlarge", "c5n.4xlarge", "c5n.9xlarge", - "c5n.18xlarge", + "c5n.large", "c5n.metal", - "c6g.medium", - "c6g.large", - "c6g.xlarge", + "c5n.xlarge", + "c6a.12xlarge", + "c6a.16xlarge", + "c6a.24xlarge", + "c6a.2xlarge", + "c6a.32xlarge", + "c6a.48xlarge", + "c6a.4xlarge", + "c6a.8xlarge", + "c6a.large", + "c6a.metal", + "c6a.xlarge", + "c6g.12xlarge", + "c6g.16xlarge", "c6g.2xlarge", "c6g.4xlarge", "c6g.8xlarge", - "c6g.12xlarge", - "c6g.16xlarge", + "c6g.large", + "c6g.medium", "c6g.metal", - "c6gd.medium", - "c6gd.large", - "c6gd.xlarge", + "c6g.xlarge", + "c6gd.12xlarge", + "c6gd.16xlarge", "c6gd.2xlarge", "c6gd.4xlarge", "c6gd.8xlarge", - "c6gd.12xlarge", - "c6gd.16xlarge", + "c6gd.large", + "c6gd.medium", "c6gd.metal", - "c6gn.medium", - "c6gn.large", - "c6gn.xlarge", + "c6gd.xlarge", + "c6gn.12xlarge", + "c6gn.16xlarge", "c6gn.2xlarge", "c6gn.4xlarge", "c6gn.8xlarge", - "c6gn.12xlarge", - "c6gn.16xlarge", - "c6i.large", - "c6i.xlarge", - "c6i.2xlarge", - "c6i.4xlarge", - "c6i.8xlarge", + "c6gn.large", + "c6gn.medium", + "c6gn.xlarge", "c6i.12xlarge", "c6i.16xlarge", "c6i.24xlarge", + "c6i.2xlarge", "c6i.32xlarge", + "c6i.4xlarge", + "c6i.8xlarge", + "c6i.large", "c6i.metal", + "c6i.xlarge", + "c6id.12xlarge", + "c6id.16xlarge", + "c6id.24xlarge", + "c6id.2xlarge", + "c6id.32xlarge", + "c6id.4xlarge", + "c6id.8xlarge", + "c6id.large", + "c6id.metal", + "c6id.xlarge", + "c6in.12xlarge", + "c6in.16xlarge", + "c6in.24xlarge", + "c6in.2xlarge", + "c6in.32xlarge", + "c6in.4xlarge", + "c6in.8xlarge", + "c6in.large", + "c6in.metal", + "c6in.xlarge", + "c7a.12xlarge", + "c7a.16xlarge", + "c7a.24xlarge", + "c7a.2xlarge", + "c7a.32xlarge", + "c7a.48xlarge", + "c7a.4xlarge", + "c7a.8xlarge", + "c7a.large", + "c7a.medium", + "c7a.metal-48xl", + "c7a.xlarge", + "c7g.12xlarge", + "c7g.16xlarge", + "c7g.2xlarge", + "c7g.4xlarge", + "c7g.8xlarge", + "c7g.large", + "c7g.medium", + "c7g.metal", + "c7g.xlarge", + "c7gd.12xlarge", + "c7gd.16xlarge", + "c7gd.2xlarge", + "c7gd.4xlarge", + "c7gd.8xlarge", + "c7gd.large", + "c7gd.medium", + "c7gd.metal", + "c7gd.xlarge", + "c7gn.12xlarge", + "c7gn.16xlarge", + "c7gn.2xlarge", + "c7gn.4xlarge", + "c7gn.8xlarge", + "c7gn.large", + "c7gn.medium", + "c7gn.metal", + "c7gn.xlarge", + "c7i.12xlarge", + "c7i.16xlarge", + "c7i.24xlarge", + "c7i.2xlarge", + "c7i.48xlarge", + "c7i.4xlarge", + "c7i.8xlarge", + "c7i-flex.12xlarge", + "c7i-flex.16xlarge", + "c7i-flex.2xlarge", + "c7i-flex.4xlarge", + "c7i-flex.8xlarge", + "c7i-flex.large", + "c7i-flex.xlarge", + "c7i.large", + "c7i.metal-24xl", + "c7i.metal-48xl", + "c7i.xlarge", + "c8g.12xlarge", + "c8g.16xlarge", + "c8g.24xlarge", + "c8g.2xlarge", + "c8g.48xlarge", + "c8g.4xlarge", + "c8g.8xlarge", + "c8g.large", + "c8g.medium", + "c8g.metal-24xl", + "c8g.metal-48xl", + "c8g.xlarge", + "c8gd.12xlarge", + "c8gd.16xlarge", + "c8gd.24xlarge", + "c8gd.2xlarge", + "c8gd.48xlarge", + "c8gd.4xlarge", + "c8gd.8xlarge", + "c8gd.large", + "c8gd.medium", + "c8gd.metal-24xl", + "c8gd.metal-48xl", + "c8gd.xlarge", + "c8gn.12xlarge", + "c8gn.16xlarge", + "c8gn.24xlarge", + "c8gn.2xlarge", + "c8gn.48xlarge", + "c8gn.4xlarge", + "c8gn.8xlarge", + "c8gn.large", + "c8gn.medium", + "c8gn.metal-24xl", + "c8gn.metal-48xl", + "c8gn.xlarge", + "c8i.12xlarge", + "c8i.16xlarge", + "c8i.24xlarge", + "c8i.2xlarge", + "c8i.32xlarge", + "c8i.48xlarge", + "c8i.4xlarge", + "c8i.8xlarge", + "c8i.96xlarge", + "c8i-flex.12xlarge", + "c8i-flex.16xlarge", + "c8i-flex.2xlarge", + "c8i-flex.4xlarge", + "c8i-flex.8xlarge", + "c8i-flex.large", + "c8i-flex.xlarge", + "c8i.large", + "c8i.metal-48xl", + "c8i.metal-96xl", + "c8i.xlarge", "cc1.4xlarge", "cc2.8xlarge", "cg1.4xlarge", "cr1.8xlarge", - "d2.xlarge", "d2.2xlarge", "d2.4xlarge", "d2.8xlarge", - "d3.xlarge", + "d2.xlarge", "d3.2xlarge", "d3.4xlarge", "d3.8xlarge", - "d3en.xlarge", + "d3.xlarge", + "d3en.12xlarge", "d3en.2xlarge", "d3en.4xlarge", "d3en.6xlarge", "d3en.8xlarge", - "d3en.12xlarge", + "d3en.xlarge", "dl1.24xlarge", + "dl2q.24xlarge", + "f1.16xlarge", "f1.2xlarge", "f1.4xlarge", - "f1.16xlarge", - "g2.2xlarge", + "f2.12xlarge", + "f2.48xlarge", + "f2.6xlarge", + "g2.2xlarge", "g2.8xlarge", + "g3.16xlarge", "g3.4xlarge", "g3.8xlarge", - "g3.16xlarge", "g3s.xlarge", - "g4ad.xlarge", + "g4ad.16xlarge", "g4ad.2xlarge", "g4ad.4xlarge", "g4ad.8xlarge", - "g4ad.16xlarge", - "g4dn.xlarge", + "g4ad.xlarge", + "g4dn.12xlarge", + "g4dn.16xlarge", "g4dn.2xlarge", "g4dn.4xlarge", "g4dn.8xlarge", - "g4dn.12xlarge", - "g4dn.16xlarge", "g4dn.metal", - "g5.xlarge", - "g5.2xlarge", - "g5.4xlarge", - "g5.8xlarge", + "g4dn.xlarge", "g5.12xlarge", "g5.16xlarge", "g5.24xlarge", + "g5.2xlarge", "g5.48xlarge", - "g5g.xlarge", + "g5.4xlarge", + "g5.8xlarge", + "g5.xlarge", + "g5g.16xlarge", "g5g.2xlarge", "g5g.4xlarge", "g5g.8xlarge", - "g5g.16xlarge", "g5g.metal", - "hi1.4xlarge", - "hpc6a.48xlarge", - "hs1.8xlarge", + "g5g.xlarge", + "g6.12xlarge", + "g6.16xlarge", + "g6.24xlarge", + "g6.2xlarge", + "g6.48xlarge", + "g6.4xlarge", + "g6.8xlarge", + "g6.xlarge", + "g6e.12xlarge", + "g6e.16xlarge", + "g6e.24xlarge", + "g6e.2xlarge", + "g6e.48xlarge", + "g6e.4xlarge", + "g6e.8xlarge", + "g6e.xlarge", + "g6f.2xlarge", + "g6f.4xlarge", + "g6f.large", + "g6f.xlarge", + "gr6.4xlarge", + "gr6.8xlarge", + "gr6f.4xlarge", + "h1.16xlarge", "h1.2xlarge", "h1.4xlarge", "h1.8xlarge", - "h1.16xlarge", - "i2.xlarge", + "hi1.4xlarge", + "hpc6a.48xlarge", + "hpc6id.32xlarge", + "hpc7a.12xlarge", + "hpc7a.24xlarge", + "hpc7a.48xlarge", + "hpc7a.96xlarge", + "hpc7g.16xlarge", + "hpc7g.4xlarge", + "hpc7g.8xlarge", + "hs1.8xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", - "i3.large", - "i3.xlarge", + "i2.xlarge", + "i3.16xlarge", "i3.2xlarge", "i3.4xlarge", "i3.8xlarge", - "i3.16xlarge", + "i3.large", "i3.metal", - "i3en.large", - "i3en.xlarge", + "i3.xlarge", + "i3en.12xlarge", + "i3en.24xlarge", "i3en.2xlarge", "i3en.3xlarge", "i3en.6xlarge", - "i3en.12xlarge", - "i3en.24xlarge", + "i3en.large", "i3en.metal", - "im4gn.large", - "im4gn.xlarge", + "i3en.xlarge", + "i4g.16xlarge", + "i4g.2xlarge", + "i4g.4xlarge", + "i4g.8xlarge", + "i4g.large", + "i4g.xlarge", + "i4i.12xlarge", + "i4i.16xlarge", + "i4i.24xlarge", + "i4i.2xlarge", + "i4i.32xlarge", + "i4i.4xlarge", + "i4i.8xlarge", + "i4i.large", + "i4i.metal", + "i4i.xlarge", + "i7i.12xlarge", + "i7i.16xlarge", + "i7i.24xlarge", + "i7i.2xlarge", + "i7i.48xlarge", + "i7i.4xlarge", + "i7i.8xlarge", + "i7i.large", + "i7i.metal-24xl", + "i7i.metal-48xl", + "i7i.xlarge", + "i7ie.12xlarge", + "i7ie.18xlarge", + "i7ie.24xlarge", + "i7ie.2xlarge", + "i7ie.3xlarge", + "i7ie.48xlarge", + "i7ie.6xlarge", + "i7ie.large", + "i7ie.metal-24xl", + "i7ie.metal-48xl", + "i7ie.xlarge", + "i8g.12xlarge", + "i8g.16xlarge", + "i8g.24xlarge", + "i8g.2xlarge", + "i8g.48xlarge", + "i8g.4xlarge", + "i8g.8xlarge", + "i8g.large", + "i8g.metal-24xl", + "i8g.xlarge", + "i8ge.12xlarge", + "i8ge.18xlarge", + "i8ge.24xlarge", + "i8ge.2xlarge", + "i8ge.3xlarge", + "i8ge.48xlarge", + "i8ge.6xlarge", + "i8ge.large", + "i8ge.metal-24xl", + "i8ge.metal-48xl", + "i8ge.xlarge", + "im4gn.16xlarge", "im4gn.2xlarge", "im4gn.4xlarge", "im4gn.8xlarge", - "im4gn.16xlarge", - "inf1.xlarge", + "im4gn.large", + "im4gn.xlarge", + "inf1.24xlarge", "inf1.2xlarge", "inf1.6xlarge", - "inf1.24xlarge", - "is4gen.medium", - "is4gen.large", - "is4gen.xlarge", + "inf1.xlarge", + "inf2.24xlarge", + "inf2.48xlarge", + "inf2.8xlarge", + "inf2.xlarge", "is4gen.2xlarge", "is4gen.4xlarge", "is4gen.8xlarge", - "m1.small", - "m1.medium", + "is4gen.large", + "is4gen.medium", + "is4gen.xlarge", "m1.large", + "m1.medium", + "m1.small", "m1.xlarge", - "m2.xlarge", "m2.2xlarge", "m2.4xlarge", - "m3.medium", + "m2.xlarge", + "m3.2xlarge", "m3.large", + "m3.medium", "m3.xlarge", - "m3.2xlarge", - "m4.large", - "m4.xlarge", - "m4.2xlarge", - "m4.4xlarge", "m4.10xlarge", "m4.16xlarge", - "m5.large", - "m5.xlarge", - "m5.2xlarge", - "m5.4xlarge", - "m5.8xlarge", + "m4.2xlarge", + "m4.4xlarge", + "m4.large", + "m4.xlarge", "m5.12xlarge", "m5.16xlarge", "m5.24xlarge", + "m5.2xlarge", + "m5.4xlarge", + "m5.8xlarge", + "m5.large", "m5.metal", - "m5a.large", - "m5a.xlarge", - "m5a.2xlarge", - "m5a.4xlarge", - "m5a.8xlarge", + "m5.xlarge", "m5a.12xlarge", "m5a.16xlarge", "m5a.24xlarge", - "m5ad.large", - "m5ad.xlarge", - "m5ad.2xlarge", - "m5ad.4xlarge", - "m5ad.8xlarge", + "m5a.2xlarge", + "m5a.4xlarge", + "m5a.8xlarge", + "m5a.large", + "m5a.xlarge", "m5ad.12xlarge", "m5ad.16xlarge", "m5ad.24xlarge", - "m5d.large", - "m5d.xlarge", - "m5d.2xlarge", - "m5d.4xlarge", - "m5d.8xlarge", + "m5ad.2xlarge", + "m5ad.4xlarge", + "m5ad.8xlarge", + "m5ad.large", + "m5ad.xlarge", "m5d.12xlarge", "m5d.16xlarge", "m5d.24xlarge", + "m5d.2xlarge", + "m5d.4xlarge", + "m5d.8xlarge", + "m5d.large", "m5d.metal", - "m5dn.large", - "m5dn.xlarge", - "m5dn.2xlarge", - "m5dn.4xlarge", - "m5dn.8xlarge", + "m5d.xlarge", "m5dn.12xlarge", "m5dn.16xlarge", "m5dn.24xlarge", + "m5dn.2xlarge", + "m5dn.4xlarge", + "m5dn.8xlarge", + "m5dn.large", "m5dn.metal", - "m5n.large", - "m5n.xlarge", - "m5n.2xlarge", - "m5n.4xlarge", - "m5n.8xlarge", + "m5dn.xlarge", "m5n.12xlarge", "m5n.16xlarge", "m5n.24xlarge", + "m5n.2xlarge", + "m5n.4xlarge", + "m5n.8xlarge", + "m5n.large", "m5n.metal", - "m5zn.large", - "m5zn.xlarge", + "m5n.xlarge", + "m5zn.12xlarge", "m5zn.2xlarge", "m5zn.3xlarge", "m5zn.6xlarge", - "m5zn.12xlarge", + "m5zn.large", "m5zn.metal", - "m6a.large", - "m6a.xlarge", - "m6a.2xlarge", - "m6a.4xlarge", - "m6a.8xlarge", + "m5zn.xlarge", "m6a.12xlarge", "m6a.16xlarge", "m6a.24xlarge", + "m6a.2xlarge", "m6a.32xlarge", "m6a.48xlarge", - "m6g.metal", - "m6g.medium", - "m6g.large", - "m6g.xlarge", + "m6a.4xlarge", + "m6a.8xlarge", + "m6a.large", + "m6a.metal", + "m6a.xlarge", + "m6g.12xlarge", + "m6g.16xlarge", "m6g.2xlarge", "m6g.4xlarge", "m6g.8xlarge", - "m6g.12xlarge", - "m6g.16xlarge", - "m6gd.metal", - "m6gd.medium", - "m6gd.large", - "m6gd.xlarge", + "m6g.large", + "m6g.medium", + "m6g.metal", + "m6g.xlarge", + "m6gd.12xlarge", + "m6gd.16xlarge", "m6gd.2xlarge", "m6gd.4xlarge", "m6gd.8xlarge", - "m6gd.12xlarge", - "m6gd.16xlarge", - "m6i.large", - "m6i.xlarge", - "m6i.2xlarge", - "m6i.4xlarge", - "m6i.8xlarge", + "m6gd.large", + "m6gd.medium", + "m6gd.metal", + "m6gd.xlarge", "m6i.12xlarge", "m6i.16xlarge", "m6i.24xlarge", + "m6i.2xlarge", "m6i.32xlarge", + "m6i.4xlarge", + "m6i.8xlarge", + "m6i.large", "m6i.metal", + "m6i.xlarge", + "m6id.12xlarge", + "m6id.16xlarge", + "m6id.24xlarge", + "m6id.2xlarge", + "m6id.32xlarge", + "m6id.4xlarge", + "m6id.8xlarge", + "m6id.large", + "m6id.metal", + "m6id.xlarge", + "m6idn.12xlarge", + "m6idn.16xlarge", + "m6idn.24xlarge", + "m6idn.2xlarge", + "m6idn.32xlarge", + "m6idn.4xlarge", + "m6idn.8xlarge", + "m6idn.large", + "m6idn.metal", + "m6idn.xlarge", + "m6in.12xlarge", + "m6in.16xlarge", + "m6in.24xlarge", + "m6in.2xlarge", + "m6in.32xlarge", + "m6in.4xlarge", + "m6in.8xlarge", + "m6in.large", + "m6in.metal", + "m6in.xlarge", + "m7a.12xlarge", + "m7a.16xlarge", + "m7a.24xlarge", + "m7a.2xlarge", + "m7a.32xlarge", + "m7a.48xlarge", + "m7a.4xlarge", + "m7a.8xlarge", + "m7a.large", + "m7a.medium", + "m7a.metal-48xl", + "m7a.xlarge", + "m7g.12xlarge", + "m7g.16xlarge", + "m7g.2xlarge", + "m7g.4xlarge", + "m7g.8xlarge", + "m7g.large", + "m7g.medium", + "m7g.metal", + "m7g.xlarge", + "m7gd.12xlarge", + "m7gd.16xlarge", + "m7gd.2xlarge", + "m7gd.4xlarge", + "m7gd.8xlarge", + "m7gd.large", + "m7gd.medium", + "m7gd.metal", + "m7gd.xlarge", + "m7i.12xlarge", + "m7i.16xlarge", + "m7i.24xlarge", + "m7i.2xlarge", + "m7i.48xlarge", + "m7i.4xlarge", + "m7i.8xlarge", + "m7i-flex.12xlarge", + "m7i-flex.16xlarge", + "m7i-flex.2xlarge", + "m7i-flex.4xlarge", + "m7i-flex.8xlarge", + "m7i-flex.large", + "m7i-flex.xlarge", + "m7i.large", + "m7i.metal-24xl", + "m7i.metal-48xl", + "m7i.xlarge", + "m8a.12xlarge", + "m8a.16xlarge", + "m8a.24xlarge", + "m8a.2xlarge", + "m8a.48xlarge", + "m8a.4xlarge", + "m8a.8xlarge", + "m8a.large", + "m8a.medium", + "m8a.metal-24xl", + "m8a.metal-48xl", + "m8a.xlarge", + "m8g.12xlarge", + "m8g.16xlarge", + "m8g.24xlarge", + "m8g.2xlarge", + "m8g.48xlarge", + "m8g.4xlarge", + "m8g.8xlarge", + "m8g.large", + "m8g.medium", + "m8g.metal-24xl", + "m8g.metal-48xl", + "m8g.xlarge", + "m8gd.12xlarge", + "m8gd.16xlarge", + "m8gd.24xlarge", + "m8gd.2xlarge", + "m8gd.48xlarge", + "m8gd.4xlarge", + "m8gd.8xlarge", + "m8gd.large", + "m8gd.medium", + "m8gd.metal-24xl", + "m8gd.metal-48xl", + "m8gd.xlarge", + "m8i.12xlarge", + "m8i.16xlarge", + "m8i.24xlarge", + "m8i.2xlarge", + "m8i.32xlarge", + "m8i.48xlarge", + "m8i.4xlarge", + "m8i.8xlarge", + "m8i.96xlarge", + "m8i-flex.12xlarge", + "m8i-flex.16xlarge", + "m8i-flex.2xlarge", + "m8i-flex.4xlarge", + "m8i-flex.8xlarge", + "m8i-flex.large", + "m8i-flex.xlarge", + "m8i.large", + "m8i.metal-48xl", + "m8i.metal-96xl", + "m8i.xlarge", "mac1.metal", - "p2.xlarge", - "p2.8xlarge", + "mac2-m1ultra.metal", + "mac2-m2.metal", + "mac2-m2pro.metal", + "mac2.metal", + "mac-m4.metal", + "mac-m4pro.metal", "p2.16xlarge", + "p2.8xlarge", + "p2.xlarge", + "p3.16xlarge", "p3.2xlarge", "p3.8xlarge", - "p3.16xlarge", "p3dn.24xlarge", "p4d.24xlarge", - "r3.large", - "r3.xlarge", + "p4de.24xlarge", + "p5.48xlarge", + "p5.4xlarge", + "p5e.48xlarge", + "p5en.48xlarge", + "p6-b200.48xlarge", + "p6e-gb200.36xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", - "r4.large", - "r4.xlarge", + "r3.large", + "r3.xlarge", + "r4.16xlarge", "r4.2xlarge", "r4.4xlarge", "r4.8xlarge", - "r4.16xlarge", - "r5.large", - "r5.xlarge", - "r5.2xlarge", - "r5.4xlarge", - "r5.8xlarge", + "r4.large", + "r4.xlarge", "r5.12xlarge", "r5.16xlarge", "r5.24xlarge", + "r5.2xlarge", + "r5.4xlarge", + "r5.8xlarge", + "r5.large", "r5.metal", - "r5a.large", - "r5a.xlarge", - "r5a.2xlarge", - "r5a.4xlarge", - "r5a.8xlarge", + "r5.xlarge", "r5a.12xlarge", "r5a.16xlarge", "r5a.24xlarge", - "r5ad.large", - "r5ad.xlarge", - "r5ad.2xlarge", - "r5ad.4xlarge", - "r5ad.8xlarge", + "r5a.2xlarge", + "r5a.4xlarge", + "r5a.8xlarge", + "r5a.large", + "r5a.xlarge", "r5ad.12xlarge", "r5ad.16xlarge", "r5ad.24xlarge", - "r5b.large", - "r5b.xlarge", - "r5b.2xlarge", - "r5b.4xlarge", - "r5b.8xlarge", + "r5ad.2xlarge", + "r5ad.4xlarge", + "r5ad.8xlarge", + "r5ad.large", + "r5ad.xlarge", "r5b.12xlarge", "r5b.16xlarge", "r5b.24xlarge", + "r5b.2xlarge", + "r5b.4xlarge", + "r5b.8xlarge", + "r5b.large", "r5b.metal", - "r5d.large", - "r5d.xlarge", - "r5d.2xlarge", - "r5d.4xlarge", - "r5d.8xlarge", + "r5b.xlarge", "r5d.12xlarge", "r5d.16xlarge", "r5d.24xlarge", + "r5d.2xlarge", + "r5d.4xlarge", + "r5d.8xlarge", + "r5d.large", "r5d.metal", - "r5dn.large", - "r5dn.xlarge", - "r5dn.2xlarge", - "r5dn.4xlarge", - "r5dn.8xlarge", + "r5d.xlarge", "r5dn.12xlarge", "r5dn.16xlarge", "r5dn.24xlarge", - "r5dn.metal", - "r5n.large", - "r5n.xlarge", - "r5n.2xlarge", - "r5n.4xlarge", - "r5n.8xlarge", + "r5dn.2xlarge", + "r5dn.4xlarge", + "r5dn.8xlarge", + "r5dn.large", + "r5dn.metal", + "r5dn.xlarge", "r5n.12xlarge", "r5n.16xlarge", "r5n.24xlarge", + "r5n.2xlarge", + "r5n.4xlarge", + "r5n.8xlarge", + "r5n.large", "r5n.metal", - "r6g.medium", - "r6g.large", - "r6g.xlarge", + "r5n.xlarge", + "r6a.12xlarge", + "r6a.16xlarge", + "r6a.24xlarge", + "r6a.2xlarge", + "r6a.32xlarge", + "r6a.48xlarge", + "r6a.4xlarge", + "r6a.8xlarge", + "r6a.large", + "r6a.metal", + "r6a.xlarge", + "r6g.12xlarge", + "r6g.16xlarge", "r6g.2xlarge", "r6g.4xlarge", "r6g.8xlarge", - "r6g.12xlarge", - "r6g.16xlarge", + "r6g.large", + "r6g.medium", "r6g.metal", - "r6gd.medium", - "r6gd.large", - "r6gd.xlarge", + "r6g.xlarge", + "r6gd.12xlarge", + "r6gd.16xlarge", "r6gd.2xlarge", "r6gd.4xlarge", "r6gd.8xlarge", - "r6gd.12xlarge", - "r6gd.16xlarge", + "r6gd.large", + "r6gd.medium", "r6gd.metal", - "r6i.large", - "r6i.xlarge", - "r6i.2xlarge", - "r6i.4xlarge", - "r6i.8xlarge", + "r6gd.xlarge", "r6i.12xlarge", "r6i.16xlarge", "r6i.24xlarge", + "r6i.2xlarge", "r6i.32xlarge", + "r6i.4xlarge", + "r6i.8xlarge", + "r6i.large", "r6i.metal", + "r6i.xlarge", + "r6id.12xlarge", + "r6id.16xlarge", + "r6id.24xlarge", + "r6id.2xlarge", + "r6id.32xlarge", + "r6id.4xlarge", + "r6id.8xlarge", + "r6id.large", + "r6id.metal", + "r6id.xlarge", + "r6idn.12xlarge", + "r6idn.16xlarge", + "r6idn.24xlarge", + "r6idn.2xlarge", + "r6idn.32xlarge", + "r6idn.4xlarge", + "r6idn.8xlarge", + "r6idn.large", + "r6idn.metal", + "r6idn.xlarge", + "r6in.12xlarge", + "r6in.16xlarge", + "r6in.24xlarge", + "r6in.2xlarge", + "r6in.32xlarge", + "r6in.4xlarge", + "r6in.8xlarge", + "r6in.large", + "r6in.metal", + "r6in.xlarge", + "r7a.12xlarge", + "r7a.16xlarge", + "r7a.24xlarge", + "r7a.2xlarge", + "r7a.32xlarge", + "r7a.48xlarge", + "r7a.4xlarge", + "r7a.8xlarge", + "r7a.large", + "r7a.medium", + "r7a.metal-48xl", + "r7a.xlarge", + "r7g.12xlarge", + "r7g.16xlarge", + "r7g.2xlarge", + "r7g.4xlarge", + "r7g.8xlarge", + "r7g.large", + "r7g.medium", + "r7g.metal", + "r7g.xlarge", + "r7gd.12xlarge", + "r7gd.16xlarge", + "r7gd.2xlarge", + "r7gd.4xlarge", + "r7gd.8xlarge", + "r7gd.large", + "r7gd.medium", + "r7gd.metal", + "r7gd.xlarge", + "r7i.12xlarge", + "r7i.16xlarge", + "r7i.24xlarge", + "r7i.2xlarge", + "r7i.48xlarge", + "r7i.4xlarge", + "r7i.8xlarge", + "r7i.large", + "r7i.metal-24xl", + "r7i.metal-48xl", + "r7i.xlarge", + "r7iz.12xlarge", + "r7iz.16xlarge", + "r7iz.2xlarge", + "r7iz.32xlarge", + "r7iz.4xlarge", + "r7iz.8xlarge", + "r7iz.large", + "r7iz.metal-16xl", + "r7iz.metal-32xl", + "r7iz.xlarge", + "r8a.12xlarge", + "r8a.16xlarge", + "r8a.24xlarge", + "r8a.2xlarge", + "r8a.48xlarge", + "r8a.4xlarge", + "r8a.8xlarge", + "r8a.large", + "r8a.medium", + "r8a.metal-24xl", + "r8a.metal-48xl", + "r8a.xlarge", + "r8g.12xlarge", + "r8g.16xlarge", + "r8g.24xlarge", + "r8g.2xlarge", + "r8g.48xlarge", + "r8g.4xlarge", + "r8g.8xlarge", + "r8g.large", + "r8g.medium", + "r8g.metal-24xl", + "r8g.metal-48xl", + "r8g.xlarge", + "r8gb.12xlarge", + "r8gb.16xlarge", + "r8gb.24xlarge", + "r8gb.2xlarge", + "r8gb.4xlarge", + "r8gb.8xlarge", + "r8gb.large", + "r8gb.medium", + "r8gb.metal-24xl", + "r8gb.xlarge", + "r8gd.12xlarge", + "r8gd.16xlarge", + "r8gd.24xlarge", + "r8gd.2xlarge", + "r8gd.48xlarge", + "r8gd.4xlarge", + "r8gd.8xlarge", + "r8gd.large", + "r8gd.medium", + "r8gd.metal-24xl", + "r8gd.metal-48xl", + "r8gd.xlarge", + "r8gn.12xlarge", + "r8gn.16xlarge", + "r8gn.24xlarge", + "r8gn.2xlarge", + "r8gn.48xlarge", + "r8gn.4xlarge", + "r8gn.8xlarge", + "r8gn.large", + "r8gn.medium", + "r8gn.metal-24xl", + "r8gn.metal-48xl", + "r8gn.xlarge", + "r8i.12xlarge", + "r8i.16xlarge", + "r8i.24xlarge", + "r8i.2xlarge", + "r8i.32xlarge", + "r8i.48xlarge", + "r8i.4xlarge", + "r8i.8xlarge", + "r8i.96xlarge", + "r8i-flex.12xlarge", + "r8i-flex.16xlarge", + "r8i-flex.2xlarge", + "r8i-flex.4xlarge", + "r8i-flex.8xlarge", + "r8i-flex.large", + "r8i-flex.xlarge", + "r8i.large", + "r8i.metal-48xl", + "r8i.metal-96xl", + "r8i.xlarge", "t1.micro", - "t2.nano", + "t2.2xlarge", + "t2.large", + "t2.medium", "t2.micro", + "t2.nano", "t2.small", - "t2.medium", - "t2.large", "t2.xlarge", - "t2.2xlarge", - "t3.nano", + "t3.2xlarge", + "t3.large", + "t3.medium", "t3.micro", + "t3.nano", "t3.small", - "t3.medium", - "t3.large", "t3.xlarge", - "t3.2xlarge", - "t3a.nano", + "t3a.2xlarge", + "t3a.large", + "t3a.medium", "t3a.micro", + "t3a.nano", "t3a.small", - "t3a.medium", - "t3a.large", "t3a.xlarge", - "t3a.2xlarge", - "t4g.nano", + "t4g.2xlarge", + "t4g.large", + "t4g.medium", "t4g.micro", + "t4g.nano", "t4g.small", - "t4g.medium", - "t4g.large", "t4g.xlarge", - "t4g.2xlarge", - "u-6tb1.56xlarge", - "u-6tb1.112xlarge", - "u-9tb1.112xlarge", + "trn1.2xlarge", + "trn1.32xlarge", + "trn1n.32xlarge", + "trn2.3xlarge", + "trn2.48xlarge", + "u7i-12tb.224xlarge", + "u7i-6tb.112xlarge", + "u7i-8tb.112xlarge", + "u7ib-12tb.224xlarge", + "u7in-16tb.224xlarge", + "u7in-24tb.224xlarge", + "u7in-32tb.224xlarge", + "u7inh-32tb.480xlarge", "u-12tb1.112xlarge", - "u-6tb1.metal", - "u-9tb1.metal", "u-12tb1.metal", + "u-18tb1.112xlarge", "u-18tb1.metal", + "u-24tb1.112xlarge", "u-24tb1.metal", - "vt1.3xlarge", - "vt1.6xlarge", - "vt1.24xlarge", + "u-3tb1.56xlarge", + "u-6tb1.112xlarge", + "u-6tb1.56xlarge", + "u-6tb1.metal", + "u-9tb1.112xlarge", + "u-9tb1.metal", + "vt1.24xlarge", + "vt1.3xlarge", + "vt1.6xlarge", "x1.16xlarge", "x1.32xlarge", - "x1e.xlarge", + "x1e.16xlarge", "x1e.2xlarge", + "x1e.32xlarge", "x1e.4xlarge", "x1e.8xlarge", - "x1e.16xlarge", - "x1e.32xlarge", - "x2iezn.2xlarge", - "x2iezn.4xlarge", - "x2iezn.6xlarge", - "x2iezn.8xlarge", - "x2iezn.12xlarge", - "x2iezn.metal", - "x2gd.medium", - "x2gd.large", - "x2gd.xlarge", + "x1e.xlarge", + "x2gd.12xlarge", + "x2gd.16xlarge", "x2gd.2xlarge", "x2gd.4xlarge", "x2gd.8xlarge", - "x2gd.12xlarge", - "x2gd.16xlarge", + "x2gd.large", + "x2gd.medium", "x2gd.metal", - "z1d.large", - "z1d.xlarge", - "z1d.2xlarge", - "z1d.3xlarge", - "z1d.6xlarge", - "z1d.12xlarge", - "z1d.metal", + "x2gd.xlarge", "x2idn.16xlarge", "x2idn.24xlarge", "x2idn.32xlarge", - "x2iedn.xlarge", - "x2iedn.2xlarge", - "x2iedn.4xlarge", - "x2iedn.8xlarge", + "x2idn.metal", "x2iedn.16xlarge", "x2iedn.24xlarge", + "x2iedn.2xlarge", "x2iedn.32xlarge", - "c6a.large", - "c6a.xlarge", - "c6a.2xlarge", - "c6a.4xlarge", - "c6a.8xlarge", - "c6a.12xlarge", - "c6a.16xlarge", - "c6a.24xlarge", - "c6a.32xlarge", - "c6a.48xlarge", - "c6a.metal", - "m6a.metal", - "i4i.large", - "i4i.xlarge", - "i4i.2xlarge", - "i4i.4xlarge", - "i4i.8xlarge", - "i4i.16xlarge", - "i4i.32xlarge", - "i4i.metal", - "x2idn.metal", + "x2iedn.4xlarge", + "x2iedn.8xlarge", "x2iedn.metal", - "c7g.medium", - "c7g.large", - "c7g.xlarge", - "c7g.2xlarge", - "c7g.4xlarge", - "c7g.8xlarge", - "c7g.12xlarge", - "c7g.16xlarge", - "mac2.metal", - "c6id.large", - "c6id.xlarge", - "c6id.2xlarge", - "c6id.4xlarge", - "c6id.8xlarge", - "c6id.12xlarge", - "c6id.16xlarge", - "c6id.24xlarge", - "c6id.32xlarge", - "c6id.metal", - "m6id.large", - "m6id.xlarge", - "m6id.2xlarge", - "m6id.4xlarge", - "m6id.8xlarge", - "m6id.12xlarge", - "m6id.16xlarge", - "m6id.24xlarge", - "m6id.32xlarge", - "m6id.metal", - "r6id.large", - "r6id.xlarge", - "r6id.2xlarge", - "r6id.4xlarge", - "r6id.8xlarge", - "r6id.12xlarge", - "r6id.16xlarge", - "r6id.24xlarge", - "r6id.32xlarge", - "r6id.metal", - "r6a.large", - "r6a.xlarge", - "r6a.2xlarge", - "r6a.4xlarge", - "r6a.8xlarge", - "r6a.12xlarge", - "r6a.16xlarge", - "r6a.24xlarge", - "r6a.32xlarge", - "r6a.48xlarge", - "r6a.metal", - "p4de.24xlarge", - "u-3tb1.56xlarge", - "u-18tb1.112xlarge", - "u-24tb1.112xlarge", - "trn1.2xlarge", - "trn1.32xlarge", - "hpc6id.32xlarge", - "c6in.large", - "c6in.xlarge", - "c6in.2xlarge", - "c6in.4xlarge", - "c6in.8xlarge", - "c6in.12xlarge", - "c6in.16xlarge", - "c6in.24xlarge", - "c6in.32xlarge", - "m6in.large", - "m6in.xlarge", - "m6in.2xlarge", - "m6in.4xlarge", - "m6in.8xlarge", - "m6in.12xlarge", - "m6in.16xlarge", - "m6in.24xlarge", - "m6in.32xlarge", - "m6idn.large", - "m6idn.xlarge", - "m6idn.2xlarge", - "m6idn.4xlarge", - "m6idn.8xlarge", - "m6idn.12xlarge", - "m6idn.16xlarge", - "m6idn.24xlarge", - "m6idn.32xlarge", - "r6in.large", - "r6in.xlarge", - "r6in.2xlarge", - "r6in.4xlarge", - "r6in.8xlarge", - "r6in.12xlarge", - "r6in.16xlarge", - "r6in.24xlarge", - "r6in.32xlarge", - "r6idn.large", - "r6idn.xlarge", - "r6idn.2xlarge", - "r6idn.4xlarge", - "r6idn.8xlarge", - "r6idn.12xlarge", - "r6idn.16xlarge", - "r6idn.24xlarge", - "r6idn.32xlarge", - "c7g.metal", - "m7g.medium", - "m7g.large", - "m7g.xlarge", - "m7g.2xlarge", - "m7g.4xlarge", - "m7g.8xlarge", - "m7g.12xlarge", - "m7g.16xlarge", - "m7g.metal", - "r7g.medium", - "r7g.large", - "r7g.xlarge", - "r7g.2xlarge", - "r7g.4xlarge", - "r7g.8xlarge", - "r7g.12xlarge", - "r7g.16xlarge", - "r7g.metal", - "c6in.metal", - "m6in.metal", - "m6idn.metal", - "r6in.metal", - "r6idn.metal", - "inf2.xlarge", - "inf2.8xlarge", - "inf2.24xlarge", - "inf2.48xlarge", - "trn1n.32xlarge", - "i4g.large", - "i4g.xlarge", - "i4g.2xlarge", - "i4g.4xlarge", - "i4g.8xlarge", - "i4g.16xlarge", - "hpc7g.4xlarge", - "hpc7g.8xlarge", - "hpc7g.16xlarge", - "c7gn.medium", - "c7gn.large", - "c7gn.xlarge", - "c7gn.2xlarge", - "c7gn.4xlarge", - "c7gn.8xlarge", - "c7gn.12xlarge", - "c7gn.16xlarge", - "p5.48xlarge", - "m7i.large", - "m7i.xlarge", - "m7i.2xlarge", - "m7i.4xlarge", - "m7i.8xlarge", - "m7i.12xlarge", - "m7i.16xlarge", - "m7i.24xlarge", - "m7i.48xlarge", - "m7i-flex.large", - "m7i-flex.xlarge", - "m7i-flex.2xlarge", - "m7i-flex.4xlarge", - "m7i-flex.8xlarge", - "m7a.medium", - "m7a.large", - "m7a.xlarge", - "m7a.2xlarge", - "m7a.4xlarge", - "m7a.8xlarge", - "m7a.12xlarge", - "m7a.16xlarge", - "m7a.24xlarge", - "m7a.32xlarge", - "m7a.48xlarge", - "m7a.metal-48xl", - "hpc7a.12xlarge", - "hpc7a.24xlarge", - "hpc7a.48xlarge", - "hpc7a.96xlarge", - "c7gd.medium", - "c7gd.large", - "c7gd.xlarge", - "c7gd.2xlarge", - "c7gd.4xlarge", - "c7gd.8xlarge", - "c7gd.12xlarge", - "c7gd.16xlarge", - "m7gd.medium", - "m7gd.large", - "m7gd.xlarge", - "m7gd.2xlarge", - "m7gd.4xlarge", - "m7gd.8xlarge", - "m7gd.12xlarge", - "m7gd.16xlarge", - "r7gd.medium", - "r7gd.large", - "r7gd.xlarge", - "r7gd.2xlarge", - "r7gd.4xlarge", - "r7gd.8xlarge", - "r7gd.12xlarge", - "r7gd.16xlarge", - "r7a.medium", - "r7a.large", - "r7a.xlarge", - "r7a.2xlarge", - "r7a.4xlarge", - "r7a.8xlarge", - "r7a.12xlarge", - "r7a.16xlarge", - "r7a.24xlarge", - "r7a.32xlarge", - "r7a.48xlarge", - "c7i.large", - "c7i.xlarge", - "c7i.2xlarge", - "c7i.4xlarge", - "c7i.8xlarge", - "c7i.12xlarge", - "c7i.16xlarge", - "c7i.24xlarge", - "c7i.48xlarge", - "mac2-m2pro.metal", - "r7iz.large", - "r7iz.xlarge", - "r7iz.2xlarge", - "r7iz.4xlarge", - "r7iz.8xlarge", - "r7iz.12xlarge", - "r7iz.16xlarge", - "r7iz.32xlarge", - "c7a.medium", - "c7a.large", - "c7a.xlarge", - "c7a.2xlarge", - "c7a.4xlarge", - "c7a.8xlarge", - "c7a.12xlarge", - "c7a.16xlarge", - "c7a.24xlarge", - "c7a.32xlarge", - "c7a.48xlarge", - "c7a.metal-48xl", - "r7a.metal-48xl", - "r7i.large", - "r7i.xlarge", - "r7i.2xlarge", - "r7i.4xlarge", - "r7i.8xlarge", - "r7i.12xlarge", - "r7i.16xlarge", - "r7i.24xlarge", - "r7i.48xlarge", - "dl2q.24xlarge", - "mac2-m2.metal", - "i4i.12xlarge", - "i4i.24xlarge", - "c7i.metal-24xl", - "c7i.metal-48xl", - "m7i.metal-24xl", - "m7i.metal-48xl", - "r7i.metal-24xl", - "r7i.metal-48xl", - "r7iz.metal-16xl", - "r7iz.metal-32xl", - "c7gd.metal", - "m7gd.metal", - "r7gd.metal", - "g6.xlarge", - "g6.2xlarge", - "g6.4xlarge", - "g6.8xlarge", - "g6.12xlarge", - "g6.16xlarge", - "g6.24xlarge", - "g6.48xlarge", - "gr6.4xlarge", - "gr6.8xlarge", - "c7i-flex.large", - "c7i-flex.xlarge", - "c7i-flex.2xlarge", - "c7i-flex.4xlarge", - "c7i-flex.8xlarge", - "u7i-12tb.224xlarge", - "u7in-16tb.224xlarge", - "u7in-24tb.224xlarge", - "u7in-32tb.224xlarge", - "u7ib-12tb.224xlarge", - "c7gn.metal", - "r8g.medium", - "r8g.large", - "r8g.xlarge", - "r8g.2xlarge", - "r8g.4xlarge", - "r8g.8xlarge", - "r8g.12xlarge", - "r8g.16xlarge", - "r8g.24xlarge", - "r8g.48xlarge", - "r8g.metal-24xl", - "r8g.metal-48xl", - "mac2-m1ultra.metal", - "g6e.xlarge", - "g6e.2xlarge", - "g6e.4xlarge", - "g6e.8xlarge", - "g6e.12xlarge", - "g6e.16xlarge", - "g6e.24xlarge", - "g6e.48xlarge", - "c8g.medium", - "c8g.large", - "c8g.xlarge", - "c8g.2xlarge", - "c8g.4xlarge", - "c8g.8xlarge", - "c8g.12xlarge", - "c8g.16xlarge", - "c8g.24xlarge", - "c8g.48xlarge", - "c8g.metal-24xl", - "c8g.metal-48xl", - "m8g.medium", - "m8g.large", - "m8g.xlarge", - "m8g.2xlarge", - "m8g.4xlarge", - "m8g.8xlarge", - "m8g.12xlarge", - "m8g.16xlarge", - "m8g.24xlarge", - "m8g.48xlarge", - "m8g.metal-24xl", - "m8g.metal-48xl", - "x8g.medium", - "x8g.large", - "x8g.xlarge", - "x8g.2xlarge", - "x8g.4xlarge", - "x8g.8xlarge", + "x2iedn.xlarge", + "x2iezn.12xlarge", + "x2iezn.2xlarge", + "x2iezn.4xlarge", + "x2iezn.6xlarge", + "x2iezn.8xlarge", + "x2iezn.metal", "x8g.12xlarge", "x8g.16xlarge", "x8g.24xlarge", + "x8g.2xlarge", "x8g.48xlarge", + "x8g.4xlarge", + "x8g.8xlarge", + "x8g.large", + "x8g.medium", "x8g.metal-24xl", "x8g.metal-48xl", - "i7ie.large", - "i7ie.xlarge", - "i7ie.2xlarge", - "i7ie.3xlarge", - "i7ie.6xlarge", - "i7ie.12xlarge", - "i7ie.18xlarge", - "i7ie.24xlarge", - "i7ie.48xlarge", - "i8g.large", - "i8g.xlarge", - "i8g.2xlarge", - "i8g.4xlarge", - "i8g.8xlarge", - "i8g.12xlarge", - "i8g.16xlarge", - "i8g.24xlarge", - "i8g.metal-24xl", - "u7i-6tb.112xlarge", - "u7i-8tb.112xlarge", - "u7inh-32tb.480xlarge", - "p5e.48xlarge", - "p5en.48xlarge", - "f2.12xlarge", - "f2.48xlarge", - "trn2.48xlarge", - "c7i-flex.12xlarge", - "c7i-flex.16xlarge", - "m7i-flex.12xlarge", - "m7i-flex.16xlarge", - "i7ie.metal-24xl", - "i7ie.metal-48xl", - "i8g.48xlarge", - "c8gd.medium", - "c8gd.large", - "c8gd.xlarge", - "c8gd.2xlarge", - "c8gd.4xlarge", - "c8gd.8xlarge", - "c8gd.12xlarge", - "c8gd.16xlarge", - "c8gd.24xlarge", - "c8gd.48xlarge", - "c8gd.metal-24xl", - "c8gd.metal-48xl", - "i7i.large", - "i7i.xlarge", - "i7i.2xlarge", - "i7i.4xlarge", - "i7i.8xlarge", - "i7i.12xlarge", - "i7i.16xlarge", - "i7i.24xlarge", - "i7i.48xlarge", - "i7i.metal-24xl", - "i7i.metal-48xl", - "p6-b200.48xlarge", - "m8gd.medium", - "m8gd.large", - "m8gd.xlarge", - "m8gd.2xlarge", - "m8gd.4xlarge", - "m8gd.8xlarge", - "m8gd.12xlarge", - "m8gd.16xlarge", - "m8gd.24xlarge", - "m8gd.48xlarge", - "m8gd.metal-24xl", - "m8gd.metal-48xl", - "r8gd.medium", - "r8gd.large", - "r8gd.xlarge", - "r8gd.2xlarge", - "r8gd.4xlarge", - "r8gd.8xlarge", - "r8gd.12xlarge", - "r8gd.16xlarge", - "r8gd.24xlarge", - "r8gd.48xlarge", - "r8gd.metal-24xl", - "r8gd.metal-48xl", - "c8gn.medium", - "c8gn.large", - "c8gn.xlarge", - "c8gn.2xlarge", - "c8gn.4xlarge", - "c8gn.8xlarge", - "c8gn.12xlarge", - "c8gn.16xlarge", - "c8gn.24xlarge", - "c8gn.48xlarge", - "c8gn.metal-24xl", - "c8gn.metal-48xl", - "f2.6xlarge", - "p6e-gb200.36xlarge", - "g6f.large", - "g6f.xlarge", - "g6f.2xlarge", - "g6f.4xlarge", - "gr6f.4xlarge", - "p5.4xlarge", - "r8i.large", - "r8i.xlarge", - "r8i.2xlarge", - "r8i.4xlarge", - "r8i.8xlarge", - "r8i.12xlarge", - "r8i.16xlarge", - "r8i.24xlarge", - "r8i.32xlarge", - "r8i.48xlarge", - "r8i.96xlarge", - "r8i.metal-48xl", - "r8i.metal-96xl", - "r8i-flex.large", - "r8i-flex.xlarge", - "r8i-flex.2xlarge", - "r8i-flex.4xlarge", - "r8i-flex.8xlarge", - "r8i-flex.12xlarge", - "r8i-flex.16xlarge", - "m8i.large", - "m8i.xlarge", - "m8i.2xlarge", - "m8i.4xlarge", - "m8i.8xlarge", - "m8i.12xlarge", - "m8i.16xlarge", - "m8i.24xlarge", - "m8i.32xlarge", - "m8i.48xlarge", - "m8i.96xlarge", - "m8i.metal-48xl", - "m8i.metal-96xl", - "m8i-flex.large", - "m8i-flex.xlarge", - "m8i-flex.2xlarge", - "m8i-flex.4xlarge", - "m8i-flex.8xlarge", - "m8i-flex.12xlarge", - "m8i-flex.16xlarge", - "i8ge.large", - "i8ge.xlarge", - "i8ge.2xlarge", - "i8ge.3xlarge", - "i8ge.6xlarge", - "i8ge.12xlarge", - "i8ge.18xlarge", - "i8ge.24xlarge", - "i8ge.48xlarge", - "i8ge.metal-24xl", - "i8ge.metal-48xl", - "mac-m4.metal", - "mac-m4pro.metal", - "r8gn.medium", - "r8gn.large", - "r8gn.xlarge", - "r8gn.2xlarge", - "r8gn.4xlarge", - "r8gn.8xlarge", - "r8gn.12xlarge", - "r8gn.16xlarge", - "r8gn.24xlarge", - "r8gn.48xlarge", - "r8gn.metal-24xl", - "r8gn.metal-48xl", - "c8i.large", - "c8i.xlarge", - "c8i.2xlarge", - "c8i.4xlarge", - "c8i.8xlarge", - "c8i.12xlarge", - "c8i.16xlarge", - "c8i.24xlarge", - "c8i.32xlarge", - "c8i.48xlarge", - "c8i.96xlarge", - "c8i.metal-48xl", - "c8i.metal-96xl", - "c8i-flex.large", - "c8i-flex.xlarge", - "c8i-flex.2xlarge", - "c8i-flex.4xlarge", - "c8i-flex.8xlarge", - "c8i-flex.12xlarge", - "c8i-flex.16xlarge", - "r8gb.medium", - "r8gb.large", - "r8gb.xlarge", - "r8gb.2xlarge", - "r8gb.4xlarge", - "r8gb.8xlarge", - "r8gb.12xlarge", - "r8gb.16xlarge", - "r8gb.24xlarge", - "r8gb.metal-24xl", - "m8a.medium", - "m8a.large", - "m8a.xlarge", - "m8a.2xlarge", - "m8a.4xlarge", - "m8a.8xlarge", - "m8a.12xlarge", - "m8a.16xlarge", - "m8a.24xlarge", - "m8a.48xlarge", - "m8a.metal-24xl", - "m8a.metal-48xl", + "x8g.xlarge", + "z1d.12xlarge", + "z1d.2xlarge", + "z1d.3xlarge", + "z1d.6xlarge", + "z1d.large", + "z1d.metal", + "z1d.xlarge", }, } } diff --git a/rules/models/aws_kinesis_stream_invalid_encryption_type.go b/rules/models/aws_kinesis_stream_invalid_encryption_type.go index d5331faf..401dab1b 100644 --- a/rules/models/aws_kinesis_stream_invalid_encryption_type.go +++ b/rules/models/aws_kinesis_stream_invalid_encryption_type.go @@ -25,8 +25,8 @@ func NewAwsKinesisStreamInvalidEncryptionTypeRule() *AwsKinesisStreamInvalidEncr resourceType: "aws_kinesis_stream", attributeName: "encryption_type", enum: []string{ - "NONE", "KMS", + "NONE", }, } } diff --git a/rules/models/aws_kinesisanalyticsv2_application_invalid_runtime_environment.go b/rules/models/aws_kinesisanalyticsv2_application_invalid_runtime_environment.go index 0f85141f..a7e88e3e 100644 --- a/rules/models/aws_kinesisanalyticsv2_application_invalid_runtime_environment.go +++ b/rules/models/aws_kinesisanalyticsv2_application_invalid_runtime_environment.go @@ -25,18 +25,18 @@ func NewAwsKinesisanalyticsv2ApplicationInvalidRuntimeEnvironmentRule() *AwsKine resourceType: "aws_kinesisanalyticsv2_application", attributeName: "runtime_environment", enum: []string{ - "SQL-1_0", - "FLINK-1_6", - "FLINK-1_8", - "ZEPPELIN-FLINK-1_0", "FLINK-1_11", "FLINK-1_13", - "ZEPPELIN-FLINK-2_0", "FLINK-1_15", - "ZEPPELIN-FLINK-3_0", "FLINK-1_18", "FLINK-1_19", "FLINK-1_20", + "FLINK-1_6", + "FLINK-1_8", + "SQL-1_0", + "ZEPPELIN-FLINK-1_0", + "ZEPPELIN-FLINK-2_0", + "ZEPPELIN-FLINK-3_0", }, } } diff --git a/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go b/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go index 162010b3..c1cb539f 100644 --- a/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go +++ b/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go @@ -29,7 +29,7 @@ func NewAwsKinesisanalyticsv2ApplicationInvalidServiceExecutionRoleRule() *AwsKi attributeName: "service_execution_role", max: 2048, min: 1, - pattern: regexp.MustCompile(`^arn:.*$`), + pattern: regexp.MustCompile(`^arn:`), } } @@ -90,7 +90,7 @@ func (r *AwsKinesisanalyticsv2ApplicationInvalidServiceExecutionRoleRule) Check( if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_kms_key_invalid_key_usage.go b/rules/models/aws_kms_key_invalid_key_usage.go index afbef6e8..15c06b07 100644 --- a/rules/models/aws_kms_key_invalid_key_usage.go +++ b/rules/models/aws_kms_key_invalid_key_usage.go @@ -25,10 +25,10 @@ func NewAwsKmsKeyInvalidKeyUsageRule() *AwsKmsKeyInvalidKeyUsageRule { resourceType: "aws_kms_key", attributeName: "key_usage", enum: []string{ - "SIGN_VERIFY", "ENCRYPT_DECRYPT", "GENERATE_VERIFY_MAC", "KEY_AGREEMENT", + "SIGN_VERIFY", }, } } diff --git a/rules/models/aws_lambda_event_source_mapping_invalid_starting_position.go b/rules/models/aws_lambda_event_source_mapping_invalid_starting_position.go index d4f6cb71..1ecf9352 100644 --- a/rules/models/aws_lambda_event_source_mapping_invalid_starting_position.go +++ b/rules/models/aws_lambda_event_source_mapping_invalid_starting_position.go @@ -25,9 +25,9 @@ func NewAwsLambdaEventSourceMappingInvalidStartingPositionRule() *AwsLambdaEvent resourceType: "aws_lambda_event_source_mapping", attributeName: "starting_position", enum: []string{ - "TRIM_HORIZON", - "LATEST", "AT_TIMESTAMP", + "LATEST", + "TRIM_HORIZON", }, } } diff --git a/rules/models/aws_lambda_function_invalid_runtime.go b/rules/models/aws_lambda_function_invalid_runtime.go index c39f1290..e9602f62 100644 --- a/rules/models/aws_lambda_function_invalid_runtime.go +++ b/rules/models/aws_lambda_function_invalid_runtime.go @@ -25,50 +25,50 @@ func NewAwsLambdaFunctionInvalidRuntimeRule() *AwsLambdaFunctionInvalidRuntimeRu resourceType: "aws_lambda_function", attributeName: "runtime", enum: []string{ + "dotnet6", + "dotnet8", + "dotnetcore1.0", + "dotnetcore2.0", + "dotnetcore2.1", + "dotnetcore3.1", + "go1.x", + "java11", + "java17", + "java21", + "java25", + "java8", + "java8.al2", "nodejs", - "nodejs4.3", - "nodejs6.10", - "nodejs8.10", "nodejs10.x", "nodejs12.x", "nodejs14.x", "nodejs16.x", - "java8", - "java8.al2", - "java11", + "nodejs18.x", + "nodejs20.x", + "nodejs22.x", + "nodejs24.x", + "nodejs4.3", + "nodejs4.3-edge", + "nodejs6.10", + "nodejs8.10", + "provided", + "provided.al2", + "provided.al2023", "python2.7", + "python3.10", + "python3.11", + "python3.12", + "python3.13", + "python3.14", "python3.6", "python3.7", "python3.8", "python3.9", - "dotnetcore1.0", - "dotnetcore2.0", - "dotnetcore2.1", - "dotnetcore3.1", - "dotnet6", - "dotnet8", - "nodejs4.3-edge", - "go1.x", "ruby2.5", "ruby2.7", - "provided", - "provided.al2", - "nodejs18.x", - "python3.10", - "java17", "ruby3.2", "ruby3.3", "ruby3.4", - "python3.11", - "nodejs20.x", - "provided.al2023", - "python3.12", - "java21", - "python3.13", - "nodejs22.x", - "java25", - "nodejs24.x", - "python3.14", }, } } diff --git a/rules/models/aws_launch_configuration_invalid_type.go b/rules/models/aws_launch_configuration_invalid_type.go index 2f84c10a..7807fdac 100644 --- a/rules/models/aws_launch_configuration_invalid_type.go +++ b/rules/models/aws_launch_configuration_invalid_type.go @@ -25,1078 +25,1091 @@ func NewAwsLaunchConfigurationInvalidTypeRule() *AwsLaunchConfigurationInvalidTy resourceType: "aws_launch_configuration", attributeName: "instance_type", enum: []string{ - "a1.medium", - "a1.large", - "a1.xlarge", "a1.2xlarge", "a1.4xlarge", + "a1.large", + "a1.medium", "a1.metal", + "a1.xlarge", "c1.medium", "c1.xlarge", - "c3.large", - "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", - "c4.large", - "c4.xlarge", + "c3.large", + "c3.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", - "c5.large", - "c5.xlarge", - "c5.2xlarge", - "c5.4xlarge", - "c5.9xlarge", + "c4.large", + "c4.xlarge", "c5.12xlarge", "c5.18xlarge", "c5.24xlarge", + "c5.2xlarge", + "c5.4xlarge", + "c5.9xlarge", + "c5.large", "c5.metal", - "c5a.large", - "c5a.xlarge", - "c5a.2xlarge", - "c5a.4xlarge", - "c5a.8xlarge", + "c5.xlarge", "c5a.12xlarge", "c5a.16xlarge", "c5a.24xlarge", - "c5ad.large", - "c5ad.xlarge", - "c5ad.2xlarge", - "c5ad.4xlarge", - "c5ad.8xlarge", + "c5a.2xlarge", + "c5a.4xlarge", + "c5a.8xlarge", + "c5a.large", + "c5a.xlarge", "c5ad.12xlarge", "c5ad.16xlarge", "c5ad.24xlarge", - "c5d.large", - "c5d.xlarge", - "c5d.2xlarge", - "c5d.4xlarge", - "c5d.9xlarge", + "c5ad.2xlarge", + "c5ad.4xlarge", + "c5ad.8xlarge", + "c5ad.large", + "c5ad.xlarge", "c5d.12xlarge", "c5d.18xlarge", "c5d.24xlarge", + "c5d.2xlarge", + "c5d.4xlarge", + "c5d.9xlarge", + "c5d.large", "c5d.metal", - "c5n.large", - "c5n.xlarge", + "c5d.xlarge", + "c5n.18xlarge", "c5n.2xlarge", "c5n.4xlarge", "c5n.9xlarge", - "c5n.18xlarge", + "c5n.large", "c5n.metal", - "c6g.medium", - "c6g.large", - "c6g.xlarge", + "c5n.xlarge", + "c6a.12xlarge", + "c6a.16xlarge", + "c6a.24xlarge", + "c6a.2xlarge", + "c6a.32xlarge", + "c6a.48xlarge", + "c6a.4xlarge", + "c6a.8xlarge", + "c6a.large", + "c6a.metal", + "c6a.xlarge", + "c6g.12xlarge", + "c6g.16xlarge", "c6g.2xlarge", "c6g.4xlarge", "c6g.8xlarge", - "c6g.12xlarge", - "c6g.16xlarge", + "c6g.large", + "c6g.medium", "c6g.metal", - "c6gd.medium", - "c6gd.large", - "c6gd.xlarge", + "c6g.xlarge", + "c6gd.12xlarge", + "c6gd.16xlarge", "c6gd.2xlarge", "c6gd.4xlarge", "c6gd.8xlarge", - "c6gd.12xlarge", - "c6gd.16xlarge", + "c6gd.large", + "c6gd.medium", "c6gd.metal", - "c6gn.medium", - "c6gn.large", - "c6gn.xlarge", + "c6gd.xlarge", + "c6gn.12xlarge", + "c6gn.16xlarge", "c6gn.2xlarge", "c6gn.4xlarge", "c6gn.8xlarge", - "c6gn.12xlarge", - "c6gn.16xlarge", - "c6i.large", - "c6i.xlarge", - "c6i.2xlarge", - "c6i.4xlarge", - "c6i.8xlarge", + "c6gn.large", + "c6gn.medium", + "c6gn.xlarge", "c6i.12xlarge", "c6i.16xlarge", "c6i.24xlarge", + "c6i.2xlarge", "c6i.32xlarge", + "c6i.4xlarge", + "c6i.8xlarge", + "c6i.large", "c6i.metal", + "c6i.xlarge", + "c6id.12xlarge", + "c6id.16xlarge", + "c6id.24xlarge", + "c6id.2xlarge", + "c6id.32xlarge", + "c6id.4xlarge", + "c6id.8xlarge", + "c6id.large", + "c6id.metal", + "c6id.xlarge", + "c6in.12xlarge", + "c6in.16xlarge", + "c6in.24xlarge", + "c6in.2xlarge", + "c6in.32xlarge", + "c6in.4xlarge", + "c6in.8xlarge", + "c6in.large", + "c6in.metal", + "c6in.xlarge", + "c7a.12xlarge", + "c7a.16xlarge", + "c7a.24xlarge", + "c7a.2xlarge", + "c7a.32xlarge", + "c7a.48xlarge", + "c7a.4xlarge", + "c7a.8xlarge", + "c7a.large", + "c7a.medium", + "c7a.metal-48xl", + "c7a.xlarge", + "c7g.12xlarge", + "c7g.16xlarge", + "c7g.2xlarge", + "c7g.4xlarge", + "c7g.8xlarge", + "c7g.large", + "c7g.medium", + "c7g.metal", + "c7g.xlarge", + "c7gd.12xlarge", + "c7gd.16xlarge", + "c7gd.2xlarge", + "c7gd.4xlarge", + "c7gd.8xlarge", + "c7gd.large", + "c7gd.medium", + "c7gd.metal", + "c7gd.xlarge", + "c7gn.12xlarge", + "c7gn.16xlarge", + "c7gn.2xlarge", + "c7gn.4xlarge", + "c7gn.8xlarge", + "c7gn.large", + "c7gn.medium", + "c7gn.metal", + "c7gn.xlarge", + "c7i.12xlarge", + "c7i.16xlarge", + "c7i.24xlarge", + "c7i.2xlarge", + "c7i.48xlarge", + "c7i.4xlarge", + "c7i.8xlarge", + "c7i-flex.12xlarge", + "c7i-flex.16xlarge", + "c7i-flex.2xlarge", + "c7i-flex.4xlarge", + "c7i-flex.8xlarge", + "c7i-flex.large", + "c7i-flex.xlarge", + "c7i.large", + "c7i.metal-24xl", + "c7i.metal-48xl", + "c7i.xlarge", + "c8g.12xlarge", + "c8g.16xlarge", + "c8g.24xlarge", + "c8g.2xlarge", + "c8g.48xlarge", + "c8g.4xlarge", + "c8g.8xlarge", + "c8g.large", + "c8g.medium", + "c8g.metal-24xl", + "c8g.metal-48xl", + "c8g.xlarge", + "c8gd.12xlarge", + "c8gd.16xlarge", + "c8gd.24xlarge", + "c8gd.2xlarge", + "c8gd.48xlarge", + "c8gd.4xlarge", + "c8gd.8xlarge", + "c8gd.large", + "c8gd.medium", + "c8gd.metal-24xl", + "c8gd.metal-48xl", + "c8gd.xlarge", + "c8gn.12xlarge", + "c8gn.16xlarge", + "c8gn.24xlarge", + "c8gn.2xlarge", + "c8gn.48xlarge", + "c8gn.4xlarge", + "c8gn.8xlarge", + "c8gn.large", + "c8gn.medium", + "c8gn.metal-24xl", + "c8gn.metal-48xl", + "c8gn.xlarge", + "c8i.12xlarge", + "c8i.16xlarge", + "c8i.24xlarge", + "c8i.2xlarge", + "c8i.32xlarge", + "c8i.48xlarge", + "c8i.4xlarge", + "c8i.8xlarge", + "c8i.96xlarge", + "c8i-flex.12xlarge", + "c8i-flex.16xlarge", + "c8i-flex.2xlarge", + "c8i-flex.4xlarge", + "c8i-flex.8xlarge", + "c8i-flex.large", + "c8i-flex.xlarge", + "c8i.large", + "c8i.metal-48xl", + "c8i.metal-96xl", + "c8i.xlarge", "cc1.4xlarge", "cc2.8xlarge", "cg1.4xlarge", "cr1.8xlarge", - "d2.xlarge", "d2.2xlarge", "d2.4xlarge", "d2.8xlarge", - "d3.xlarge", + "d2.xlarge", "d3.2xlarge", "d3.4xlarge", "d3.8xlarge", - "d3en.xlarge", + "d3.xlarge", + "d3en.12xlarge", "d3en.2xlarge", "d3en.4xlarge", "d3en.6xlarge", "d3en.8xlarge", - "d3en.12xlarge", + "d3en.xlarge", "dl1.24xlarge", + "dl2q.24xlarge", + "f1.16xlarge", "f1.2xlarge", "f1.4xlarge", - "f1.16xlarge", - "g2.2xlarge", + "f2.12xlarge", + "f2.48xlarge", + "f2.6xlarge", + "g2.2xlarge", "g2.8xlarge", + "g3.16xlarge", "g3.4xlarge", "g3.8xlarge", - "g3.16xlarge", "g3s.xlarge", - "g4ad.xlarge", + "g4ad.16xlarge", "g4ad.2xlarge", "g4ad.4xlarge", "g4ad.8xlarge", - "g4ad.16xlarge", - "g4dn.xlarge", + "g4ad.xlarge", + "g4dn.12xlarge", + "g4dn.16xlarge", "g4dn.2xlarge", "g4dn.4xlarge", "g4dn.8xlarge", - "g4dn.12xlarge", - "g4dn.16xlarge", "g4dn.metal", - "g5.xlarge", - "g5.2xlarge", - "g5.4xlarge", - "g5.8xlarge", + "g4dn.xlarge", "g5.12xlarge", "g5.16xlarge", "g5.24xlarge", + "g5.2xlarge", "g5.48xlarge", - "g5g.xlarge", + "g5.4xlarge", + "g5.8xlarge", + "g5.xlarge", + "g5g.16xlarge", "g5g.2xlarge", "g5g.4xlarge", "g5g.8xlarge", - "g5g.16xlarge", "g5g.metal", - "hi1.4xlarge", - "hpc6a.48xlarge", - "hs1.8xlarge", + "g5g.xlarge", + "g6.12xlarge", + "g6.16xlarge", + "g6.24xlarge", + "g6.2xlarge", + "g6.48xlarge", + "g6.4xlarge", + "g6.8xlarge", + "g6.xlarge", + "g6e.12xlarge", + "g6e.16xlarge", + "g6e.24xlarge", + "g6e.2xlarge", + "g6e.48xlarge", + "g6e.4xlarge", + "g6e.8xlarge", + "g6e.xlarge", + "g6f.2xlarge", + "g6f.4xlarge", + "g6f.large", + "g6f.xlarge", + "gr6.4xlarge", + "gr6.8xlarge", + "gr6f.4xlarge", + "h1.16xlarge", "h1.2xlarge", "h1.4xlarge", "h1.8xlarge", - "h1.16xlarge", - "i2.xlarge", + "hi1.4xlarge", + "hpc6a.48xlarge", + "hpc6id.32xlarge", + "hpc7a.12xlarge", + "hpc7a.24xlarge", + "hpc7a.48xlarge", + "hpc7a.96xlarge", + "hpc7g.16xlarge", + "hpc7g.4xlarge", + "hpc7g.8xlarge", + "hs1.8xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", - "i3.large", - "i3.xlarge", + "i2.xlarge", + "i3.16xlarge", "i3.2xlarge", "i3.4xlarge", "i3.8xlarge", - "i3.16xlarge", + "i3.large", "i3.metal", - "i3en.large", - "i3en.xlarge", + "i3.xlarge", + "i3en.12xlarge", + "i3en.24xlarge", "i3en.2xlarge", "i3en.3xlarge", "i3en.6xlarge", - "i3en.12xlarge", - "i3en.24xlarge", + "i3en.large", "i3en.metal", - "im4gn.large", - "im4gn.xlarge", + "i3en.xlarge", + "i4g.16xlarge", + "i4g.2xlarge", + "i4g.4xlarge", + "i4g.8xlarge", + "i4g.large", + "i4g.xlarge", + "i4i.12xlarge", + "i4i.16xlarge", + "i4i.24xlarge", + "i4i.2xlarge", + "i4i.32xlarge", + "i4i.4xlarge", + "i4i.8xlarge", + "i4i.large", + "i4i.metal", + "i4i.xlarge", + "i7i.12xlarge", + "i7i.16xlarge", + "i7i.24xlarge", + "i7i.2xlarge", + "i7i.48xlarge", + "i7i.4xlarge", + "i7i.8xlarge", + "i7i.large", + "i7i.metal-24xl", + "i7i.metal-48xl", + "i7i.xlarge", + "i7ie.12xlarge", + "i7ie.18xlarge", + "i7ie.24xlarge", + "i7ie.2xlarge", + "i7ie.3xlarge", + "i7ie.48xlarge", + "i7ie.6xlarge", + "i7ie.large", + "i7ie.metal-24xl", + "i7ie.metal-48xl", + "i7ie.xlarge", + "i8g.12xlarge", + "i8g.16xlarge", + "i8g.24xlarge", + "i8g.2xlarge", + "i8g.48xlarge", + "i8g.4xlarge", + "i8g.8xlarge", + "i8g.large", + "i8g.metal-24xl", + "i8g.xlarge", + "i8ge.12xlarge", + "i8ge.18xlarge", + "i8ge.24xlarge", + "i8ge.2xlarge", + "i8ge.3xlarge", + "i8ge.48xlarge", + "i8ge.6xlarge", + "i8ge.large", + "i8ge.metal-24xl", + "i8ge.metal-48xl", + "i8ge.xlarge", + "im4gn.16xlarge", "im4gn.2xlarge", "im4gn.4xlarge", "im4gn.8xlarge", - "im4gn.16xlarge", - "inf1.xlarge", + "im4gn.large", + "im4gn.xlarge", + "inf1.24xlarge", "inf1.2xlarge", "inf1.6xlarge", - "inf1.24xlarge", - "is4gen.medium", - "is4gen.large", - "is4gen.xlarge", + "inf1.xlarge", + "inf2.24xlarge", + "inf2.48xlarge", + "inf2.8xlarge", + "inf2.xlarge", "is4gen.2xlarge", "is4gen.4xlarge", "is4gen.8xlarge", - "m1.small", - "m1.medium", + "is4gen.large", + "is4gen.medium", + "is4gen.xlarge", "m1.large", + "m1.medium", + "m1.small", "m1.xlarge", - "m2.xlarge", "m2.2xlarge", "m2.4xlarge", - "m3.medium", + "m2.xlarge", + "m3.2xlarge", "m3.large", + "m3.medium", "m3.xlarge", - "m3.2xlarge", - "m4.large", - "m4.xlarge", - "m4.2xlarge", - "m4.4xlarge", "m4.10xlarge", "m4.16xlarge", - "m5.large", - "m5.xlarge", - "m5.2xlarge", - "m5.4xlarge", - "m5.8xlarge", + "m4.2xlarge", + "m4.4xlarge", + "m4.large", + "m4.xlarge", "m5.12xlarge", "m5.16xlarge", "m5.24xlarge", + "m5.2xlarge", + "m5.4xlarge", + "m5.8xlarge", + "m5.large", "m5.metal", - "m5a.large", - "m5a.xlarge", - "m5a.2xlarge", - "m5a.4xlarge", - "m5a.8xlarge", + "m5.xlarge", "m5a.12xlarge", "m5a.16xlarge", "m5a.24xlarge", - "m5ad.large", - "m5ad.xlarge", - "m5ad.2xlarge", - "m5ad.4xlarge", - "m5ad.8xlarge", + "m5a.2xlarge", + "m5a.4xlarge", + "m5a.8xlarge", + "m5a.large", + "m5a.xlarge", "m5ad.12xlarge", "m5ad.16xlarge", "m5ad.24xlarge", - "m5d.large", - "m5d.xlarge", - "m5d.2xlarge", - "m5d.4xlarge", - "m5d.8xlarge", + "m5ad.2xlarge", + "m5ad.4xlarge", + "m5ad.8xlarge", + "m5ad.large", + "m5ad.xlarge", "m5d.12xlarge", "m5d.16xlarge", "m5d.24xlarge", + "m5d.2xlarge", + "m5d.4xlarge", + "m5d.8xlarge", + "m5d.large", "m5d.metal", - "m5dn.large", - "m5dn.xlarge", - "m5dn.2xlarge", - "m5dn.4xlarge", - "m5dn.8xlarge", + "m5d.xlarge", "m5dn.12xlarge", "m5dn.16xlarge", "m5dn.24xlarge", + "m5dn.2xlarge", + "m5dn.4xlarge", + "m5dn.8xlarge", + "m5dn.large", "m5dn.metal", - "m5n.large", - "m5n.xlarge", - "m5n.2xlarge", - "m5n.4xlarge", - "m5n.8xlarge", + "m5dn.xlarge", "m5n.12xlarge", "m5n.16xlarge", "m5n.24xlarge", + "m5n.2xlarge", + "m5n.4xlarge", + "m5n.8xlarge", + "m5n.large", "m5n.metal", - "m5zn.large", - "m5zn.xlarge", + "m5n.xlarge", + "m5zn.12xlarge", "m5zn.2xlarge", "m5zn.3xlarge", "m5zn.6xlarge", - "m5zn.12xlarge", + "m5zn.large", "m5zn.metal", - "m6a.large", - "m6a.xlarge", - "m6a.2xlarge", - "m6a.4xlarge", - "m6a.8xlarge", + "m5zn.xlarge", "m6a.12xlarge", "m6a.16xlarge", "m6a.24xlarge", + "m6a.2xlarge", "m6a.32xlarge", "m6a.48xlarge", - "m6g.metal", - "m6g.medium", - "m6g.large", - "m6g.xlarge", + "m6a.4xlarge", + "m6a.8xlarge", + "m6a.large", + "m6a.metal", + "m6a.xlarge", + "m6g.12xlarge", + "m6g.16xlarge", "m6g.2xlarge", "m6g.4xlarge", "m6g.8xlarge", - "m6g.12xlarge", - "m6g.16xlarge", - "m6gd.metal", - "m6gd.medium", - "m6gd.large", - "m6gd.xlarge", + "m6g.large", + "m6g.medium", + "m6g.metal", + "m6g.xlarge", + "m6gd.12xlarge", + "m6gd.16xlarge", "m6gd.2xlarge", "m6gd.4xlarge", "m6gd.8xlarge", - "m6gd.12xlarge", - "m6gd.16xlarge", - "m6i.large", - "m6i.xlarge", - "m6i.2xlarge", - "m6i.4xlarge", - "m6i.8xlarge", + "m6gd.large", + "m6gd.medium", + "m6gd.metal", + "m6gd.xlarge", "m6i.12xlarge", "m6i.16xlarge", "m6i.24xlarge", + "m6i.2xlarge", "m6i.32xlarge", + "m6i.4xlarge", + "m6i.8xlarge", + "m6i.large", "m6i.metal", + "m6i.xlarge", + "m6id.12xlarge", + "m6id.16xlarge", + "m6id.24xlarge", + "m6id.2xlarge", + "m6id.32xlarge", + "m6id.4xlarge", + "m6id.8xlarge", + "m6id.large", + "m6id.metal", + "m6id.xlarge", + "m6idn.12xlarge", + "m6idn.16xlarge", + "m6idn.24xlarge", + "m6idn.2xlarge", + "m6idn.32xlarge", + "m6idn.4xlarge", + "m6idn.8xlarge", + "m6idn.large", + "m6idn.metal", + "m6idn.xlarge", + "m6in.12xlarge", + "m6in.16xlarge", + "m6in.24xlarge", + "m6in.2xlarge", + "m6in.32xlarge", + "m6in.4xlarge", + "m6in.8xlarge", + "m6in.large", + "m6in.metal", + "m6in.xlarge", + "m7a.12xlarge", + "m7a.16xlarge", + "m7a.24xlarge", + "m7a.2xlarge", + "m7a.32xlarge", + "m7a.48xlarge", + "m7a.4xlarge", + "m7a.8xlarge", + "m7a.large", + "m7a.medium", + "m7a.metal-48xl", + "m7a.xlarge", + "m7g.12xlarge", + "m7g.16xlarge", + "m7g.2xlarge", + "m7g.4xlarge", + "m7g.8xlarge", + "m7g.large", + "m7g.medium", + "m7g.metal", + "m7g.xlarge", + "m7gd.12xlarge", + "m7gd.16xlarge", + "m7gd.2xlarge", + "m7gd.4xlarge", + "m7gd.8xlarge", + "m7gd.large", + "m7gd.medium", + "m7gd.metal", + "m7gd.xlarge", + "m7i.12xlarge", + "m7i.16xlarge", + "m7i.24xlarge", + "m7i.2xlarge", + "m7i.48xlarge", + "m7i.4xlarge", + "m7i.8xlarge", + "m7i-flex.12xlarge", + "m7i-flex.16xlarge", + "m7i-flex.2xlarge", + "m7i-flex.4xlarge", + "m7i-flex.8xlarge", + "m7i-flex.large", + "m7i-flex.xlarge", + "m7i.large", + "m7i.metal-24xl", + "m7i.metal-48xl", + "m7i.xlarge", + "m8a.12xlarge", + "m8a.16xlarge", + "m8a.24xlarge", + "m8a.2xlarge", + "m8a.48xlarge", + "m8a.4xlarge", + "m8a.8xlarge", + "m8a.large", + "m8a.medium", + "m8a.metal-24xl", + "m8a.metal-48xl", + "m8a.xlarge", + "m8g.12xlarge", + "m8g.16xlarge", + "m8g.24xlarge", + "m8g.2xlarge", + "m8g.48xlarge", + "m8g.4xlarge", + "m8g.8xlarge", + "m8g.large", + "m8g.medium", + "m8g.metal-24xl", + "m8g.metal-48xl", + "m8g.xlarge", + "m8gd.12xlarge", + "m8gd.16xlarge", + "m8gd.24xlarge", + "m8gd.2xlarge", + "m8gd.48xlarge", + "m8gd.4xlarge", + "m8gd.8xlarge", + "m8gd.large", + "m8gd.medium", + "m8gd.metal-24xl", + "m8gd.metal-48xl", + "m8gd.xlarge", + "m8i.12xlarge", + "m8i.16xlarge", + "m8i.24xlarge", + "m8i.2xlarge", + "m8i.32xlarge", + "m8i.48xlarge", + "m8i.4xlarge", + "m8i.8xlarge", + "m8i.96xlarge", + "m8i-flex.12xlarge", + "m8i-flex.16xlarge", + "m8i-flex.2xlarge", + "m8i-flex.4xlarge", + "m8i-flex.8xlarge", + "m8i-flex.large", + "m8i-flex.xlarge", + "m8i.large", + "m8i.metal-48xl", + "m8i.metal-96xl", + "m8i.xlarge", "mac1.metal", - "p2.xlarge", - "p2.8xlarge", + "mac2-m1ultra.metal", + "mac2-m2.metal", + "mac2-m2pro.metal", + "mac2.metal", + "mac-m4.metal", + "mac-m4pro.metal", "p2.16xlarge", + "p2.8xlarge", + "p2.xlarge", + "p3.16xlarge", "p3.2xlarge", "p3.8xlarge", - "p3.16xlarge", "p3dn.24xlarge", "p4d.24xlarge", - "r3.large", - "r3.xlarge", + "p4de.24xlarge", + "p5.48xlarge", + "p5.4xlarge", + "p5e.48xlarge", + "p5en.48xlarge", + "p6-b200.48xlarge", + "p6e-gb200.36xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", - "r4.large", - "r4.xlarge", + "r3.large", + "r3.xlarge", + "r4.16xlarge", "r4.2xlarge", "r4.4xlarge", "r4.8xlarge", - "r4.16xlarge", - "r5.large", - "r5.xlarge", - "r5.2xlarge", - "r5.4xlarge", - "r5.8xlarge", + "r4.large", + "r4.xlarge", "r5.12xlarge", "r5.16xlarge", "r5.24xlarge", + "r5.2xlarge", + "r5.4xlarge", + "r5.8xlarge", + "r5.large", "r5.metal", - "r5a.large", - "r5a.xlarge", - "r5a.2xlarge", - "r5a.4xlarge", - "r5a.8xlarge", + "r5.xlarge", "r5a.12xlarge", "r5a.16xlarge", "r5a.24xlarge", - "r5ad.large", - "r5ad.xlarge", - "r5ad.2xlarge", - "r5ad.4xlarge", - "r5ad.8xlarge", + "r5a.2xlarge", + "r5a.4xlarge", + "r5a.8xlarge", + "r5a.large", + "r5a.xlarge", "r5ad.12xlarge", "r5ad.16xlarge", "r5ad.24xlarge", - "r5b.large", - "r5b.xlarge", - "r5b.2xlarge", - "r5b.4xlarge", - "r5b.8xlarge", + "r5ad.2xlarge", + "r5ad.4xlarge", + "r5ad.8xlarge", + "r5ad.large", + "r5ad.xlarge", "r5b.12xlarge", "r5b.16xlarge", "r5b.24xlarge", + "r5b.2xlarge", + "r5b.4xlarge", + "r5b.8xlarge", + "r5b.large", "r5b.metal", - "r5d.large", - "r5d.xlarge", - "r5d.2xlarge", - "r5d.4xlarge", - "r5d.8xlarge", + "r5b.xlarge", "r5d.12xlarge", "r5d.16xlarge", "r5d.24xlarge", + "r5d.2xlarge", + "r5d.4xlarge", + "r5d.8xlarge", + "r5d.large", "r5d.metal", - "r5dn.large", - "r5dn.xlarge", - "r5dn.2xlarge", - "r5dn.4xlarge", - "r5dn.8xlarge", + "r5d.xlarge", "r5dn.12xlarge", "r5dn.16xlarge", "r5dn.24xlarge", - "r5dn.metal", - "r5n.large", - "r5n.xlarge", - "r5n.2xlarge", - "r5n.4xlarge", - "r5n.8xlarge", + "r5dn.2xlarge", + "r5dn.4xlarge", + "r5dn.8xlarge", + "r5dn.large", + "r5dn.metal", + "r5dn.xlarge", "r5n.12xlarge", "r5n.16xlarge", "r5n.24xlarge", + "r5n.2xlarge", + "r5n.4xlarge", + "r5n.8xlarge", + "r5n.large", "r5n.metal", - "r6g.medium", - "r6g.large", - "r6g.xlarge", + "r5n.xlarge", + "r6a.12xlarge", + "r6a.16xlarge", + "r6a.24xlarge", + "r6a.2xlarge", + "r6a.32xlarge", + "r6a.48xlarge", + "r6a.4xlarge", + "r6a.8xlarge", + "r6a.large", + "r6a.metal", + "r6a.xlarge", + "r6g.12xlarge", + "r6g.16xlarge", "r6g.2xlarge", "r6g.4xlarge", "r6g.8xlarge", - "r6g.12xlarge", - "r6g.16xlarge", + "r6g.large", + "r6g.medium", "r6g.metal", - "r6gd.medium", - "r6gd.large", - "r6gd.xlarge", + "r6g.xlarge", + "r6gd.12xlarge", + "r6gd.16xlarge", "r6gd.2xlarge", "r6gd.4xlarge", "r6gd.8xlarge", - "r6gd.12xlarge", - "r6gd.16xlarge", + "r6gd.large", + "r6gd.medium", "r6gd.metal", - "r6i.large", - "r6i.xlarge", - "r6i.2xlarge", - "r6i.4xlarge", - "r6i.8xlarge", + "r6gd.xlarge", "r6i.12xlarge", "r6i.16xlarge", "r6i.24xlarge", + "r6i.2xlarge", "r6i.32xlarge", + "r6i.4xlarge", + "r6i.8xlarge", + "r6i.large", "r6i.metal", + "r6i.xlarge", + "r6id.12xlarge", + "r6id.16xlarge", + "r6id.24xlarge", + "r6id.2xlarge", + "r6id.32xlarge", + "r6id.4xlarge", + "r6id.8xlarge", + "r6id.large", + "r6id.metal", + "r6id.xlarge", + "r6idn.12xlarge", + "r6idn.16xlarge", + "r6idn.24xlarge", + "r6idn.2xlarge", + "r6idn.32xlarge", + "r6idn.4xlarge", + "r6idn.8xlarge", + "r6idn.large", + "r6idn.metal", + "r6idn.xlarge", + "r6in.12xlarge", + "r6in.16xlarge", + "r6in.24xlarge", + "r6in.2xlarge", + "r6in.32xlarge", + "r6in.4xlarge", + "r6in.8xlarge", + "r6in.large", + "r6in.metal", + "r6in.xlarge", + "r7a.12xlarge", + "r7a.16xlarge", + "r7a.24xlarge", + "r7a.2xlarge", + "r7a.32xlarge", + "r7a.48xlarge", + "r7a.4xlarge", + "r7a.8xlarge", + "r7a.large", + "r7a.medium", + "r7a.metal-48xl", + "r7a.xlarge", + "r7g.12xlarge", + "r7g.16xlarge", + "r7g.2xlarge", + "r7g.4xlarge", + "r7g.8xlarge", + "r7g.large", + "r7g.medium", + "r7g.metal", + "r7g.xlarge", + "r7gd.12xlarge", + "r7gd.16xlarge", + "r7gd.2xlarge", + "r7gd.4xlarge", + "r7gd.8xlarge", + "r7gd.large", + "r7gd.medium", + "r7gd.metal", + "r7gd.xlarge", + "r7i.12xlarge", + "r7i.16xlarge", + "r7i.24xlarge", + "r7i.2xlarge", + "r7i.48xlarge", + "r7i.4xlarge", + "r7i.8xlarge", + "r7i.large", + "r7i.metal-24xl", + "r7i.metal-48xl", + "r7i.xlarge", + "r7iz.12xlarge", + "r7iz.16xlarge", + "r7iz.2xlarge", + "r7iz.32xlarge", + "r7iz.4xlarge", + "r7iz.8xlarge", + "r7iz.large", + "r7iz.metal-16xl", + "r7iz.metal-32xl", + "r7iz.xlarge", + "r8a.12xlarge", + "r8a.16xlarge", + "r8a.24xlarge", + "r8a.2xlarge", + "r8a.48xlarge", + "r8a.4xlarge", + "r8a.8xlarge", + "r8a.large", + "r8a.medium", + "r8a.metal-24xl", + "r8a.metal-48xl", + "r8a.xlarge", + "r8g.12xlarge", + "r8g.16xlarge", + "r8g.24xlarge", + "r8g.2xlarge", + "r8g.48xlarge", + "r8g.4xlarge", + "r8g.8xlarge", + "r8g.large", + "r8g.medium", + "r8g.metal-24xl", + "r8g.metal-48xl", + "r8g.xlarge", + "r8gb.12xlarge", + "r8gb.16xlarge", + "r8gb.24xlarge", + "r8gb.2xlarge", + "r8gb.4xlarge", + "r8gb.8xlarge", + "r8gb.large", + "r8gb.medium", + "r8gb.metal-24xl", + "r8gb.xlarge", + "r8gd.12xlarge", + "r8gd.16xlarge", + "r8gd.24xlarge", + "r8gd.2xlarge", + "r8gd.48xlarge", + "r8gd.4xlarge", + "r8gd.8xlarge", + "r8gd.large", + "r8gd.medium", + "r8gd.metal-24xl", + "r8gd.metal-48xl", + "r8gd.xlarge", + "r8gn.12xlarge", + "r8gn.16xlarge", + "r8gn.24xlarge", + "r8gn.2xlarge", + "r8gn.48xlarge", + "r8gn.4xlarge", + "r8gn.8xlarge", + "r8gn.large", + "r8gn.medium", + "r8gn.metal-24xl", + "r8gn.metal-48xl", + "r8gn.xlarge", + "r8i.12xlarge", + "r8i.16xlarge", + "r8i.24xlarge", + "r8i.2xlarge", + "r8i.32xlarge", + "r8i.48xlarge", + "r8i.4xlarge", + "r8i.8xlarge", + "r8i.96xlarge", + "r8i-flex.12xlarge", + "r8i-flex.16xlarge", + "r8i-flex.2xlarge", + "r8i-flex.4xlarge", + "r8i-flex.8xlarge", + "r8i-flex.large", + "r8i-flex.xlarge", + "r8i.large", + "r8i.metal-48xl", + "r8i.metal-96xl", + "r8i.xlarge", "t1.micro", - "t2.nano", + "t2.2xlarge", + "t2.large", + "t2.medium", "t2.micro", + "t2.nano", "t2.small", - "t2.medium", - "t2.large", "t2.xlarge", - "t2.2xlarge", - "t3.nano", + "t3.2xlarge", + "t3.large", + "t3.medium", "t3.micro", + "t3.nano", "t3.small", - "t3.medium", - "t3.large", "t3.xlarge", - "t3.2xlarge", - "t3a.nano", + "t3a.2xlarge", + "t3a.large", + "t3a.medium", "t3a.micro", + "t3a.nano", "t3a.small", - "t3a.medium", - "t3a.large", "t3a.xlarge", - "t3a.2xlarge", - "t4g.nano", + "t4g.2xlarge", + "t4g.large", + "t4g.medium", "t4g.micro", + "t4g.nano", "t4g.small", - "t4g.medium", - "t4g.large", "t4g.xlarge", - "t4g.2xlarge", - "u-6tb1.56xlarge", - "u-6tb1.112xlarge", - "u-9tb1.112xlarge", + "trn1.2xlarge", + "trn1.32xlarge", + "trn1n.32xlarge", + "trn2.3xlarge", + "trn2.48xlarge", + "u7i-12tb.224xlarge", + "u7i-6tb.112xlarge", + "u7i-8tb.112xlarge", + "u7ib-12tb.224xlarge", + "u7in-16tb.224xlarge", + "u7in-24tb.224xlarge", + "u7in-32tb.224xlarge", + "u7inh-32tb.480xlarge", "u-12tb1.112xlarge", - "u-6tb1.metal", - "u-9tb1.metal", "u-12tb1.metal", + "u-18tb1.112xlarge", "u-18tb1.metal", + "u-24tb1.112xlarge", "u-24tb1.metal", - "vt1.3xlarge", - "vt1.6xlarge", - "vt1.24xlarge", + "u-3tb1.56xlarge", + "u-6tb1.112xlarge", + "u-6tb1.56xlarge", + "u-6tb1.metal", + "u-9tb1.112xlarge", + "u-9tb1.metal", + "vt1.24xlarge", + "vt1.3xlarge", + "vt1.6xlarge", "x1.16xlarge", "x1.32xlarge", - "x1e.xlarge", + "x1e.16xlarge", "x1e.2xlarge", + "x1e.32xlarge", "x1e.4xlarge", "x1e.8xlarge", - "x1e.16xlarge", - "x1e.32xlarge", - "x2iezn.2xlarge", - "x2iezn.4xlarge", - "x2iezn.6xlarge", - "x2iezn.8xlarge", - "x2iezn.12xlarge", - "x2iezn.metal", - "x2gd.medium", - "x2gd.large", - "x2gd.xlarge", + "x1e.xlarge", + "x2gd.12xlarge", + "x2gd.16xlarge", "x2gd.2xlarge", "x2gd.4xlarge", "x2gd.8xlarge", - "x2gd.12xlarge", - "x2gd.16xlarge", + "x2gd.large", + "x2gd.medium", "x2gd.metal", - "z1d.large", - "z1d.xlarge", - "z1d.2xlarge", - "z1d.3xlarge", - "z1d.6xlarge", - "z1d.12xlarge", - "z1d.metal", + "x2gd.xlarge", "x2idn.16xlarge", "x2idn.24xlarge", "x2idn.32xlarge", - "x2iedn.xlarge", - "x2iedn.2xlarge", - "x2iedn.4xlarge", - "x2iedn.8xlarge", + "x2idn.metal", "x2iedn.16xlarge", "x2iedn.24xlarge", + "x2iedn.2xlarge", "x2iedn.32xlarge", - "c6a.large", - "c6a.xlarge", - "c6a.2xlarge", - "c6a.4xlarge", - "c6a.8xlarge", - "c6a.12xlarge", - "c6a.16xlarge", - "c6a.24xlarge", - "c6a.32xlarge", - "c6a.48xlarge", - "c6a.metal", - "m6a.metal", - "i4i.large", - "i4i.xlarge", - "i4i.2xlarge", - "i4i.4xlarge", - "i4i.8xlarge", - "i4i.16xlarge", - "i4i.32xlarge", - "i4i.metal", - "x2idn.metal", + "x2iedn.4xlarge", + "x2iedn.8xlarge", "x2iedn.metal", - "c7g.medium", - "c7g.large", - "c7g.xlarge", - "c7g.2xlarge", - "c7g.4xlarge", - "c7g.8xlarge", - "c7g.12xlarge", - "c7g.16xlarge", - "mac2.metal", - "c6id.large", - "c6id.xlarge", - "c6id.2xlarge", - "c6id.4xlarge", - "c6id.8xlarge", - "c6id.12xlarge", - "c6id.16xlarge", - "c6id.24xlarge", - "c6id.32xlarge", - "c6id.metal", - "m6id.large", - "m6id.xlarge", - "m6id.2xlarge", - "m6id.4xlarge", - "m6id.8xlarge", - "m6id.12xlarge", - "m6id.16xlarge", - "m6id.24xlarge", - "m6id.32xlarge", - "m6id.metal", - "r6id.large", - "r6id.xlarge", - "r6id.2xlarge", - "r6id.4xlarge", - "r6id.8xlarge", - "r6id.12xlarge", - "r6id.16xlarge", - "r6id.24xlarge", - "r6id.32xlarge", - "r6id.metal", - "r6a.large", - "r6a.xlarge", - "r6a.2xlarge", - "r6a.4xlarge", - "r6a.8xlarge", - "r6a.12xlarge", - "r6a.16xlarge", - "r6a.24xlarge", - "r6a.32xlarge", - "r6a.48xlarge", - "r6a.metal", - "p4de.24xlarge", - "u-3tb1.56xlarge", - "u-18tb1.112xlarge", - "u-24tb1.112xlarge", - "trn1.2xlarge", - "trn1.32xlarge", - "hpc6id.32xlarge", - "c6in.large", - "c6in.xlarge", - "c6in.2xlarge", - "c6in.4xlarge", - "c6in.8xlarge", - "c6in.12xlarge", - "c6in.16xlarge", - "c6in.24xlarge", - "c6in.32xlarge", - "m6in.large", - "m6in.xlarge", - "m6in.2xlarge", - "m6in.4xlarge", - "m6in.8xlarge", - "m6in.12xlarge", - "m6in.16xlarge", - "m6in.24xlarge", - "m6in.32xlarge", - "m6idn.large", - "m6idn.xlarge", - "m6idn.2xlarge", - "m6idn.4xlarge", - "m6idn.8xlarge", - "m6idn.12xlarge", - "m6idn.16xlarge", - "m6idn.24xlarge", - "m6idn.32xlarge", - "r6in.large", - "r6in.xlarge", - "r6in.2xlarge", - "r6in.4xlarge", - "r6in.8xlarge", - "r6in.12xlarge", - "r6in.16xlarge", - "r6in.24xlarge", - "r6in.32xlarge", - "r6idn.large", - "r6idn.xlarge", - "r6idn.2xlarge", - "r6idn.4xlarge", - "r6idn.8xlarge", - "r6idn.12xlarge", - "r6idn.16xlarge", - "r6idn.24xlarge", - "r6idn.32xlarge", - "c7g.metal", - "m7g.medium", - "m7g.large", - "m7g.xlarge", - "m7g.2xlarge", - "m7g.4xlarge", - "m7g.8xlarge", - "m7g.12xlarge", - "m7g.16xlarge", - "m7g.metal", - "r7g.medium", - "r7g.large", - "r7g.xlarge", - "r7g.2xlarge", - "r7g.4xlarge", - "r7g.8xlarge", - "r7g.12xlarge", - "r7g.16xlarge", - "r7g.metal", - "c6in.metal", - "m6in.metal", - "m6idn.metal", - "r6in.metal", - "r6idn.metal", - "inf2.xlarge", - "inf2.8xlarge", - "inf2.24xlarge", - "inf2.48xlarge", - "trn1n.32xlarge", - "i4g.large", - "i4g.xlarge", - "i4g.2xlarge", - "i4g.4xlarge", - "i4g.8xlarge", - "i4g.16xlarge", - "hpc7g.4xlarge", - "hpc7g.8xlarge", - "hpc7g.16xlarge", - "c7gn.medium", - "c7gn.large", - "c7gn.xlarge", - "c7gn.2xlarge", - "c7gn.4xlarge", - "c7gn.8xlarge", - "c7gn.12xlarge", - "c7gn.16xlarge", - "p5.48xlarge", - "m7i.large", - "m7i.xlarge", - "m7i.2xlarge", - "m7i.4xlarge", - "m7i.8xlarge", - "m7i.12xlarge", - "m7i.16xlarge", - "m7i.24xlarge", - "m7i.48xlarge", - "m7i-flex.large", - "m7i-flex.xlarge", - "m7i-flex.2xlarge", - "m7i-flex.4xlarge", - "m7i-flex.8xlarge", - "m7a.medium", - "m7a.large", - "m7a.xlarge", - "m7a.2xlarge", - "m7a.4xlarge", - "m7a.8xlarge", - "m7a.12xlarge", - "m7a.16xlarge", - "m7a.24xlarge", - "m7a.32xlarge", - "m7a.48xlarge", - "m7a.metal-48xl", - "hpc7a.12xlarge", - "hpc7a.24xlarge", - "hpc7a.48xlarge", - "hpc7a.96xlarge", - "c7gd.medium", - "c7gd.large", - "c7gd.xlarge", - "c7gd.2xlarge", - "c7gd.4xlarge", - "c7gd.8xlarge", - "c7gd.12xlarge", - "c7gd.16xlarge", - "m7gd.medium", - "m7gd.large", - "m7gd.xlarge", - "m7gd.2xlarge", - "m7gd.4xlarge", - "m7gd.8xlarge", - "m7gd.12xlarge", - "m7gd.16xlarge", - "r7gd.medium", - "r7gd.large", - "r7gd.xlarge", - "r7gd.2xlarge", - "r7gd.4xlarge", - "r7gd.8xlarge", - "r7gd.12xlarge", - "r7gd.16xlarge", - "r7a.medium", - "r7a.large", - "r7a.xlarge", - "r7a.2xlarge", - "r7a.4xlarge", - "r7a.8xlarge", - "r7a.12xlarge", - "r7a.16xlarge", - "r7a.24xlarge", - "r7a.32xlarge", - "r7a.48xlarge", - "c7i.large", - "c7i.xlarge", - "c7i.2xlarge", - "c7i.4xlarge", - "c7i.8xlarge", - "c7i.12xlarge", - "c7i.16xlarge", - "c7i.24xlarge", - "c7i.48xlarge", - "mac2-m2pro.metal", - "r7iz.large", - "r7iz.xlarge", - "r7iz.2xlarge", - "r7iz.4xlarge", - "r7iz.8xlarge", - "r7iz.12xlarge", - "r7iz.16xlarge", - "r7iz.32xlarge", - "c7a.medium", - "c7a.large", - "c7a.xlarge", - "c7a.2xlarge", - "c7a.4xlarge", - "c7a.8xlarge", - "c7a.12xlarge", - "c7a.16xlarge", - "c7a.24xlarge", - "c7a.32xlarge", - "c7a.48xlarge", - "c7a.metal-48xl", - "r7a.metal-48xl", - "r7i.large", - "r7i.xlarge", - "r7i.2xlarge", - "r7i.4xlarge", - "r7i.8xlarge", - "r7i.12xlarge", - "r7i.16xlarge", - "r7i.24xlarge", - "r7i.48xlarge", - "dl2q.24xlarge", - "mac2-m2.metal", - "i4i.12xlarge", - "i4i.24xlarge", - "c7i.metal-24xl", - "c7i.metal-48xl", - "m7i.metal-24xl", - "m7i.metal-48xl", - "r7i.metal-24xl", - "r7i.metal-48xl", - "r7iz.metal-16xl", - "r7iz.metal-32xl", - "c7gd.metal", - "m7gd.metal", - "r7gd.metal", - "g6.xlarge", - "g6.2xlarge", - "g6.4xlarge", - "g6.8xlarge", - "g6.12xlarge", - "g6.16xlarge", - "g6.24xlarge", - "g6.48xlarge", - "gr6.4xlarge", - "gr6.8xlarge", - "c7i-flex.large", - "c7i-flex.xlarge", - "c7i-flex.2xlarge", - "c7i-flex.4xlarge", - "c7i-flex.8xlarge", - "u7i-12tb.224xlarge", - "u7in-16tb.224xlarge", - "u7in-24tb.224xlarge", - "u7in-32tb.224xlarge", - "u7ib-12tb.224xlarge", - "c7gn.metal", - "r8g.medium", - "r8g.large", - "r8g.xlarge", - "r8g.2xlarge", - "r8g.4xlarge", - "r8g.8xlarge", - "r8g.12xlarge", - "r8g.16xlarge", - "r8g.24xlarge", - "r8g.48xlarge", - "r8g.metal-24xl", - "r8g.metal-48xl", - "mac2-m1ultra.metal", - "g6e.xlarge", - "g6e.2xlarge", - "g6e.4xlarge", - "g6e.8xlarge", - "g6e.12xlarge", - "g6e.16xlarge", - "g6e.24xlarge", - "g6e.48xlarge", - "c8g.medium", - "c8g.large", - "c8g.xlarge", - "c8g.2xlarge", - "c8g.4xlarge", - "c8g.8xlarge", - "c8g.12xlarge", - "c8g.16xlarge", - "c8g.24xlarge", - "c8g.48xlarge", - "c8g.metal-24xl", - "c8g.metal-48xl", - "m8g.medium", - "m8g.large", - "m8g.xlarge", - "m8g.2xlarge", - "m8g.4xlarge", - "m8g.8xlarge", - "m8g.12xlarge", - "m8g.16xlarge", - "m8g.24xlarge", - "m8g.48xlarge", - "m8g.metal-24xl", - "m8g.metal-48xl", - "x8g.medium", - "x8g.large", - "x8g.xlarge", - "x8g.2xlarge", - "x8g.4xlarge", - "x8g.8xlarge", + "x2iedn.xlarge", + "x2iezn.12xlarge", + "x2iezn.2xlarge", + "x2iezn.4xlarge", + "x2iezn.6xlarge", + "x2iezn.8xlarge", + "x2iezn.metal", "x8g.12xlarge", "x8g.16xlarge", "x8g.24xlarge", + "x8g.2xlarge", "x8g.48xlarge", + "x8g.4xlarge", + "x8g.8xlarge", + "x8g.large", + "x8g.medium", "x8g.metal-24xl", "x8g.metal-48xl", - "i7ie.large", - "i7ie.xlarge", - "i7ie.2xlarge", - "i7ie.3xlarge", - "i7ie.6xlarge", - "i7ie.12xlarge", - "i7ie.18xlarge", - "i7ie.24xlarge", - "i7ie.48xlarge", - "i8g.large", - "i8g.xlarge", - "i8g.2xlarge", - "i8g.4xlarge", - "i8g.8xlarge", - "i8g.12xlarge", - "i8g.16xlarge", - "i8g.24xlarge", - "i8g.metal-24xl", - "u7i-6tb.112xlarge", - "u7i-8tb.112xlarge", - "u7inh-32tb.480xlarge", - "p5e.48xlarge", - "p5en.48xlarge", - "f2.12xlarge", - "f2.48xlarge", - "trn2.48xlarge", - "c7i-flex.12xlarge", - "c7i-flex.16xlarge", - "m7i-flex.12xlarge", - "m7i-flex.16xlarge", - "i7ie.metal-24xl", - "i7ie.metal-48xl", - "i8g.48xlarge", - "c8gd.medium", - "c8gd.large", - "c8gd.xlarge", - "c8gd.2xlarge", - "c8gd.4xlarge", - "c8gd.8xlarge", - "c8gd.12xlarge", - "c8gd.16xlarge", - "c8gd.24xlarge", - "c8gd.48xlarge", - "c8gd.metal-24xl", - "c8gd.metal-48xl", - "i7i.large", - "i7i.xlarge", - "i7i.2xlarge", - "i7i.4xlarge", - "i7i.8xlarge", - "i7i.12xlarge", - "i7i.16xlarge", - "i7i.24xlarge", - "i7i.48xlarge", - "i7i.metal-24xl", - "i7i.metal-48xl", - "p6-b200.48xlarge", - "m8gd.medium", - "m8gd.large", - "m8gd.xlarge", - "m8gd.2xlarge", - "m8gd.4xlarge", - "m8gd.8xlarge", - "m8gd.12xlarge", - "m8gd.16xlarge", - "m8gd.24xlarge", - "m8gd.48xlarge", - "m8gd.metal-24xl", - "m8gd.metal-48xl", - "r8gd.medium", - "r8gd.large", - "r8gd.xlarge", - "r8gd.2xlarge", - "r8gd.4xlarge", - "r8gd.8xlarge", - "r8gd.12xlarge", - "r8gd.16xlarge", - "r8gd.24xlarge", - "r8gd.48xlarge", - "r8gd.metal-24xl", - "r8gd.metal-48xl", - "c8gn.medium", - "c8gn.large", - "c8gn.xlarge", - "c8gn.2xlarge", - "c8gn.4xlarge", - "c8gn.8xlarge", - "c8gn.12xlarge", - "c8gn.16xlarge", - "c8gn.24xlarge", - "c8gn.48xlarge", - "c8gn.metal-24xl", - "c8gn.metal-48xl", - "f2.6xlarge", - "p6e-gb200.36xlarge", - "g6f.large", - "g6f.xlarge", - "g6f.2xlarge", - "g6f.4xlarge", - "gr6f.4xlarge", - "p5.4xlarge", - "r8i.large", - "r8i.xlarge", - "r8i.2xlarge", - "r8i.4xlarge", - "r8i.8xlarge", - "r8i.12xlarge", - "r8i.16xlarge", - "r8i.24xlarge", - "r8i.32xlarge", - "r8i.48xlarge", - "r8i.96xlarge", - "r8i.metal-48xl", - "r8i.metal-96xl", - "r8i-flex.large", - "r8i-flex.xlarge", - "r8i-flex.2xlarge", - "r8i-flex.4xlarge", - "r8i-flex.8xlarge", - "r8i-flex.12xlarge", - "r8i-flex.16xlarge", - "m8i.large", - "m8i.xlarge", - "m8i.2xlarge", - "m8i.4xlarge", - "m8i.8xlarge", - "m8i.12xlarge", - "m8i.16xlarge", - "m8i.24xlarge", - "m8i.32xlarge", - "m8i.48xlarge", - "m8i.96xlarge", - "m8i.metal-48xl", - "m8i.metal-96xl", - "m8i-flex.large", - "m8i-flex.xlarge", - "m8i-flex.2xlarge", - "m8i-flex.4xlarge", - "m8i-flex.8xlarge", - "m8i-flex.12xlarge", - "m8i-flex.16xlarge", - "i8ge.large", - "i8ge.xlarge", - "i8ge.2xlarge", - "i8ge.3xlarge", - "i8ge.6xlarge", - "i8ge.12xlarge", - "i8ge.18xlarge", - "i8ge.24xlarge", - "i8ge.48xlarge", - "i8ge.metal-24xl", - "i8ge.metal-48xl", - "mac-m4.metal", - "mac-m4pro.metal", - "r8gn.medium", - "r8gn.large", - "r8gn.xlarge", - "r8gn.2xlarge", - "r8gn.4xlarge", - "r8gn.8xlarge", - "r8gn.12xlarge", - "r8gn.16xlarge", - "r8gn.24xlarge", - "r8gn.48xlarge", - "r8gn.metal-24xl", - "r8gn.metal-48xl", - "c8i.large", - "c8i.xlarge", - "c8i.2xlarge", - "c8i.4xlarge", - "c8i.8xlarge", - "c8i.12xlarge", - "c8i.16xlarge", - "c8i.24xlarge", - "c8i.32xlarge", - "c8i.48xlarge", - "c8i.96xlarge", - "c8i.metal-48xl", - "c8i.metal-96xl", - "c8i-flex.large", - "c8i-flex.xlarge", - "c8i-flex.2xlarge", - "c8i-flex.4xlarge", - "c8i-flex.8xlarge", - "c8i-flex.12xlarge", - "c8i-flex.16xlarge", - "r8gb.medium", - "r8gb.large", - "r8gb.xlarge", - "r8gb.2xlarge", - "r8gb.4xlarge", - "r8gb.8xlarge", - "r8gb.12xlarge", - "r8gb.16xlarge", - "r8gb.24xlarge", - "r8gb.metal-24xl", - "m8a.medium", - "m8a.large", - "m8a.xlarge", - "m8a.2xlarge", - "m8a.4xlarge", - "m8a.8xlarge", - "m8a.12xlarge", - "m8a.16xlarge", - "m8a.24xlarge", - "m8a.48xlarge", - "m8a.metal-24xl", - "m8a.metal-48xl", + "x8g.xlarge", + "z1d.12xlarge", + "z1d.2xlarge", + "z1d.3xlarge", + "z1d.6xlarge", + "z1d.large", + "z1d.metal", + "z1d.xlarge", }, } } diff --git a/rules/models/aws_launch_template_invalid_instance_type.go b/rules/models/aws_launch_template_invalid_instance_type.go index af969b3e..1bda3279 100644 --- a/rules/models/aws_launch_template_invalid_instance_type.go +++ b/rules/models/aws_launch_template_invalid_instance_type.go @@ -25,1078 +25,1091 @@ func NewAwsLaunchTemplateInvalidInstanceTypeRule() *AwsLaunchTemplateInvalidInst resourceType: "aws_launch_template", attributeName: "instance_type", enum: []string{ - "a1.medium", - "a1.large", - "a1.xlarge", "a1.2xlarge", "a1.4xlarge", + "a1.large", + "a1.medium", "a1.metal", + "a1.xlarge", "c1.medium", "c1.xlarge", - "c3.large", - "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", - "c4.large", - "c4.xlarge", + "c3.large", + "c3.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", - "c5.large", - "c5.xlarge", - "c5.2xlarge", - "c5.4xlarge", - "c5.9xlarge", + "c4.large", + "c4.xlarge", "c5.12xlarge", "c5.18xlarge", "c5.24xlarge", + "c5.2xlarge", + "c5.4xlarge", + "c5.9xlarge", + "c5.large", "c5.metal", - "c5a.large", - "c5a.xlarge", - "c5a.2xlarge", - "c5a.4xlarge", - "c5a.8xlarge", + "c5.xlarge", "c5a.12xlarge", "c5a.16xlarge", "c5a.24xlarge", - "c5ad.large", - "c5ad.xlarge", - "c5ad.2xlarge", - "c5ad.4xlarge", - "c5ad.8xlarge", + "c5a.2xlarge", + "c5a.4xlarge", + "c5a.8xlarge", + "c5a.large", + "c5a.xlarge", "c5ad.12xlarge", "c5ad.16xlarge", "c5ad.24xlarge", - "c5d.large", - "c5d.xlarge", - "c5d.2xlarge", - "c5d.4xlarge", - "c5d.9xlarge", + "c5ad.2xlarge", + "c5ad.4xlarge", + "c5ad.8xlarge", + "c5ad.large", + "c5ad.xlarge", "c5d.12xlarge", "c5d.18xlarge", "c5d.24xlarge", + "c5d.2xlarge", + "c5d.4xlarge", + "c5d.9xlarge", + "c5d.large", "c5d.metal", - "c5n.large", - "c5n.xlarge", + "c5d.xlarge", + "c5n.18xlarge", "c5n.2xlarge", "c5n.4xlarge", "c5n.9xlarge", - "c5n.18xlarge", + "c5n.large", "c5n.metal", - "c6g.medium", - "c6g.large", - "c6g.xlarge", + "c5n.xlarge", + "c6a.12xlarge", + "c6a.16xlarge", + "c6a.24xlarge", + "c6a.2xlarge", + "c6a.32xlarge", + "c6a.48xlarge", + "c6a.4xlarge", + "c6a.8xlarge", + "c6a.large", + "c6a.metal", + "c6a.xlarge", + "c6g.12xlarge", + "c6g.16xlarge", "c6g.2xlarge", "c6g.4xlarge", "c6g.8xlarge", - "c6g.12xlarge", - "c6g.16xlarge", + "c6g.large", + "c6g.medium", "c6g.metal", - "c6gd.medium", - "c6gd.large", - "c6gd.xlarge", + "c6g.xlarge", + "c6gd.12xlarge", + "c6gd.16xlarge", "c6gd.2xlarge", "c6gd.4xlarge", "c6gd.8xlarge", - "c6gd.12xlarge", - "c6gd.16xlarge", + "c6gd.large", + "c6gd.medium", "c6gd.metal", - "c6gn.medium", - "c6gn.large", - "c6gn.xlarge", + "c6gd.xlarge", + "c6gn.12xlarge", + "c6gn.16xlarge", "c6gn.2xlarge", "c6gn.4xlarge", "c6gn.8xlarge", - "c6gn.12xlarge", - "c6gn.16xlarge", - "c6i.large", - "c6i.xlarge", - "c6i.2xlarge", - "c6i.4xlarge", - "c6i.8xlarge", + "c6gn.large", + "c6gn.medium", + "c6gn.xlarge", "c6i.12xlarge", "c6i.16xlarge", "c6i.24xlarge", + "c6i.2xlarge", "c6i.32xlarge", + "c6i.4xlarge", + "c6i.8xlarge", + "c6i.large", "c6i.metal", + "c6i.xlarge", + "c6id.12xlarge", + "c6id.16xlarge", + "c6id.24xlarge", + "c6id.2xlarge", + "c6id.32xlarge", + "c6id.4xlarge", + "c6id.8xlarge", + "c6id.large", + "c6id.metal", + "c6id.xlarge", + "c6in.12xlarge", + "c6in.16xlarge", + "c6in.24xlarge", + "c6in.2xlarge", + "c6in.32xlarge", + "c6in.4xlarge", + "c6in.8xlarge", + "c6in.large", + "c6in.metal", + "c6in.xlarge", + "c7a.12xlarge", + "c7a.16xlarge", + "c7a.24xlarge", + "c7a.2xlarge", + "c7a.32xlarge", + "c7a.48xlarge", + "c7a.4xlarge", + "c7a.8xlarge", + "c7a.large", + "c7a.medium", + "c7a.metal-48xl", + "c7a.xlarge", + "c7g.12xlarge", + "c7g.16xlarge", + "c7g.2xlarge", + "c7g.4xlarge", + "c7g.8xlarge", + "c7g.large", + "c7g.medium", + "c7g.metal", + "c7g.xlarge", + "c7gd.12xlarge", + "c7gd.16xlarge", + "c7gd.2xlarge", + "c7gd.4xlarge", + "c7gd.8xlarge", + "c7gd.large", + "c7gd.medium", + "c7gd.metal", + "c7gd.xlarge", + "c7gn.12xlarge", + "c7gn.16xlarge", + "c7gn.2xlarge", + "c7gn.4xlarge", + "c7gn.8xlarge", + "c7gn.large", + "c7gn.medium", + "c7gn.metal", + "c7gn.xlarge", + "c7i.12xlarge", + "c7i.16xlarge", + "c7i.24xlarge", + "c7i.2xlarge", + "c7i.48xlarge", + "c7i.4xlarge", + "c7i.8xlarge", + "c7i-flex.12xlarge", + "c7i-flex.16xlarge", + "c7i-flex.2xlarge", + "c7i-flex.4xlarge", + "c7i-flex.8xlarge", + "c7i-flex.large", + "c7i-flex.xlarge", + "c7i.large", + "c7i.metal-24xl", + "c7i.metal-48xl", + "c7i.xlarge", + "c8g.12xlarge", + "c8g.16xlarge", + "c8g.24xlarge", + "c8g.2xlarge", + "c8g.48xlarge", + "c8g.4xlarge", + "c8g.8xlarge", + "c8g.large", + "c8g.medium", + "c8g.metal-24xl", + "c8g.metal-48xl", + "c8g.xlarge", + "c8gd.12xlarge", + "c8gd.16xlarge", + "c8gd.24xlarge", + "c8gd.2xlarge", + "c8gd.48xlarge", + "c8gd.4xlarge", + "c8gd.8xlarge", + "c8gd.large", + "c8gd.medium", + "c8gd.metal-24xl", + "c8gd.metal-48xl", + "c8gd.xlarge", + "c8gn.12xlarge", + "c8gn.16xlarge", + "c8gn.24xlarge", + "c8gn.2xlarge", + "c8gn.48xlarge", + "c8gn.4xlarge", + "c8gn.8xlarge", + "c8gn.large", + "c8gn.medium", + "c8gn.metal-24xl", + "c8gn.metal-48xl", + "c8gn.xlarge", + "c8i.12xlarge", + "c8i.16xlarge", + "c8i.24xlarge", + "c8i.2xlarge", + "c8i.32xlarge", + "c8i.48xlarge", + "c8i.4xlarge", + "c8i.8xlarge", + "c8i.96xlarge", + "c8i-flex.12xlarge", + "c8i-flex.16xlarge", + "c8i-flex.2xlarge", + "c8i-flex.4xlarge", + "c8i-flex.8xlarge", + "c8i-flex.large", + "c8i-flex.xlarge", + "c8i.large", + "c8i.metal-48xl", + "c8i.metal-96xl", + "c8i.xlarge", "cc1.4xlarge", "cc2.8xlarge", "cg1.4xlarge", "cr1.8xlarge", - "d2.xlarge", "d2.2xlarge", "d2.4xlarge", "d2.8xlarge", - "d3.xlarge", + "d2.xlarge", "d3.2xlarge", "d3.4xlarge", "d3.8xlarge", - "d3en.xlarge", + "d3.xlarge", + "d3en.12xlarge", "d3en.2xlarge", "d3en.4xlarge", "d3en.6xlarge", "d3en.8xlarge", - "d3en.12xlarge", + "d3en.xlarge", "dl1.24xlarge", + "dl2q.24xlarge", + "f1.16xlarge", "f1.2xlarge", "f1.4xlarge", - "f1.16xlarge", - "g2.2xlarge", + "f2.12xlarge", + "f2.48xlarge", + "f2.6xlarge", + "g2.2xlarge", "g2.8xlarge", + "g3.16xlarge", "g3.4xlarge", "g3.8xlarge", - "g3.16xlarge", "g3s.xlarge", - "g4ad.xlarge", + "g4ad.16xlarge", "g4ad.2xlarge", "g4ad.4xlarge", "g4ad.8xlarge", - "g4ad.16xlarge", - "g4dn.xlarge", + "g4ad.xlarge", + "g4dn.12xlarge", + "g4dn.16xlarge", "g4dn.2xlarge", "g4dn.4xlarge", "g4dn.8xlarge", - "g4dn.12xlarge", - "g4dn.16xlarge", "g4dn.metal", - "g5.xlarge", - "g5.2xlarge", - "g5.4xlarge", - "g5.8xlarge", + "g4dn.xlarge", "g5.12xlarge", "g5.16xlarge", "g5.24xlarge", + "g5.2xlarge", "g5.48xlarge", - "g5g.xlarge", + "g5.4xlarge", + "g5.8xlarge", + "g5.xlarge", + "g5g.16xlarge", "g5g.2xlarge", "g5g.4xlarge", "g5g.8xlarge", - "g5g.16xlarge", "g5g.metal", - "hi1.4xlarge", - "hpc6a.48xlarge", - "hs1.8xlarge", + "g5g.xlarge", + "g6.12xlarge", + "g6.16xlarge", + "g6.24xlarge", + "g6.2xlarge", + "g6.48xlarge", + "g6.4xlarge", + "g6.8xlarge", + "g6.xlarge", + "g6e.12xlarge", + "g6e.16xlarge", + "g6e.24xlarge", + "g6e.2xlarge", + "g6e.48xlarge", + "g6e.4xlarge", + "g6e.8xlarge", + "g6e.xlarge", + "g6f.2xlarge", + "g6f.4xlarge", + "g6f.large", + "g6f.xlarge", + "gr6.4xlarge", + "gr6.8xlarge", + "gr6f.4xlarge", + "h1.16xlarge", "h1.2xlarge", "h1.4xlarge", "h1.8xlarge", - "h1.16xlarge", - "i2.xlarge", + "hi1.4xlarge", + "hpc6a.48xlarge", + "hpc6id.32xlarge", + "hpc7a.12xlarge", + "hpc7a.24xlarge", + "hpc7a.48xlarge", + "hpc7a.96xlarge", + "hpc7g.16xlarge", + "hpc7g.4xlarge", + "hpc7g.8xlarge", + "hs1.8xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", - "i3.large", - "i3.xlarge", + "i2.xlarge", + "i3.16xlarge", "i3.2xlarge", "i3.4xlarge", "i3.8xlarge", - "i3.16xlarge", + "i3.large", "i3.metal", - "i3en.large", - "i3en.xlarge", + "i3.xlarge", + "i3en.12xlarge", + "i3en.24xlarge", "i3en.2xlarge", "i3en.3xlarge", "i3en.6xlarge", - "i3en.12xlarge", - "i3en.24xlarge", + "i3en.large", "i3en.metal", - "im4gn.large", - "im4gn.xlarge", + "i3en.xlarge", + "i4g.16xlarge", + "i4g.2xlarge", + "i4g.4xlarge", + "i4g.8xlarge", + "i4g.large", + "i4g.xlarge", + "i4i.12xlarge", + "i4i.16xlarge", + "i4i.24xlarge", + "i4i.2xlarge", + "i4i.32xlarge", + "i4i.4xlarge", + "i4i.8xlarge", + "i4i.large", + "i4i.metal", + "i4i.xlarge", + "i7i.12xlarge", + "i7i.16xlarge", + "i7i.24xlarge", + "i7i.2xlarge", + "i7i.48xlarge", + "i7i.4xlarge", + "i7i.8xlarge", + "i7i.large", + "i7i.metal-24xl", + "i7i.metal-48xl", + "i7i.xlarge", + "i7ie.12xlarge", + "i7ie.18xlarge", + "i7ie.24xlarge", + "i7ie.2xlarge", + "i7ie.3xlarge", + "i7ie.48xlarge", + "i7ie.6xlarge", + "i7ie.large", + "i7ie.metal-24xl", + "i7ie.metal-48xl", + "i7ie.xlarge", + "i8g.12xlarge", + "i8g.16xlarge", + "i8g.24xlarge", + "i8g.2xlarge", + "i8g.48xlarge", + "i8g.4xlarge", + "i8g.8xlarge", + "i8g.large", + "i8g.metal-24xl", + "i8g.xlarge", + "i8ge.12xlarge", + "i8ge.18xlarge", + "i8ge.24xlarge", + "i8ge.2xlarge", + "i8ge.3xlarge", + "i8ge.48xlarge", + "i8ge.6xlarge", + "i8ge.large", + "i8ge.metal-24xl", + "i8ge.metal-48xl", + "i8ge.xlarge", + "im4gn.16xlarge", "im4gn.2xlarge", "im4gn.4xlarge", "im4gn.8xlarge", - "im4gn.16xlarge", - "inf1.xlarge", + "im4gn.large", + "im4gn.xlarge", + "inf1.24xlarge", "inf1.2xlarge", "inf1.6xlarge", - "inf1.24xlarge", - "is4gen.medium", - "is4gen.large", - "is4gen.xlarge", + "inf1.xlarge", + "inf2.24xlarge", + "inf2.48xlarge", + "inf2.8xlarge", + "inf2.xlarge", "is4gen.2xlarge", "is4gen.4xlarge", "is4gen.8xlarge", - "m1.small", - "m1.medium", + "is4gen.large", + "is4gen.medium", + "is4gen.xlarge", "m1.large", + "m1.medium", + "m1.small", "m1.xlarge", - "m2.xlarge", "m2.2xlarge", "m2.4xlarge", - "m3.medium", + "m2.xlarge", + "m3.2xlarge", "m3.large", + "m3.medium", "m3.xlarge", - "m3.2xlarge", - "m4.large", - "m4.xlarge", - "m4.2xlarge", - "m4.4xlarge", "m4.10xlarge", "m4.16xlarge", - "m5.large", - "m5.xlarge", - "m5.2xlarge", - "m5.4xlarge", - "m5.8xlarge", + "m4.2xlarge", + "m4.4xlarge", + "m4.large", + "m4.xlarge", "m5.12xlarge", "m5.16xlarge", "m5.24xlarge", + "m5.2xlarge", + "m5.4xlarge", + "m5.8xlarge", + "m5.large", "m5.metal", - "m5a.large", - "m5a.xlarge", - "m5a.2xlarge", - "m5a.4xlarge", - "m5a.8xlarge", + "m5.xlarge", "m5a.12xlarge", "m5a.16xlarge", "m5a.24xlarge", - "m5ad.large", - "m5ad.xlarge", - "m5ad.2xlarge", - "m5ad.4xlarge", - "m5ad.8xlarge", + "m5a.2xlarge", + "m5a.4xlarge", + "m5a.8xlarge", + "m5a.large", + "m5a.xlarge", "m5ad.12xlarge", "m5ad.16xlarge", "m5ad.24xlarge", - "m5d.large", - "m5d.xlarge", - "m5d.2xlarge", - "m5d.4xlarge", - "m5d.8xlarge", + "m5ad.2xlarge", + "m5ad.4xlarge", + "m5ad.8xlarge", + "m5ad.large", + "m5ad.xlarge", "m5d.12xlarge", "m5d.16xlarge", "m5d.24xlarge", + "m5d.2xlarge", + "m5d.4xlarge", + "m5d.8xlarge", + "m5d.large", "m5d.metal", - "m5dn.large", - "m5dn.xlarge", - "m5dn.2xlarge", - "m5dn.4xlarge", - "m5dn.8xlarge", + "m5d.xlarge", "m5dn.12xlarge", "m5dn.16xlarge", "m5dn.24xlarge", + "m5dn.2xlarge", + "m5dn.4xlarge", + "m5dn.8xlarge", + "m5dn.large", "m5dn.metal", - "m5n.large", - "m5n.xlarge", - "m5n.2xlarge", - "m5n.4xlarge", - "m5n.8xlarge", + "m5dn.xlarge", "m5n.12xlarge", "m5n.16xlarge", "m5n.24xlarge", + "m5n.2xlarge", + "m5n.4xlarge", + "m5n.8xlarge", + "m5n.large", "m5n.metal", - "m5zn.large", - "m5zn.xlarge", + "m5n.xlarge", + "m5zn.12xlarge", "m5zn.2xlarge", "m5zn.3xlarge", "m5zn.6xlarge", - "m5zn.12xlarge", + "m5zn.large", "m5zn.metal", - "m6a.large", - "m6a.xlarge", - "m6a.2xlarge", - "m6a.4xlarge", - "m6a.8xlarge", + "m5zn.xlarge", "m6a.12xlarge", "m6a.16xlarge", "m6a.24xlarge", + "m6a.2xlarge", "m6a.32xlarge", "m6a.48xlarge", - "m6g.metal", - "m6g.medium", - "m6g.large", - "m6g.xlarge", + "m6a.4xlarge", + "m6a.8xlarge", + "m6a.large", + "m6a.metal", + "m6a.xlarge", + "m6g.12xlarge", + "m6g.16xlarge", "m6g.2xlarge", "m6g.4xlarge", "m6g.8xlarge", - "m6g.12xlarge", - "m6g.16xlarge", - "m6gd.metal", - "m6gd.medium", - "m6gd.large", - "m6gd.xlarge", + "m6g.large", + "m6g.medium", + "m6g.metal", + "m6g.xlarge", + "m6gd.12xlarge", + "m6gd.16xlarge", "m6gd.2xlarge", "m6gd.4xlarge", "m6gd.8xlarge", - "m6gd.12xlarge", - "m6gd.16xlarge", - "m6i.large", - "m6i.xlarge", - "m6i.2xlarge", - "m6i.4xlarge", - "m6i.8xlarge", + "m6gd.large", + "m6gd.medium", + "m6gd.metal", + "m6gd.xlarge", "m6i.12xlarge", "m6i.16xlarge", "m6i.24xlarge", + "m6i.2xlarge", "m6i.32xlarge", + "m6i.4xlarge", + "m6i.8xlarge", + "m6i.large", "m6i.metal", + "m6i.xlarge", + "m6id.12xlarge", + "m6id.16xlarge", + "m6id.24xlarge", + "m6id.2xlarge", + "m6id.32xlarge", + "m6id.4xlarge", + "m6id.8xlarge", + "m6id.large", + "m6id.metal", + "m6id.xlarge", + "m6idn.12xlarge", + "m6idn.16xlarge", + "m6idn.24xlarge", + "m6idn.2xlarge", + "m6idn.32xlarge", + "m6idn.4xlarge", + "m6idn.8xlarge", + "m6idn.large", + "m6idn.metal", + "m6idn.xlarge", + "m6in.12xlarge", + "m6in.16xlarge", + "m6in.24xlarge", + "m6in.2xlarge", + "m6in.32xlarge", + "m6in.4xlarge", + "m6in.8xlarge", + "m6in.large", + "m6in.metal", + "m6in.xlarge", + "m7a.12xlarge", + "m7a.16xlarge", + "m7a.24xlarge", + "m7a.2xlarge", + "m7a.32xlarge", + "m7a.48xlarge", + "m7a.4xlarge", + "m7a.8xlarge", + "m7a.large", + "m7a.medium", + "m7a.metal-48xl", + "m7a.xlarge", + "m7g.12xlarge", + "m7g.16xlarge", + "m7g.2xlarge", + "m7g.4xlarge", + "m7g.8xlarge", + "m7g.large", + "m7g.medium", + "m7g.metal", + "m7g.xlarge", + "m7gd.12xlarge", + "m7gd.16xlarge", + "m7gd.2xlarge", + "m7gd.4xlarge", + "m7gd.8xlarge", + "m7gd.large", + "m7gd.medium", + "m7gd.metal", + "m7gd.xlarge", + "m7i.12xlarge", + "m7i.16xlarge", + "m7i.24xlarge", + "m7i.2xlarge", + "m7i.48xlarge", + "m7i.4xlarge", + "m7i.8xlarge", + "m7i-flex.12xlarge", + "m7i-flex.16xlarge", + "m7i-flex.2xlarge", + "m7i-flex.4xlarge", + "m7i-flex.8xlarge", + "m7i-flex.large", + "m7i-flex.xlarge", + "m7i.large", + "m7i.metal-24xl", + "m7i.metal-48xl", + "m7i.xlarge", + "m8a.12xlarge", + "m8a.16xlarge", + "m8a.24xlarge", + "m8a.2xlarge", + "m8a.48xlarge", + "m8a.4xlarge", + "m8a.8xlarge", + "m8a.large", + "m8a.medium", + "m8a.metal-24xl", + "m8a.metal-48xl", + "m8a.xlarge", + "m8g.12xlarge", + "m8g.16xlarge", + "m8g.24xlarge", + "m8g.2xlarge", + "m8g.48xlarge", + "m8g.4xlarge", + "m8g.8xlarge", + "m8g.large", + "m8g.medium", + "m8g.metal-24xl", + "m8g.metal-48xl", + "m8g.xlarge", + "m8gd.12xlarge", + "m8gd.16xlarge", + "m8gd.24xlarge", + "m8gd.2xlarge", + "m8gd.48xlarge", + "m8gd.4xlarge", + "m8gd.8xlarge", + "m8gd.large", + "m8gd.medium", + "m8gd.metal-24xl", + "m8gd.metal-48xl", + "m8gd.xlarge", + "m8i.12xlarge", + "m8i.16xlarge", + "m8i.24xlarge", + "m8i.2xlarge", + "m8i.32xlarge", + "m8i.48xlarge", + "m8i.4xlarge", + "m8i.8xlarge", + "m8i.96xlarge", + "m8i-flex.12xlarge", + "m8i-flex.16xlarge", + "m8i-flex.2xlarge", + "m8i-flex.4xlarge", + "m8i-flex.8xlarge", + "m8i-flex.large", + "m8i-flex.xlarge", + "m8i.large", + "m8i.metal-48xl", + "m8i.metal-96xl", + "m8i.xlarge", "mac1.metal", - "p2.xlarge", - "p2.8xlarge", + "mac2-m1ultra.metal", + "mac2-m2.metal", + "mac2-m2pro.metal", + "mac2.metal", + "mac-m4.metal", + "mac-m4pro.metal", "p2.16xlarge", + "p2.8xlarge", + "p2.xlarge", + "p3.16xlarge", "p3.2xlarge", "p3.8xlarge", - "p3.16xlarge", "p3dn.24xlarge", "p4d.24xlarge", - "r3.large", - "r3.xlarge", + "p4de.24xlarge", + "p5.48xlarge", + "p5.4xlarge", + "p5e.48xlarge", + "p5en.48xlarge", + "p6-b200.48xlarge", + "p6e-gb200.36xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", - "r4.large", - "r4.xlarge", + "r3.large", + "r3.xlarge", + "r4.16xlarge", "r4.2xlarge", "r4.4xlarge", "r4.8xlarge", - "r4.16xlarge", - "r5.large", - "r5.xlarge", - "r5.2xlarge", - "r5.4xlarge", - "r5.8xlarge", + "r4.large", + "r4.xlarge", "r5.12xlarge", "r5.16xlarge", "r5.24xlarge", + "r5.2xlarge", + "r5.4xlarge", + "r5.8xlarge", + "r5.large", "r5.metal", - "r5a.large", - "r5a.xlarge", - "r5a.2xlarge", - "r5a.4xlarge", - "r5a.8xlarge", + "r5.xlarge", "r5a.12xlarge", "r5a.16xlarge", "r5a.24xlarge", - "r5ad.large", - "r5ad.xlarge", - "r5ad.2xlarge", - "r5ad.4xlarge", - "r5ad.8xlarge", + "r5a.2xlarge", + "r5a.4xlarge", + "r5a.8xlarge", + "r5a.large", + "r5a.xlarge", "r5ad.12xlarge", "r5ad.16xlarge", "r5ad.24xlarge", - "r5b.large", - "r5b.xlarge", - "r5b.2xlarge", - "r5b.4xlarge", - "r5b.8xlarge", + "r5ad.2xlarge", + "r5ad.4xlarge", + "r5ad.8xlarge", + "r5ad.large", + "r5ad.xlarge", "r5b.12xlarge", "r5b.16xlarge", "r5b.24xlarge", + "r5b.2xlarge", + "r5b.4xlarge", + "r5b.8xlarge", + "r5b.large", "r5b.metal", - "r5d.large", - "r5d.xlarge", - "r5d.2xlarge", - "r5d.4xlarge", - "r5d.8xlarge", + "r5b.xlarge", "r5d.12xlarge", "r5d.16xlarge", "r5d.24xlarge", + "r5d.2xlarge", + "r5d.4xlarge", + "r5d.8xlarge", + "r5d.large", "r5d.metal", - "r5dn.large", - "r5dn.xlarge", - "r5dn.2xlarge", - "r5dn.4xlarge", - "r5dn.8xlarge", + "r5d.xlarge", "r5dn.12xlarge", "r5dn.16xlarge", "r5dn.24xlarge", - "r5dn.metal", - "r5n.large", - "r5n.xlarge", - "r5n.2xlarge", - "r5n.4xlarge", - "r5n.8xlarge", + "r5dn.2xlarge", + "r5dn.4xlarge", + "r5dn.8xlarge", + "r5dn.large", + "r5dn.metal", + "r5dn.xlarge", "r5n.12xlarge", "r5n.16xlarge", "r5n.24xlarge", + "r5n.2xlarge", + "r5n.4xlarge", + "r5n.8xlarge", + "r5n.large", "r5n.metal", - "r6g.medium", - "r6g.large", - "r6g.xlarge", + "r5n.xlarge", + "r6a.12xlarge", + "r6a.16xlarge", + "r6a.24xlarge", + "r6a.2xlarge", + "r6a.32xlarge", + "r6a.48xlarge", + "r6a.4xlarge", + "r6a.8xlarge", + "r6a.large", + "r6a.metal", + "r6a.xlarge", + "r6g.12xlarge", + "r6g.16xlarge", "r6g.2xlarge", "r6g.4xlarge", "r6g.8xlarge", - "r6g.12xlarge", - "r6g.16xlarge", + "r6g.large", + "r6g.medium", "r6g.metal", - "r6gd.medium", - "r6gd.large", - "r6gd.xlarge", + "r6g.xlarge", + "r6gd.12xlarge", + "r6gd.16xlarge", "r6gd.2xlarge", "r6gd.4xlarge", "r6gd.8xlarge", - "r6gd.12xlarge", - "r6gd.16xlarge", + "r6gd.large", + "r6gd.medium", "r6gd.metal", - "r6i.large", - "r6i.xlarge", - "r6i.2xlarge", - "r6i.4xlarge", - "r6i.8xlarge", + "r6gd.xlarge", "r6i.12xlarge", "r6i.16xlarge", "r6i.24xlarge", + "r6i.2xlarge", "r6i.32xlarge", + "r6i.4xlarge", + "r6i.8xlarge", + "r6i.large", "r6i.metal", + "r6i.xlarge", + "r6id.12xlarge", + "r6id.16xlarge", + "r6id.24xlarge", + "r6id.2xlarge", + "r6id.32xlarge", + "r6id.4xlarge", + "r6id.8xlarge", + "r6id.large", + "r6id.metal", + "r6id.xlarge", + "r6idn.12xlarge", + "r6idn.16xlarge", + "r6idn.24xlarge", + "r6idn.2xlarge", + "r6idn.32xlarge", + "r6idn.4xlarge", + "r6idn.8xlarge", + "r6idn.large", + "r6idn.metal", + "r6idn.xlarge", + "r6in.12xlarge", + "r6in.16xlarge", + "r6in.24xlarge", + "r6in.2xlarge", + "r6in.32xlarge", + "r6in.4xlarge", + "r6in.8xlarge", + "r6in.large", + "r6in.metal", + "r6in.xlarge", + "r7a.12xlarge", + "r7a.16xlarge", + "r7a.24xlarge", + "r7a.2xlarge", + "r7a.32xlarge", + "r7a.48xlarge", + "r7a.4xlarge", + "r7a.8xlarge", + "r7a.large", + "r7a.medium", + "r7a.metal-48xl", + "r7a.xlarge", + "r7g.12xlarge", + "r7g.16xlarge", + "r7g.2xlarge", + "r7g.4xlarge", + "r7g.8xlarge", + "r7g.large", + "r7g.medium", + "r7g.metal", + "r7g.xlarge", + "r7gd.12xlarge", + "r7gd.16xlarge", + "r7gd.2xlarge", + "r7gd.4xlarge", + "r7gd.8xlarge", + "r7gd.large", + "r7gd.medium", + "r7gd.metal", + "r7gd.xlarge", + "r7i.12xlarge", + "r7i.16xlarge", + "r7i.24xlarge", + "r7i.2xlarge", + "r7i.48xlarge", + "r7i.4xlarge", + "r7i.8xlarge", + "r7i.large", + "r7i.metal-24xl", + "r7i.metal-48xl", + "r7i.xlarge", + "r7iz.12xlarge", + "r7iz.16xlarge", + "r7iz.2xlarge", + "r7iz.32xlarge", + "r7iz.4xlarge", + "r7iz.8xlarge", + "r7iz.large", + "r7iz.metal-16xl", + "r7iz.metal-32xl", + "r7iz.xlarge", + "r8a.12xlarge", + "r8a.16xlarge", + "r8a.24xlarge", + "r8a.2xlarge", + "r8a.48xlarge", + "r8a.4xlarge", + "r8a.8xlarge", + "r8a.large", + "r8a.medium", + "r8a.metal-24xl", + "r8a.metal-48xl", + "r8a.xlarge", + "r8g.12xlarge", + "r8g.16xlarge", + "r8g.24xlarge", + "r8g.2xlarge", + "r8g.48xlarge", + "r8g.4xlarge", + "r8g.8xlarge", + "r8g.large", + "r8g.medium", + "r8g.metal-24xl", + "r8g.metal-48xl", + "r8g.xlarge", + "r8gb.12xlarge", + "r8gb.16xlarge", + "r8gb.24xlarge", + "r8gb.2xlarge", + "r8gb.4xlarge", + "r8gb.8xlarge", + "r8gb.large", + "r8gb.medium", + "r8gb.metal-24xl", + "r8gb.xlarge", + "r8gd.12xlarge", + "r8gd.16xlarge", + "r8gd.24xlarge", + "r8gd.2xlarge", + "r8gd.48xlarge", + "r8gd.4xlarge", + "r8gd.8xlarge", + "r8gd.large", + "r8gd.medium", + "r8gd.metal-24xl", + "r8gd.metal-48xl", + "r8gd.xlarge", + "r8gn.12xlarge", + "r8gn.16xlarge", + "r8gn.24xlarge", + "r8gn.2xlarge", + "r8gn.48xlarge", + "r8gn.4xlarge", + "r8gn.8xlarge", + "r8gn.large", + "r8gn.medium", + "r8gn.metal-24xl", + "r8gn.metal-48xl", + "r8gn.xlarge", + "r8i.12xlarge", + "r8i.16xlarge", + "r8i.24xlarge", + "r8i.2xlarge", + "r8i.32xlarge", + "r8i.48xlarge", + "r8i.4xlarge", + "r8i.8xlarge", + "r8i.96xlarge", + "r8i-flex.12xlarge", + "r8i-flex.16xlarge", + "r8i-flex.2xlarge", + "r8i-flex.4xlarge", + "r8i-flex.8xlarge", + "r8i-flex.large", + "r8i-flex.xlarge", + "r8i.large", + "r8i.metal-48xl", + "r8i.metal-96xl", + "r8i.xlarge", "t1.micro", - "t2.nano", + "t2.2xlarge", + "t2.large", + "t2.medium", "t2.micro", + "t2.nano", "t2.small", - "t2.medium", - "t2.large", "t2.xlarge", - "t2.2xlarge", - "t3.nano", + "t3.2xlarge", + "t3.large", + "t3.medium", "t3.micro", + "t3.nano", "t3.small", - "t3.medium", - "t3.large", "t3.xlarge", - "t3.2xlarge", - "t3a.nano", + "t3a.2xlarge", + "t3a.large", + "t3a.medium", "t3a.micro", + "t3a.nano", "t3a.small", - "t3a.medium", - "t3a.large", "t3a.xlarge", - "t3a.2xlarge", - "t4g.nano", + "t4g.2xlarge", + "t4g.large", + "t4g.medium", "t4g.micro", + "t4g.nano", "t4g.small", - "t4g.medium", - "t4g.large", "t4g.xlarge", - "t4g.2xlarge", - "u-6tb1.56xlarge", - "u-6tb1.112xlarge", - "u-9tb1.112xlarge", + "trn1.2xlarge", + "trn1.32xlarge", + "trn1n.32xlarge", + "trn2.3xlarge", + "trn2.48xlarge", + "u7i-12tb.224xlarge", + "u7i-6tb.112xlarge", + "u7i-8tb.112xlarge", + "u7ib-12tb.224xlarge", + "u7in-16tb.224xlarge", + "u7in-24tb.224xlarge", + "u7in-32tb.224xlarge", + "u7inh-32tb.480xlarge", "u-12tb1.112xlarge", - "u-6tb1.metal", - "u-9tb1.metal", "u-12tb1.metal", + "u-18tb1.112xlarge", "u-18tb1.metal", + "u-24tb1.112xlarge", "u-24tb1.metal", - "vt1.3xlarge", - "vt1.6xlarge", - "vt1.24xlarge", + "u-3tb1.56xlarge", + "u-6tb1.112xlarge", + "u-6tb1.56xlarge", + "u-6tb1.metal", + "u-9tb1.112xlarge", + "u-9tb1.metal", + "vt1.24xlarge", + "vt1.3xlarge", + "vt1.6xlarge", "x1.16xlarge", "x1.32xlarge", - "x1e.xlarge", + "x1e.16xlarge", "x1e.2xlarge", + "x1e.32xlarge", "x1e.4xlarge", "x1e.8xlarge", - "x1e.16xlarge", - "x1e.32xlarge", - "x2iezn.2xlarge", - "x2iezn.4xlarge", - "x2iezn.6xlarge", - "x2iezn.8xlarge", - "x2iezn.12xlarge", - "x2iezn.metal", - "x2gd.medium", - "x2gd.large", - "x2gd.xlarge", + "x1e.xlarge", + "x2gd.12xlarge", + "x2gd.16xlarge", "x2gd.2xlarge", "x2gd.4xlarge", "x2gd.8xlarge", - "x2gd.12xlarge", - "x2gd.16xlarge", + "x2gd.large", + "x2gd.medium", "x2gd.metal", - "z1d.large", - "z1d.xlarge", - "z1d.2xlarge", - "z1d.3xlarge", - "z1d.6xlarge", - "z1d.12xlarge", - "z1d.metal", + "x2gd.xlarge", "x2idn.16xlarge", "x2idn.24xlarge", "x2idn.32xlarge", - "x2iedn.xlarge", - "x2iedn.2xlarge", - "x2iedn.4xlarge", - "x2iedn.8xlarge", + "x2idn.metal", "x2iedn.16xlarge", "x2iedn.24xlarge", + "x2iedn.2xlarge", "x2iedn.32xlarge", - "c6a.large", - "c6a.xlarge", - "c6a.2xlarge", - "c6a.4xlarge", - "c6a.8xlarge", - "c6a.12xlarge", - "c6a.16xlarge", - "c6a.24xlarge", - "c6a.32xlarge", - "c6a.48xlarge", - "c6a.metal", - "m6a.metal", - "i4i.large", - "i4i.xlarge", - "i4i.2xlarge", - "i4i.4xlarge", - "i4i.8xlarge", - "i4i.16xlarge", - "i4i.32xlarge", - "i4i.metal", - "x2idn.metal", + "x2iedn.4xlarge", + "x2iedn.8xlarge", "x2iedn.metal", - "c7g.medium", - "c7g.large", - "c7g.xlarge", - "c7g.2xlarge", - "c7g.4xlarge", - "c7g.8xlarge", - "c7g.12xlarge", - "c7g.16xlarge", - "mac2.metal", - "c6id.large", - "c6id.xlarge", - "c6id.2xlarge", - "c6id.4xlarge", - "c6id.8xlarge", - "c6id.12xlarge", - "c6id.16xlarge", - "c6id.24xlarge", - "c6id.32xlarge", - "c6id.metal", - "m6id.large", - "m6id.xlarge", - "m6id.2xlarge", - "m6id.4xlarge", - "m6id.8xlarge", - "m6id.12xlarge", - "m6id.16xlarge", - "m6id.24xlarge", - "m6id.32xlarge", - "m6id.metal", - "r6id.large", - "r6id.xlarge", - "r6id.2xlarge", - "r6id.4xlarge", - "r6id.8xlarge", - "r6id.12xlarge", - "r6id.16xlarge", - "r6id.24xlarge", - "r6id.32xlarge", - "r6id.metal", - "r6a.large", - "r6a.xlarge", - "r6a.2xlarge", - "r6a.4xlarge", - "r6a.8xlarge", - "r6a.12xlarge", - "r6a.16xlarge", - "r6a.24xlarge", - "r6a.32xlarge", - "r6a.48xlarge", - "r6a.metal", - "p4de.24xlarge", - "u-3tb1.56xlarge", - "u-18tb1.112xlarge", - "u-24tb1.112xlarge", - "trn1.2xlarge", - "trn1.32xlarge", - "hpc6id.32xlarge", - "c6in.large", - "c6in.xlarge", - "c6in.2xlarge", - "c6in.4xlarge", - "c6in.8xlarge", - "c6in.12xlarge", - "c6in.16xlarge", - "c6in.24xlarge", - "c6in.32xlarge", - "m6in.large", - "m6in.xlarge", - "m6in.2xlarge", - "m6in.4xlarge", - "m6in.8xlarge", - "m6in.12xlarge", - "m6in.16xlarge", - "m6in.24xlarge", - "m6in.32xlarge", - "m6idn.large", - "m6idn.xlarge", - "m6idn.2xlarge", - "m6idn.4xlarge", - "m6idn.8xlarge", - "m6idn.12xlarge", - "m6idn.16xlarge", - "m6idn.24xlarge", - "m6idn.32xlarge", - "r6in.large", - "r6in.xlarge", - "r6in.2xlarge", - "r6in.4xlarge", - "r6in.8xlarge", - "r6in.12xlarge", - "r6in.16xlarge", - "r6in.24xlarge", - "r6in.32xlarge", - "r6idn.large", - "r6idn.xlarge", - "r6idn.2xlarge", - "r6idn.4xlarge", - "r6idn.8xlarge", - "r6idn.12xlarge", - "r6idn.16xlarge", - "r6idn.24xlarge", - "r6idn.32xlarge", - "c7g.metal", - "m7g.medium", - "m7g.large", - "m7g.xlarge", - "m7g.2xlarge", - "m7g.4xlarge", - "m7g.8xlarge", - "m7g.12xlarge", - "m7g.16xlarge", - "m7g.metal", - "r7g.medium", - "r7g.large", - "r7g.xlarge", - "r7g.2xlarge", - "r7g.4xlarge", - "r7g.8xlarge", - "r7g.12xlarge", - "r7g.16xlarge", - "r7g.metal", - "c6in.metal", - "m6in.metal", - "m6idn.metal", - "r6in.metal", - "r6idn.metal", - "inf2.xlarge", - "inf2.8xlarge", - "inf2.24xlarge", - "inf2.48xlarge", - "trn1n.32xlarge", - "i4g.large", - "i4g.xlarge", - "i4g.2xlarge", - "i4g.4xlarge", - "i4g.8xlarge", - "i4g.16xlarge", - "hpc7g.4xlarge", - "hpc7g.8xlarge", - "hpc7g.16xlarge", - "c7gn.medium", - "c7gn.large", - "c7gn.xlarge", - "c7gn.2xlarge", - "c7gn.4xlarge", - "c7gn.8xlarge", - "c7gn.12xlarge", - "c7gn.16xlarge", - "p5.48xlarge", - "m7i.large", - "m7i.xlarge", - "m7i.2xlarge", - "m7i.4xlarge", - "m7i.8xlarge", - "m7i.12xlarge", - "m7i.16xlarge", - "m7i.24xlarge", - "m7i.48xlarge", - "m7i-flex.large", - "m7i-flex.xlarge", - "m7i-flex.2xlarge", - "m7i-flex.4xlarge", - "m7i-flex.8xlarge", - "m7a.medium", - "m7a.large", - "m7a.xlarge", - "m7a.2xlarge", - "m7a.4xlarge", - "m7a.8xlarge", - "m7a.12xlarge", - "m7a.16xlarge", - "m7a.24xlarge", - "m7a.32xlarge", - "m7a.48xlarge", - "m7a.metal-48xl", - "hpc7a.12xlarge", - "hpc7a.24xlarge", - "hpc7a.48xlarge", - "hpc7a.96xlarge", - "c7gd.medium", - "c7gd.large", - "c7gd.xlarge", - "c7gd.2xlarge", - "c7gd.4xlarge", - "c7gd.8xlarge", - "c7gd.12xlarge", - "c7gd.16xlarge", - "m7gd.medium", - "m7gd.large", - "m7gd.xlarge", - "m7gd.2xlarge", - "m7gd.4xlarge", - "m7gd.8xlarge", - "m7gd.12xlarge", - "m7gd.16xlarge", - "r7gd.medium", - "r7gd.large", - "r7gd.xlarge", - "r7gd.2xlarge", - "r7gd.4xlarge", - "r7gd.8xlarge", - "r7gd.12xlarge", - "r7gd.16xlarge", - "r7a.medium", - "r7a.large", - "r7a.xlarge", - "r7a.2xlarge", - "r7a.4xlarge", - "r7a.8xlarge", - "r7a.12xlarge", - "r7a.16xlarge", - "r7a.24xlarge", - "r7a.32xlarge", - "r7a.48xlarge", - "c7i.large", - "c7i.xlarge", - "c7i.2xlarge", - "c7i.4xlarge", - "c7i.8xlarge", - "c7i.12xlarge", - "c7i.16xlarge", - "c7i.24xlarge", - "c7i.48xlarge", - "mac2-m2pro.metal", - "r7iz.large", - "r7iz.xlarge", - "r7iz.2xlarge", - "r7iz.4xlarge", - "r7iz.8xlarge", - "r7iz.12xlarge", - "r7iz.16xlarge", - "r7iz.32xlarge", - "c7a.medium", - "c7a.large", - "c7a.xlarge", - "c7a.2xlarge", - "c7a.4xlarge", - "c7a.8xlarge", - "c7a.12xlarge", - "c7a.16xlarge", - "c7a.24xlarge", - "c7a.32xlarge", - "c7a.48xlarge", - "c7a.metal-48xl", - "r7a.metal-48xl", - "r7i.large", - "r7i.xlarge", - "r7i.2xlarge", - "r7i.4xlarge", - "r7i.8xlarge", - "r7i.12xlarge", - "r7i.16xlarge", - "r7i.24xlarge", - "r7i.48xlarge", - "dl2q.24xlarge", - "mac2-m2.metal", - "i4i.12xlarge", - "i4i.24xlarge", - "c7i.metal-24xl", - "c7i.metal-48xl", - "m7i.metal-24xl", - "m7i.metal-48xl", - "r7i.metal-24xl", - "r7i.metal-48xl", - "r7iz.metal-16xl", - "r7iz.metal-32xl", - "c7gd.metal", - "m7gd.metal", - "r7gd.metal", - "g6.xlarge", - "g6.2xlarge", - "g6.4xlarge", - "g6.8xlarge", - "g6.12xlarge", - "g6.16xlarge", - "g6.24xlarge", - "g6.48xlarge", - "gr6.4xlarge", - "gr6.8xlarge", - "c7i-flex.large", - "c7i-flex.xlarge", - "c7i-flex.2xlarge", - "c7i-flex.4xlarge", - "c7i-flex.8xlarge", - "u7i-12tb.224xlarge", - "u7in-16tb.224xlarge", - "u7in-24tb.224xlarge", - "u7in-32tb.224xlarge", - "u7ib-12tb.224xlarge", - "c7gn.metal", - "r8g.medium", - "r8g.large", - "r8g.xlarge", - "r8g.2xlarge", - "r8g.4xlarge", - "r8g.8xlarge", - "r8g.12xlarge", - "r8g.16xlarge", - "r8g.24xlarge", - "r8g.48xlarge", - "r8g.metal-24xl", - "r8g.metal-48xl", - "mac2-m1ultra.metal", - "g6e.xlarge", - "g6e.2xlarge", - "g6e.4xlarge", - "g6e.8xlarge", - "g6e.12xlarge", - "g6e.16xlarge", - "g6e.24xlarge", - "g6e.48xlarge", - "c8g.medium", - "c8g.large", - "c8g.xlarge", - "c8g.2xlarge", - "c8g.4xlarge", - "c8g.8xlarge", - "c8g.12xlarge", - "c8g.16xlarge", - "c8g.24xlarge", - "c8g.48xlarge", - "c8g.metal-24xl", - "c8g.metal-48xl", - "m8g.medium", - "m8g.large", - "m8g.xlarge", - "m8g.2xlarge", - "m8g.4xlarge", - "m8g.8xlarge", - "m8g.12xlarge", - "m8g.16xlarge", - "m8g.24xlarge", - "m8g.48xlarge", - "m8g.metal-24xl", - "m8g.metal-48xl", - "x8g.medium", - "x8g.large", - "x8g.xlarge", - "x8g.2xlarge", - "x8g.4xlarge", - "x8g.8xlarge", + "x2iedn.xlarge", + "x2iezn.12xlarge", + "x2iezn.2xlarge", + "x2iezn.4xlarge", + "x2iezn.6xlarge", + "x2iezn.8xlarge", + "x2iezn.metal", "x8g.12xlarge", "x8g.16xlarge", "x8g.24xlarge", + "x8g.2xlarge", "x8g.48xlarge", + "x8g.4xlarge", + "x8g.8xlarge", + "x8g.large", + "x8g.medium", "x8g.metal-24xl", "x8g.metal-48xl", - "i7ie.large", - "i7ie.xlarge", - "i7ie.2xlarge", - "i7ie.3xlarge", - "i7ie.6xlarge", - "i7ie.12xlarge", - "i7ie.18xlarge", - "i7ie.24xlarge", - "i7ie.48xlarge", - "i8g.large", - "i8g.xlarge", - "i8g.2xlarge", - "i8g.4xlarge", - "i8g.8xlarge", - "i8g.12xlarge", - "i8g.16xlarge", - "i8g.24xlarge", - "i8g.metal-24xl", - "u7i-6tb.112xlarge", - "u7i-8tb.112xlarge", - "u7inh-32tb.480xlarge", - "p5e.48xlarge", - "p5en.48xlarge", - "f2.12xlarge", - "f2.48xlarge", - "trn2.48xlarge", - "c7i-flex.12xlarge", - "c7i-flex.16xlarge", - "m7i-flex.12xlarge", - "m7i-flex.16xlarge", - "i7ie.metal-24xl", - "i7ie.metal-48xl", - "i8g.48xlarge", - "c8gd.medium", - "c8gd.large", - "c8gd.xlarge", - "c8gd.2xlarge", - "c8gd.4xlarge", - "c8gd.8xlarge", - "c8gd.12xlarge", - "c8gd.16xlarge", - "c8gd.24xlarge", - "c8gd.48xlarge", - "c8gd.metal-24xl", - "c8gd.metal-48xl", - "i7i.large", - "i7i.xlarge", - "i7i.2xlarge", - "i7i.4xlarge", - "i7i.8xlarge", - "i7i.12xlarge", - "i7i.16xlarge", - "i7i.24xlarge", - "i7i.48xlarge", - "i7i.metal-24xl", - "i7i.metal-48xl", - "p6-b200.48xlarge", - "m8gd.medium", - "m8gd.large", - "m8gd.xlarge", - "m8gd.2xlarge", - "m8gd.4xlarge", - "m8gd.8xlarge", - "m8gd.12xlarge", - "m8gd.16xlarge", - "m8gd.24xlarge", - "m8gd.48xlarge", - "m8gd.metal-24xl", - "m8gd.metal-48xl", - "r8gd.medium", - "r8gd.large", - "r8gd.xlarge", - "r8gd.2xlarge", - "r8gd.4xlarge", - "r8gd.8xlarge", - "r8gd.12xlarge", - "r8gd.16xlarge", - "r8gd.24xlarge", - "r8gd.48xlarge", - "r8gd.metal-24xl", - "r8gd.metal-48xl", - "c8gn.medium", - "c8gn.large", - "c8gn.xlarge", - "c8gn.2xlarge", - "c8gn.4xlarge", - "c8gn.8xlarge", - "c8gn.12xlarge", - "c8gn.16xlarge", - "c8gn.24xlarge", - "c8gn.48xlarge", - "c8gn.metal-24xl", - "c8gn.metal-48xl", - "f2.6xlarge", - "p6e-gb200.36xlarge", - "g6f.large", - "g6f.xlarge", - "g6f.2xlarge", - "g6f.4xlarge", - "gr6f.4xlarge", - "p5.4xlarge", - "r8i.large", - "r8i.xlarge", - "r8i.2xlarge", - "r8i.4xlarge", - "r8i.8xlarge", - "r8i.12xlarge", - "r8i.16xlarge", - "r8i.24xlarge", - "r8i.32xlarge", - "r8i.48xlarge", - "r8i.96xlarge", - "r8i.metal-48xl", - "r8i.metal-96xl", - "r8i-flex.large", - "r8i-flex.xlarge", - "r8i-flex.2xlarge", - "r8i-flex.4xlarge", - "r8i-flex.8xlarge", - "r8i-flex.12xlarge", - "r8i-flex.16xlarge", - "m8i.large", - "m8i.xlarge", - "m8i.2xlarge", - "m8i.4xlarge", - "m8i.8xlarge", - "m8i.12xlarge", - "m8i.16xlarge", - "m8i.24xlarge", - "m8i.32xlarge", - "m8i.48xlarge", - "m8i.96xlarge", - "m8i.metal-48xl", - "m8i.metal-96xl", - "m8i-flex.large", - "m8i-flex.xlarge", - "m8i-flex.2xlarge", - "m8i-flex.4xlarge", - "m8i-flex.8xlarge", - "m8i-flex.12xlarge", - "m8i-flex.16xlarge", - "i8ge.large", - "i8ge.xlarge", - "i8ge.2xlarge", - "i8ge.3xlarge", - "i8ge.6xlarge", - "i8ge.12xlarge", - "i8ge.18xlarge", - "i8ge.24xlarge", - "i8ge.48xlarge", - "i8ge.metal-24xl", - "i8ge.metal-48xl", - "mac-m4.metal", - "mac-m4pro.metal", - "r8gn.medium", - "r8gn.large", - "r8gn.xlarge", - "r8gn.2xlarge", - "r8gn.4xlarge", - "r8gn.8xlarge", - "r8gn.12xlarge", - "r8gn.16xlarge", - "r8gn.24xlarge", - "r8gn.48xlarge", - "r8gn.metal-24xl", - "r8gn.metal-48xl", - "c8i.large", - "c8i.xlarge", - "c8i.2xlarge", - "c8i.4xlarge", - "c8i.8xlarge", - "c8i.12xlarge", - "c8i.16xlarge", - "c8i.24xlarge", - "c8i.32xlarge", - "c8i.48xlarge", - "c8i.96xlarge", - "c8i.metal-48xl", - "c8i.metal-96xl", - "c8i-flex.large", - "c8i-flex.xlarge", - "c8i-flex.2xlarge", - "c8i-flex.4xlarge", - "c8i-flex.8xlarge", - "c8i-flex.12xlarge", - "c8i-flex.16xlarge", - "r8gb.medium", - "r8gb.large", - "r8gb.xlarge", - "r8gb.2xlarge", - "r8gb.4xlarge", - "r8gb.8xlarge", - "r8gb.12xlarge", - "r8gb.16xlarge", - "r8gb.24xlarge", - "r8gb.metal-24xl", - "m8a.medium", - "m8a.large", - "m8a.xlarge", - "m8a.2xlarge", - "m8a.4xlarge", - "m8a.8xlarge", - "m8a.12xlarge", - "m8a.16xlarge", - "m8a.24xlarge", - "m8a.48xlarge", - "m8a.metal-24xl", - "m8a.metal-48xl", + "x8g.xlarge", + "z1d.12xlarge", + "z1d.2xlarge", + "z1d.3xlarge", + "z1d.6xlarge", + "z1d.large", + "z1d.metal", + "z1d.xlarge", }, } } diff --git a/rules/models/aws_lb_invalid_ip_address_type.go b/rules/models/aws_lb_invalid_ip_address_type.go index fdb0a84c..2476bd15 100644 --- a/rules/models/aws_lb_invalid_ip_address_type.go +++ b/rules/models/aws_lb_invalid_ip_address_type.go @@ -25,9 +25,9 @@ func NewAwsLbInvalidIPAddressTypeRule() *AwsLbInvalidIPAddressTypeRule { resourceType: "aws_lb", attributeName: "ip_address_type", enum: []string{ - "ipv4", "dualstack", "dualstack-without-public-ipv4", + "ipv4", }, } } diff --git a/rules/models/aws_lb_invalid_load_balancer_type.go b/rules/models/aws_lb_invalid_load_balancer_type.go index cbc8cf5f..af8c8dea 100644 --- a/rules/models/aws_lb_invalid_load_balancer_type.go +++ b/rules/models/aws_lb_invalid_load_balancer_type.go @@ -26,8 +26,8 @@ func NewAwsLbInvalidLoadBalancerTypeRule() *AwsLbInvalidLoadBalancerTypeRule { attributeName: "load_balancer_type", enum: []string{ "application", - "network", "gateway", + "network", }, } } diff --git a/rules/models/aws_lb_listener_invalid_protocol.go b/rules/models/aws_lb_listener_invalid_protocol.go index 529d6150..663bb09f 100644 --- a/rules/models/aws_lb_listener_invalid_protocol.go +++ b/rules/models/aws_lb_listener_invalid_protocol.go @@ -25,13 +25,13 @@ func NewAwsLbListenerInvalidProtocolRule() *AwsLbListenerInvalidProtocolRule { resourceType: "aws_lb_listener", attributeName: "protocol", enum: []string{ + "GENEVE", "HTTP", "HTTPS", "TCP", + "TCP_UDP", "TLS", "UDP", - "TCP_UDP", - "GENEVE", }, } } diff --git a/rules/models/aws_lb_target_group_invalid_protocol.go b/rules/models/aws_lb_target_group_invalid_protocol.go index f64660d3..519632f4 100644 --- a/rules/models/aws_lb_target_group_invalid_protocol.go +++ b/rules/models/aws_lb_target_group_invalid_protocol.go @@ -25,13 +25,13 @@ func NewAwsLbTargetGroupInvalidProtocolRule() *AwsLbTargetGroupInvalidProtocolRu resourceType: "aws_lb_target_group", attributeName: "protocol", enum: []string{ + "GENEVE", "HTTP", "HTTPS", "TCP", + "TCP_UDP", "TLS", "UDP", - "TCP_UDP", - "GENEVE", }, } } diff --git a/rules/models/aws_lb_target_group_invalid_target_type.go b/rules/models/aws_lb_target_group_invalid_target_type.go index 556d57c1..29dd1353 100644 --- a/rules/models/aws_lb_target_group_invalid_target_type.go +++ b/rules/models/aws_lb_target_group_invalid_target_type.go @@ -25,10 +25,10 @@ func NewAwsLbTargetGroupInvalidTargetTypeRule() *AwsLbTargetGroupInvalidTargetTy resourceType: "aws_lb_target_group", attributeName: "target_type", enum: []string{ + "alb", "instance", "ip", "lambda", - "alb", }, } } diff --git a/rules/models/aws_licensemanager_license_configuration_invalid_license_counting_type.go b/rules/models/aws_licensemanager_license_configuration_invalid_license_counting_type.go index 47bd2e21..671363cf 100644 --- a/rules/models/aws_licensemanager_license_configuration_invalid_license_counting_type.go +++ b/rules/models/aws_licensemanager_license_configuration_invalid_license_counting_type.go @@ -25,10 +25,10 @@ func NewAwsLicensemanagerLicenseConfigurationInvalidLicenseCountingTypeRule() *A resourceType: "aws_licensemanager_license_configuration", attributeName: "license_counting_type", enum: []string{ - "vCPU", - "Instance", "Core", + "Instance", "Socket", + "vCPU", }, } } diff --git a/rules/models/aws_macie2_account_invalid_status.go b/rules/models/aws_macie2_account_invalid_status.go index 000f092a..07331094 100644 --- a/rules/models/aws_macie2_account_invalid_status.go +++ b/rules/models/aws_macie2_account_invalid_status.go @@ -25,8 +25,8 @@ func NewAwsMacie2AccountInvalidStatusRule() *AwsMacie2AccountInvalidStatusRule { resourceType: "aws_macie2_account", attributeName: "status", enum: []string{ - "PAUSED", "ENABLED", + "PAUSED", }, } } diff --git a/rules/models/aws_macie2_classification_job_invalid_job_status.go b/rules/models/aws_macie2_classification_job_invalid_job_status.go index 664bfc38..c98f52f8 100644 --- a/rules/models/aws_macie2_classification_job_invalid_job_status.go +++ b/rules/models/aws_macie2_classification_job_invalid_job_status.go @@ -25,11 +25,11 @@ func NewAwsMacie2ClassificationJobInvalidJobStatusRule() *AwsMacie2Classificatio resourceType: "aws_macie2_classification_job", attributeName: "job_status", enum: []string{ - "RUNNING", - "PAUSED", "CANCELLED", "COMPLETE", "IDLE", + "PAUSED", + "RUNNING", "USER_PAUSED", }, } diff --git a/rules/models/aws_mq_broker_invalid_deployment_mode.go b/rules/models/aws_mq_broker_invalid_deployment_mode.go index ecd74e86..785ae9d2 100644 --- a/rules/models/aws_mq_broker_invalid_deployment_mode.go +++ b/rules/models/aws_mq_broker_invalid_deployment_mode.go @@ -25,9 +25,9 @@ func NewAwsMqBrokerInvalidDeploymentModeRule() *AwsMqBrokerInvalidDeploymentMode resourceType: "aws_mq_broker", attributeName: "deployment_mode", enum: []string{ - "SINGLE_INSTANCE", "ACTIVE_STANDBY_MULTI_AZ", "CLUSTER_MULTI_AZ", + "SINGLE_INSTANCE", }, } } diff --git a/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go b/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go index 6d0dccd2..eb1bddc1 100644 --- a/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go +++ b/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallFirewallInvalidFirewallPolicyArnRule() *AwsNetworkfire attributeName: "firewall_policy_arn", max: 256, min: 1, - pattern: regexp.MustCompile(`^arn:aws.*`), + pattern: regexp.MustCompile(`^arn:aws`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallFirewallInvalidFirewallPolicyArnRule) Check(runner tf if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go b/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go index 5401b1f3..d00554b9 100644 --- a/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go +++ b/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallLoggingConfigurationInvalidFirewallArnRule() *AwsNetwo attributeName: "firewall_arn", max: 256, min: 1, - pattern: regexp.MustCompile(`^arn:aws.*`), + pattern: regexp.MustCompile(`^arn:aws`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallLoggingConfigurationInvalidFirewallArnRule) Check(run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go b/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go index f3fdaa3e..a1fac3a0 100644 --- a/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go +++ b/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallResourcePolicyInvalidResourceArnRule() *AwsNetworkfire attributeName: "resource_arn", max: 256, min: 1, - pattern: regexp.MustCompile(`^arn:aws.*`), + pattern: regexp.MustCompile(`^arn:aws`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallResourcePolicyInvalidResourceArnRule) Check(runner tf if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_rule_group_invalid_type.go b/rules/models/aws_networkfirewall_rule_group_invalid_type.go index ed9cc2af..da6de326 100644 --- a/rules/models/aws_networkfirewall_rule_group_invalid_type.go +++ b/rules/models/aws_networkfirewall_rule_group_invalid_type.go @@ -25,8 +25,8 @@ func NewAwsNetworkfirewallRuleGroupInvalidTypeRule() *AwsNetworkfirewallRuleGrou resourceType: "aws_networkfirewall_rule_group", attributeName: "type", enum: []string{ - "STATELESS", "STATEFUL", + "STATELESS", }, } } diff --git a/rules/models/aws_organizations_policy_invalid_type.go b/rules/models/aws_organizations_policy_invalid_type.go index 986b2ce5..9a6f6100 100644 --- a/rules/models/aws_organizations_policy_invalid_type.go +++ b/rules/models/aws_organizations_policy_invalid_type.go @@ -25,14 +25,14 @@ func NewAwsOrganizationsPolicyInvalidTypeRule() *AwsOrganizationsPolicyInvalidTy resourceType: "aws_organizations_policy", attributeName: "type", enum: []string{ - "SERVICE_CONTROL_POLICY", - "RESOURCE_CONTROL_POLICY", - "TAG_POLICY", - "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY", + "BACKUP_POLICY", "CHATBOT_POLICY", "DECLARATIVE_POLICY_EC2", + "RESOURCE_CONTROL_POLICY", "SECURITYHUB_POLICY", + "SERVICE_CONTROL_POLICY", + "TAG_POLICY", }, } } diff --git a/rules/models/aws_placement_group_invalid_strategy.go b/rules/models/aws_placement_group_invalid_strategy.go index b9c0668d..040c7169 100644 --- a/rules/models/aws_placement_group_invalid_strategy.go +++ b/rules/models/aws_placement_group_invalid_strategy.go @@ -26,8 +26,8 @@ func NewAwsPlacementGroupInvalidStrategyRule() *AwsPlacementGroupInvalidStrategy attributeName: "strategy", enum: []string{ "cluster", - "spread", "partition", + "spread", }, } } diff --git a/rules/models/aws_prometheus_alert_manager_definition_invalid_workspace_id.go b/rules/models/aws_prometheus_alert_manager_definition_invalid_workspace_id.go index 5e82a14b..ff628efd 100644 --- a/rules/models/aws_prometheus_alert_manager_definition_invalid_workspace_id.go +++ b/rules/models/aws_prometheus_alert_manager_definition_invalid_workspace_id.go @@ -29,7 +29,7 @@ func NewAwsPrometheusAlertManagerDefinitionInvalidWorkspaceIDRule() *AwsPromethe attributeName: "workspace_id", max: 64, min: 1, - pattern: regexp.MustCompile(`^.*[0-9A-Za-z][-.0-9A-Z_a-z]*.*$`), + pattern: regexp.MustCompile(`^[0-9A-Za-z][-.0-9A-Z_a-z]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsPrometheusAlertManagerDefinitionInvalidWorkspaceIDRule) Check(runner if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*[0-9A-Za-z][-.0-9A-Z_a-z]*.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][-.0-9A-Z_a-z]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_prometheus_rule_group_namespace_invalid_name.go b/rules/models/aws_prometheus_rule_group_namespace_invalid_name.go index e9331269..d2552109 100644 --- a/rules/models/aws_prometheus_rule_group_namespace_invalid_name.go +++ b/rules/models/aws_prometheus_rule_group_namespace_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsPrometheusRuleGroupNamespaceInvalidNameRule() *AwsPrometheusRuleGroup attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*[0-9A-Za-z][-.0-9A-Z_a-z]*.*$`), + pattern: regexp.MustCompile(`^[0-9A-Za-z][-.0-9A-Z_a-z]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsPrometheusRuleGroupNamespaceInvalidNameRule) Check(runner tflint.Run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*[0-9A-Za-z][-.0-9A-Z_a-z]*.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][-.0-9A-Z_a-z]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_prometheus_rule_group_namespace_invalid_workspace_id.go b/rules/models/aws_prometheus_rule_group_namespace_invalid_workspace_id.go index 4c1fc5e3..0f0d84c0 100644 --- a/rules/models/aws_prometheus_rule_group_namespace_invalid_workspace_id.go +++ b/rules/models/aws_prometheus_rule_group_namespace_invalid_workspace_id.go @@ -29,7 +29,7 @@ func NewAwsPrometheusRuleGroupNamespaceInvalidWorkspaceIDRule() *AwsPrometheusRu attributeName: "workspace_id", max: 64, min: 1, - pattern: regexp.MustCompile(`^.*[0-9A-Za-z][-.0-9A-Z_a-z]*.*$`), + pattern: regexp.MustCompile(`^[0-9A-Za-z][-.0-9A-Z_a-z]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsPrometheusRuleGroupNamespaceInvalidWorkspaceIDRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*[0-9A-Za-z][-.0-9A-Z_a-z]*.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][-.0-9A-Z_a-z]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_quicksight_data_source_invalid_type.go b/rules/models/aws_quicksight_data_source_invalid_type.go index 38c6c509..b034e2bc 100644 --- a/rules/models/aws_quicksight_data_source_invalid_type.go +++ b/rules/models/aws_quicksight_data_source_invalid_type.go @@ -27,41 +27,41 @@ func NewAwsQuicksightDataSourceInvalidTypeRule() *AwsQuicksightDataSourceInvalid enum: []string{ "ADOBE_ANALYTICS", "AMAZON_ELASTICSEARCH", + "AMAZON_OPENSEARCH", "ATHENA", "AURORA", "AURORA_POSTGRESQL", "AWS_IOT_ANALYTICS", + "BIGQUERY", + "CONFLUENCE", + "DATABRICKS", + "EXASOL", "GITHUB", + "GOOGLESHEETS", + "GOOGLE_DRIVE", "JIRA", "MARIADB", "MYSQL", + "ONE_DRIVE", "ORACLE", "POSTGRESQL", "PRESTO", + "QBUSINESS", "REDSHIFT", "S3", + "S3_KNOWLEDGE_BASE", "SALESFORCE", "SERVICENOW", + "SHAREPOINT", "SNOWFLAKE", "SPARK", "SQLSERVER", + "STARBURST", "TERADATA", - "TWITTER", "TIMESTREAM", - "AMAZON_OPENSEARCH", - "EXASOL", - "DATABRICKS", - "STARBURST", "TRINO", - "BIGQUERY", - "GOOGLESHEETS", - "GOOGLE_DRIVE", - "CONFLUENCE", - "SHAREPOINT", - "ONE_DRIVE", + "TWITTER", "WEB_CRAWLER", - "S3_KNOWLEDGE_BASE", - "QBUSINESS", }, } } diff --git a/rules/models/aws_quicksight_user_invalid_identity_type.go b/rules/models/aws_quicksight_user_invalid_identity_type.go index 9010a4b3..a4cc116f 100644 --- a/rules/models/aws_quicksight_user_invalid_identity_type.go +++ b/rules/models/aws_quicksight_user_invalid_identity_type.go @@ -26,8 +26,8 @@ func NewAwsQuicksightUserInvalidIdentityTypeRule() *AwsQuicksightUserInvalidIden attributeName: "identity_type", enum: []string{ "IAM", - "QUICKSIGHT", "IAM_IDENTITY_CENTER", + "QUICKSIGHT", }, } } diff --git a/rules/models/aws_quicksight_user_invalid_user_role.go b/rules/models/aws_quicksight_user_invalid_user_role.go index ab84b5dd..703af39b 100644 --- a/rules/models/aws_quicksight_user_invalid_user_role.go +++ b/rules/models/aws_quicksight_user_invalid_user_role.go @@ -26,13 +26,13 @@ func NewAwsQuicksightUserInvalidUserRoleRule() *AwsQuicksightUserInvalidUserRole attributeName: "user_role", enum: []string{ "ADMIN", + "ADMIN_PRO", "AUTHOR", + "AUTHOR_PRO", "READER", + "READER_PRO", "RESTRICTED_AUTHOR", "RESTRICTED_READER", - "ADMIN_PRO", - "AUTHOR_PRO", - "READER_PRO", }, } } diff --git a/rules/models/aws_route53_health_check_invalid_cloudwatch_alarm_region.go b/rules/models/aws_route53_health_check_invalid_cloudwatch_alarm_region.go index 930bae3c..7d361f3d 100644 --- a/rules/models/aws_route53_health_check_invalid_cloudwatch_alarm_region.go +++ b/rules/models/aws_route53_health_check_invalid_cloudwatch_alarm_region.go @@ -29,51 +29,51 @@ func NewAwsRoute53HealthCheckInvalidCloudwatchAlarmRegionRule() *AwsRoute53Healt max: 64, min: 1, enum: []string{ - "us-east-1", - "us-east-2", - "us-west-1", - "us-west-2", - "ca-central-1", - "eu-central-1", - "eu-central-2", - "eu-west-1", - "eu-west-2", - "eu-west-3", + "af-south-1", "ap-east-1", - "me-south-1", - "me-central-1", + "ap-east-2", + "ap-northeast-1", + "ap-northeast-2", + "ap-northeast-3", "ap-south-1", "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", - "ap-northeast-1", - "ap-northeast-2", - "ap-northeast-3", - "eu-north-1", - "sa-east-1", - "cn-northwest-1", + "ap-southeast-4", + "ap-southeast-5", + "ap-southeast-6", + "ap-southeast-7", + "ca-central-1", + "ca-west-1", "cn-north-1", - "af-south-1", + "cn-northwest-1", + "eu-central-1", + "eu-central-2", + "eu-isoe-west-1", + "eu-north-1", "eu-south-1", "eu-south-2", - "us-gov-west-1", + "eu-west-1", + "eu-west-2", + "eu-west-3", + "il-central-1", + "me-central-1", + "me-south-1", + "mx-central-1", + "sa-east-1", + "us-east-1", + "us-east-2", "us-gov-east-1", + "us-gov-west-1", "us-iso-east-1", "us-iso-west-1", "us-isob-east-1", - "ap-southeast-4", - "il-central-1", - "ca-west-1", - "ap-southeast-5", - "mx-central-1", - "us-isof-south-1", - "us-isof-east-1", - "ap-southeast-7", - "ap-east-2", - "eu-isoe-west-1", - "ap-southeast-6", "us-isob-west-1", + "us-isof-east-1", + "us-isof-south-1", + "us-west-1", + "us-west-2", }, } } diff --git a/rules/models/aws_route53_health_check_invalid_insufficient_data_health_status.go b/rules/models/aws_route53_health_check_invalid_insufficient_data_health_status.go index 802bbf91..49e67dc9 100644 --- a/rules/models/aws_route53_health_check_invalid_insufficient_data_health_status.go +++ b/rules/models/aws_route53_health_check_invalid_insufficient_data_health_status.go @@ -26,8 +26,8 @@ func NewAwsRoute53HealthCheckInvalidInsufficientDataHealthStatusRule() *AwsRoute attributeName: "insufficient_data_health_status", enum: []string{ "Healthy", - "Unhealthy", "LastKnownStatus", + "Unhealthy", }, } } diff --git a/rules/models/aws_route53_health_check_invalid_type.go b/rules/models/aws_route53_health_check_invalid_type.go index b1feab88..f5735cfa 100644 --- a/rules/models/aws_route53_health_check_invalid_type.go +++ b/rules/models/aws_route53_health_check_invalid_type.go @@ -25,14 +25,14 @@ func NewAwsRoute53HealthCheckInvalidTypeRule() *AwsRoute53HealthCheckInvalidType resourceType: "aws_route53_health_check", attributeName: "type", enum: []string{ + "CALCULATED", + "CLOUDWATCH_METRIC", "HTTP", "HTTPS", - "HTTP_STR_MATCH", "HTTPS_STR_MATCH", - "TCP", - "CALCULATED", - "CLOUDWATCH_METRIC", + "HTTP_STR_MATCH", "RECOVERY_CONTROL", + "TCP", }, } } diff --git a/rules/models/aws_route53_record_invalid_type.go b/rules/models/aws_route53_record_invalid_type.go index 6257a3b0..1137fa1e 100644 --- a/rules/models/aws_route53_record_invalid_type.go +++ b/rules/models/aws_route53_record_invalid_type.go @@ -25,23 +25,23 @@ func NewAwsRoute53RecordInvalidTypeRule() *AwsRoute53RecordInvalidTypeRule { resourceType: "aws_route53_record", attributeName: "type", enum: []string{ - "SOA", "A", - "TXT", - "NS", + "AAAA", + "CAA", "CNAME", + "DS", + "HTTPS", "MX", "NAPTR", + "NS", "PTR", - "SRV", + "SOA", "SPF", - "AAAA", - "CAA", - "DS", - "TLSA", + "SRV", "SSHFP", "SVCB", - "HTTPS", + "TLSA", + "TXT", }, } } diff --git a/rules/models/aws_route53_record_invalid_zone_id.go b/rules/models/aws_route53_record_invalid_zone_id.go new file mode 100644 index 00000000..3afcb16d --- /dev/null +++ b/rules/models/aws_route53_record_invalid_zone_id.go @@ -0,0 +1,84 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/logger" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsRoute53RecordInvalidZoneIDRule checks the pattern is valid +type AwsRoute53RecordInvalidZoneIDRule struct { + tflint.DefaultRule + + resourceType string + attributeName string + max int +} + +// NewAwsRoute53RecordInvalidZoneIDRule returns new rule with default attributes +func NewAwsRoute53RecordInvalidZoneIDRule() *AwsRoute53RecordInvalidZoneIDRule { + return &AwsRoute53RecordInvalidZoneIDRule{ + resourceType: "aws_route53_record", + attributeName: "zone_id", + max: 32, + } +} + +// Name returns the rule name +func (r *AwsRoute53RecordInvalidZoneIDRule) Name() string { + return "aws_route53_record_invalid_zone_id" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsRoute53RecordInvalidZoneIDRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsRoute53RecordInvalidZoneIDRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsRoute53RecordInvalidZoneIDRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsRoute53RecordInvalidZoneIDRule) Check(runner tflint.Runner) error { + logger.Trace("Check `%s` rule", r.Name()) + + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{ + {Name: r.attributeName}, + }, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func (val string) error { + if len(val) > r.max { + runner.EmitIssue( + r, + "zone_id must be 32 characters or less", + attribute.Expr.Range(), + ) + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/models/aws_route53_resolver_endpoint_invalid_direction.go b/rules/models/aws_route53_resolver_endpoint_invalid_direction.go index d05cacc5..0fdc729a 100644 --- a/rules/models/aws_route53_resolver_endpoint_invalid_direction.go +++ b/rules/models/aws_route53_resolver_endpoint_invalid_direction.go @@ -26,8 +26,8 @@ func NewAwsRoute53ResolverEndpointInvalidDirectionRule() *AwsRoute53ResolverEndp attributeName: "direction", enum: []string{ "INBOUND", - "OUTBOUND", "INBOUND_DELEGATION", + "OUTBOUND", }, } } diff --git a/rules/models/aws_route53_resolver_firewall_config_invalid_firewall_fail_open.go b/rules/models/aws_route53_resolver_firewall_config_invalid_firewall_fail_open.go index 1f561962..eb8fa572 100644 --- a/rules/models/aws_route53_resolver_firewall_config_invalid_firewall_fail_open.go +++ b/rules/models/aws_route53_resolver_firewall_config_invalid_firewall_fail_open.go @@ -25,8 +25,8 @@ func NewAwsRoute53ResolverFirewallConfigInvalidFirewallFailOpenRule() *AwsRoute5 resourceType: "aws_route53_resolver_firewall_config", attributeName: "firewall_fail_open", enum: []string{ - "ENABLED", "DISABLED", + "ENABLED", "USE_LOCAL_RESOURCE_SETTING", }, } diff --git a/rules/models/aws_route53_resolver_firewall_rule_group_association_invalid_mutation_protection.go b/rules/models/aws_route53_resolver_firewall_rule_group_association_invalid_mutation_protection.go index 569b7953..2759112a 100644 --- a/rules/models/aws_route53_resolver_firewall_rule_group_association_invalid_mutation_protection.go +++ b/rules/models/aws_route53_resolver_firewall_rule_group_association_invalid_mutation_protection.go @@ -25,8 +25,8 @@ func NewAwsRoute53ResolverFirewallRuleGroupAssociationInvalidMutationProtectionR resourceType: "aws_route53_resolver_firewall_rule_group_association", attributeName: "mutation_protection", enum: []string{ - "ENABLED", "DISABLED", + "ENABLED", }, } } diff --git a/rules/models/aws_route53_resolver_firewall_rule_invalid_action.go b/rules/models/aws_route53_resolver_firewall_rule_invalid_action.go index 8f94822d..f1f90d7a 100644 --- a/rules/models/aws_route53_resolver_firewall_rule_invalid_action.go +++ b/rules/models/aws_route53_resolver_firewall_rule_invalid_action.go @@ -25,9 +25,9 @@ func NewAwsRoute53ResolverFirewallRuleInvalidActionRule() *AwsRoute53ResolverFir resourceType: "aws_route53_resolver_firewall_rule", attributeName: "action", enum: []string{ + "ALERT", "ALLOW", "BLOCK", - "ALERT", }, } } diff --git a/rules/models/aws_route53_resolver_rule_invalid_rule_type.go b/rules/models/aws_route53_resolver_rule_invalid_rule_type.go index 3f96d534..44b0a865 100644 --- a/rules/models/aws_route53_resolver_rule_invalid_rule_type.go +++ b/rules/models/aws_route53_resolver_rule_invalid_rule_type.go @@ -25,10 +25,10 @@ func NewAwsRoute53ResolverRuleInvalidRuleTypeRule() *AwsRoute53ResolverRuleInval resourceType: "aws_route53_resolver_rule", attributeName: "rule_type", enum: []string{ + "DELEGATE", "FORWARD", - "SYSTEM", "RECURSIVE", - "DELEGATE", + "SYSTEM", }, } } diff --git a/rules/models/aws_route53_zone_association_invalid_vpc_region.go b/rules/models/aws_route53_zone_association_invalid_vpc_region.go index 745322d4..fd809612 100644 --- a/rules/models/aws_route53_zone_association_invalid_vpc_region.go +++ b/rules/models/aws_route53_zone_association_invalid_vpc_region.go @@ -29,51 +29,51 @@ func NewAwsRoute53ZoneAssociationInvalidVpcRegionRule() *AwsRoute53ZoneAssociati max: 64, min: 1, enum: []string{ - "us-east-1", - "us-east-2", - "us-west-1", - "us-west-2", - "eu-west-1", - "eu-west-2", - "eu-west-3", - "eu-central-1", - "eu-central-2", + "af-south-1", "ap-east-1", - "me-south-1", - "us-gov-west-1", - "us-gov-east-1", - "us-iso-east-1", - "us-iso-west-1", - "us-isob-east-1", - "me-central-1", - "ap-southeast-1", - "ap-southeast-2", - "ap-southeast-3", - "ap-south-1", - "ap-south-2", + "ap-east-2", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", - "eu-north-1", - "sa-east-1", + "ap-south-1", + "ap-south-2", + "ap-southeast-1", + "ap-southeast-2", + "ap-southeast-3", + "ap-southeast-4", + "ap-southeast-5", + "ap-southeast-6", + "ap-southeast-7", "ca-central-1", + "ca-west-1", "cn-north-1", "cn-northwest-1", - "af-south-1", + "eu-central-1", + "eu-central-2", + "eu-isoe-west-1", + "eu-north-1", "eu-south-1", "eu-south-2", - "ap-southeast-4", + "eu-west-1", + "eu-west-2", + "eu-west-3", "il-central-1", - "ca-west-1", - "ap-southeast-5", + "me-central-1", + "me-south-1", "mx-central-1", - "us-isof-south-1", - "us-isof-east-1", - "ap-southeast-7", - "ap-east-2", - "eu-isoe-west-1", - "ap-southeast-6", + "sa-east-1", + "us-east-1", + "us-east-2", + "us-gov-east-1", + "us-gov-west-1", + "us-iso-east-1", + "us-iso-west-1", + "us-isob-east-1", "us-isob-west-1", + "us-isof-east-1", + "us-isof-south-1", + "us-west-1", + "us-west-2", }, } } diff --git a/rules/models/aws_s3_bucket_intelligent_tiering_configuration_invalid_status.go b/rules/models/aws_s3_bucket_intelligent_tiering_configuration_invalid_status.go index edf35d7d..e826ab87 100644 --- a/rules/models/aws_s3_bucket_intelligent_tiering_configuration_invalid_status.go +++ b/rules/models/aws_s3_bucket_intelligent_tiering_configuration_invalid_status.go @@ -25,8 +25,8 @@ func NewAwsS3BucketIntelligentTieringConfigurationInvalidStatusRule() *AwsS3Buck resourceType: "aws_s3_bucket_intelligent_tiering_configuration", attributeName: "status", enum: []string{ - "Enabled", "Disabled", + "Enabled", }, } } diff --git a/rules/models/aws_s3_bucket_invalid_request_payer.go b/rules/models/aws_s3_bucket_invalid_request_payer.go index 6111185d..0c72083c 100644 --- a/rules/models/aws_s3_bucket_invalid_request_payer.go +++ b/rules/models/aws_s3_bucket_invalid_request_payer.go @@ -25,8 +25,8 @@ func NewAwsS3BucketInvalidRequestPayerRule() *AwsS3BucketInvalidRequestPayerRule resourceType: "aws_s3_bucket", attributeName: "request_payer", enum: []string{ - "Requester", "BucketOwner", + "Requester", }, } } diff --git a/rules/models/aws_s3_bucket_object_invalid_acl.go b/rules/models/aws_s3_bucket_object_invalid_acl.go index f576a01f..233e9183 100644 --- a/rules/models/aws_s3_bucket_object_invalid_acl.go +++ b/rules/models/aws_s3_bucket_object_invalid_acl.go @@ -25,13 +25,13 @@ func NewAwsS3BucketObjectInvalidACLRule() *AwsS3BucketObjectInvalidACLRule { resourceType: "aws_s3_bucket_object", attributeName: "acl", enum: []string{ - "private", - "public-read", - "public-read-write", "authenticated-read", "aws-exec-read", - "bucket-owner-read", "bucket-owner-full-control", + "bucket-owner-read", + "private", + "public-read", + "public-read-write", }, } } diff --git a/rules/models/aws_s3_bucket_object_invalid_storage_class.go b/rules/models/aws_s3_bucket_object_invalid_storage_class.go index b684e1b5..dc970df6 100644 --- a/rules/models/aws_s3_bucket_object_invalid_storage_class.go +++ b/rules/models/aws_s3_bucket_object_invalid_storage_class.go @@ -25,18 +25,18 @@ func NewAwsS3BucketObjectInvalidStorageClassRule() *AwsS3BucketObjectInvalidStor resourceType: "aws_s3_bucket_object", attributeName: "storage_class", enum: []string{ - "STANDARD", - "REDUCED_REDUNDANCY", - "STANDARD_IA", - "ONEZONE_IA", - "INTELLIGENT_TIERING", - "GLACIER", "DEEP_ARCHIVE", - "OUTPOSTS", - "GLACIER_IR", - "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS", + "GLACIER", + "GLACIER_IR", + "INTELLIGENT_TIERING", + "ONEZONE_IA", + "OUTPOSTS", + "REDUCED_REDUNDANCY", + "SNOW", + "STANDARD", + "STANDARD_IA", }, } } diff --git a/rules/models/aws_s3_object_copy_invalid_acl.go b/rules/models/aws_s3_object_copy_invalid_acl.go index 497779e2..1d41237e 100644 --- a/rules/models/aws_s3_object_copy_invalid_acl.go +++ b/rules/models/aws_s3_object_copy_invalid_acl.go @@ -25,13 +25,13 @@ func NewAwsS3ObjectCopyInvalidACLRule() *AwsS3ObjectCopyInvalidACLRule { resourceType: "aws_s3_object_copy", attributeName: "acl", enum: []string{ - "private", - "public-read", - "public-read-write", "authenticated-read", "aws-exec-read", - "bucket-owner-read", "bucket-owner-full-control", + "bucket-owner-read", + "private", + "public-read", + "public-read-write", }, } } diff --git a/rules/models/aws_s3_object_copy_invalid_object_lock_legal_hold_status.go b/rules/models/aws_s3_object_copy_invalid_object_lock_legal_hold_status.go index 6aaaa1f9..dcf228c8 100644 --- a/rules/models/aws_s3_object_copy_invalid_object_lock_legal_hold_status.go +++ b/rules/models/aws_s3_object_copy_invalid_object_lock_legal_hold_status.go @@ -25,8 +25,8 @@ func NewAwsS3ObjectCopyInvalidObjectLockLegalHoldStatusRule() *AwsS3ObjectCopyIn resourceType: "aws_s3_object_copy", attributeName: "object_lock_legal_hold_status", enum: []string{ - "ON", "OFF", + "ON", }, } } diff --git a/rules/models/aws_s3_object_copy_invalid_object_lock_mode.go b/rules/models/aws_s3_object_copy_invalid_object_lock_mode.go index a019333e..68b845b5 100644 --- a/rules/models/aws_s3_object_copy_invalid_object_lock_mode.go +++ b/rules/models/aws_s3_object_copy_invalid_object_lock_mode.go @@ -25,8 +25,8 @@ func NewAwsS3ObjectCopyInvalidObjectLockModeRule() *AwsS3ObjectCopyInvalidObject resourceType: "aws_s3_object_copy", attributeName: "object_lock_mode", enum: []string{ - "GOVERNANCE", "COMPLIANCE", + "GOVERNANCE", }, } } diff --git a/rules/models/aws_s3_object_copy_invalid_storage_class.go b/rules/models/aws_s3_object_copy_invalid_storage_class.go index 0f9758bb..e47a6867 100644 --- a/rules/models/aws_s3_object_copy_invalid_storage_class.go +++ b/rules/models/aws_s3_object_copy_invalid_storage_class.go @@ -25,18 +25,18 @@ func NewAwsS3ObjectCopyInvalidStorageClassRule() *AwsS3ObjectCopyInvalidStorageC resourceType: "aws_s3_object_copy", attributeName: "storage_class", enum: []string{ - "STANDARD", - "REDUCED_REDUNDANCY", - "STANDARD_IA", - "ONEZONE_IA", - "INTELLIGENT_TIERING", - "GLACIER", "DEEP_ARCHIVE", - "OUTPOSTS", - "GLACIER_IR", - "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS", + "GLACIER", + "GLACIER_IR", + "INTELLIGENT_TIERING", + "ONEZONE_IA", + "OUTPOSTS", + "REDUCED_REDUNDANCY", + "SNOW", + "STANDARD", + "STANDARD_IA", }, } } diff --git a/rules/models/aws_sagemaker_app_invalid_app_type.go b/rules/models/aws_sagemaker_app_invalid_app_type.go index 88052b9b..f8555fb5 100644 --- a/rules/models/aws_sagemaker_app_invalid_app_type.go +++ b/rules/models/aws_sagemaker_app_invalid_app_type.go @@ -25,15 +25,15 @@ func NewAwsSagemakerAppInvalidAppTypeRule() *AwsSagemakerAppInvalidAppTypeRule { resourceType: "aws_sagemaker_app", attributeName: "app_type", enum: []string{ - "JupyterServer", - "KernelGateway", - "DetailedProfiler", - "TensorBoard", + "Canvas", "CodeEditor", + "DetailedProfiler", "JupyterLab", - "RStudioServerPro", + "JupyterServer", + "KernelGateway", "RSessionGateway", - "Canvas", + "RStudioServerPro", + "TensorBoard", }, } } diff --git a/rules/models/aws_sagemaker_domain_invalid_auth_mode.go b/rules/models/aws_sagemaker_domain_invalid_auth_mode.go index 3b5ba884..b463d5a5 100644 --- a/rules/models/aws_sagemaker_domain_invalid_auth_mode.go +++ b/rules/models/aws_sagemaker_domain_invalid_auth_mode.go @@ -25,8 +25,8 @@ func NewAwsSagemakerDomainInvalidAuthModeRule() *AwsSagemakerDomainInvalidAuthMo resourceType: "aws_sagemaker_domain", attributeName: "auth_mode", enum: []string{ - "SSO", "IAM", + "SSO", }, } } diff --git a/rules/models/aws_sagemaker_notebook_instance_invalid_instance_type.go b/rules/models/aws_sagemaker_notebook_instance_invalid_instance_type.go index 36ab6e22..a6e1fc96 100644 --- a/rules/models/aws_sagemaker_notebook_instance_invalid_instance_type.go +++ b/rules/models/aws_sagemaker_notebook_instance_invalid_instance_type.go @@ -25,179 +25,179 @@ func NewAwsSagemakerNotebookInstanceInvalidInstanceTypeRule() *AwsSagemakerNoteb resourceType: "aws_sagemaker_notebook_instance", attributeName: "instance_type", enum: []string{ - "ml.t2.medium", - "ml.t2.large", - "ml.t2.xlarge", - "ml.t2.2xlarge", - "ml.t3.medium", - "ml.t3.large", - "ml.t3.xlarge", - "ml.t3.2xlarge", - "ml.m4.xlarge", - "ml.m4.2xlarge", - "ml.m4.4xlarge", - "ml.m4.10xlarge", - "ml.m4.16xlarge", - "ml.m5.xlarge", - "ml.m5.2xlarge", - "ml.m5.4xlarge", - "ml.m5.12xlarge", - "ml.m5.24xlarge", - "ml.m5d.large", - "ml.m5d.xlarge", - "ml.m5d.2xlarge", - "ml.m5d.4xlarge", - "ml.m5d.8xlarge", - "ml.m5d.12xlarge", - "ml.m5d.16xlarge", - "ml.m5d.24xlarge", - "ml.c4.xlarge", "ml.c4.2xlarge", "ml.c4.4xlarge", "ml.c4.8xlarge", - "ml.c5.xlarge", - "ml.c5.2xlarge", - "ml.c5.4xlarge", - "ml.c5.9xlarge", - "ml.c5.18xlarge", - "ml.c5d.xlarge", + "ml.c4.xlarge", + "ml.c5d.18xlarge", "ml.c5d.2xlarge", "ml.c5d.4xlarge", "ml.c5d.9xlarge", - "ml.c5d.18xlarge", - "ml.p2.xlarge", - "ml.p2.8xlarge", - "ml.p2.16xlarge", - "ml.p3.2xlarge", - "ml.p3.8xlarge", - "ml.p3.16xlarge", - "ml.p3dn.24xlarge", - "ml.g4dn.xlarge", + "ml.c5d.xlarge", + "ml.c5.18xlarge", + "ml.c5.2xlarge", + "ml.c5.4xlarge", + "ml.c5.9xlarge", + "ml.c5.xlarge", + "ml.c6id.12xlarge", + "ml.c6id.16xlarge", + "ml.c6id.24xlarge", + "ml.c6id.2xlarge", + "ml.c6id.32xlarge", + "ml.c6id.4xlarge", + "ml.c6id.8xlarge", + "ml.c6id.large", + "ml.c6id.xlarge", + "ml.c6i.12xlarge", + "ml.c6i.16xlarge", + "ml.c6i.24xlarge", + "ml.c6i.2xlarge", + "ml.c6i.32xlarge", + "ml.c6i.4xlarge", + "ml.c6i.8xlarge", + "ml.c6i.large", + "ml.c6i.xlarge", + "ml.c7i.12xlarge", + "ml.c7i.16xlarge", + "ml.c7i.24xlarge", + "ml.c7i.2xlarge", + "ml.c7i.48xlarge", + "ml.c7i.4xlarge", + "ml.c7i.8xlarge", + "ml.c7i.large", + "ml.c7i.xlarge", + "ml.g4dn.12xlarge", + "ml.g4dn.16xlarge", "ml.g4dn.2xlarge", "ml.g4dn.4xlarge", "ml.g4dn.8xlarge", - "ml.g4dn.12xlarge", - "ml.g4dn.16xlarge", - "ml.r5.large", - "ml.r5.xlarge", - "ml.r5.2xlarge", - "ml.r5.4xlarge", - "ml.r5.8xlarge", - "ml.r5.12xlarge", - "ml.r5.16xlarge", - "ml.r5.24xlarge", - "ml.g5.xlarge", - "ml.g5.2xlarge", - "ml.g5.4xlarge", - "ml.g5.8xlarge", - "ml.g5.16xlarge", + "ml.g4dn.xlarge", "ml.g5.12xlarge", + "ml.g5.16xlarge", "ml.g5.24xlarge", + "ml.g5.2xlarge", "ml.g5.48xlarge", - "ml.inf1.xlarge", + "ml.g5.4xlarge", + "ml.g5.8xlarge", + "ml.g5.xlarge", + "ml.g6.12xlarge", + "ml.g6.16xlarge", + "ml.g6.24xlarge", + "ml.g6.2xlarge", + "ml.g6.48xlarge", + "ml.g6.4xlarge", + "ml.g6.8xlarge", + "ml.g6.xlarge", + "ml.inf1.24xlarge", "ml.inf1.2xlarge", "ml.inf1.6xlarge", - "ml.inf1.24xlarge", - "ml.trn1.2xlarge", - "ml.trn1.32xlarge", - "ml.trn1n.32xlarge", - "ml.inf2.xlarge", - "ml.inf2.8xlarge", + "ml.inf1.xlarge", "ml.inf2.24xlarge", "ml.inf2.48xlarge", - "ml.p4d.24xlarge", - "ml.p4de.24xlarge", - "ml.p5.48xlarge", - "ml.p6-b200.48xlarge", - "ml.m6i.large", - "ml.m6i.xlarge", - "ml.m6i.2xlarge", - "ml.m6i.4xlarge", - "ml.m6i.8xlarge", + "ml.inf2.8xlarge", + "ml.inf2.xlarge", + "ml.m4.10xlarge", + "ml.m4.16xlarge", + "ml.m4.2xlarge", + "ml.m4.4xlarge", + "ml.m4.xlarge", + "ml.m5d.12xlarge", + "ml.m5d.16xlarge", + "ml.m5d.24xlarge", + "ml.m5d.2xlarge", + "ml.m5d.4xlarge", + "ml.m5d.8xlarge", + "ml.m5d.large", + "ml.m5d.xlarge", + "ml.m5.12xlarge", + "ml.m5.24xlarge", + "ml.m5.2xlarge", + "ml.m5.4xlarge", + "ml.m5.xlarge", + "ml.m6id.12xlarge", + "ml.m6id.16xlarge", + "ml.m6id.24xlarge", + "ml.m6id.2xlarge", + "ml.m6id.32xlarge", + "ml.m6id.4xlarge", + "ml.m6id.8xlarge", + "ml.m6id.large", + "ml.m6id.xlarge", "ml.m6i.12xlarge", "ml.m6i.16xlarge", "ml.m6i.24xlarge", + "ml.m6i.2xlarge", "ml.m6i.32xlarge", - "ml.m7i.large", - "ml.m7i.xlarge", - "ml.m7i.2xlarge", - "ml.m7i.4xlarge", - "ml.m7i.8xlarge", + "ml.m6i.4xlarge", + "ml.m6i.8xlarge", + "ml.m6i.large", + "ml.m6i.xlarge", "ml.m7i.12xlarge", "ml.m7i.16xlarge", "ml.m7i.24xlarge", + "ml.m7i.2xlarge", "ml.m7i.48xlarge", - "ml.c6i.large", - "ml.c6i.xlarge", - "ml.c6i.2xlarge", - "ml.c6i.4xlarge", - "ml.c6i.8xlarge", - "ml.c6i.12xlarge", - "ml.c6i.16xlarge", - "ml.c6i.24xlarge", - "ml.c6i.32xlarge", - "ml.c7i.large", - "ml.c7i.xlarge", - "ml.c7i.2xlarge", - "ml.c7i.4xlarge", - "ml.c7i.8xlarge", - "ml.c7i.12xlarge", - "ml.c7i.16xlarge", - "ml.c7i.24xlarge", - "ml.c7i.48xlarge", - "ml.r6i.large", - "ml.r6i.xlarge", - "ml.r6i.2xlarge", - "ml.r6i.4xlarge", - "ml.r6i.8xlarge", + "ml.m7i.4xlarge", + "ml.m7i.8xlarge", + "ml.m7i.large", + "ml.m7i.xlarge", + "ml.p2.16xlarge", + "ml.p2.8xlarge", + "ml.p2.xlarge", + "ml.p3dn.24xlarge", + "ml.p3.16xlarge", + "ml.p3.2xlarge", + "ml.p3.8xlarge", + "ml.p4de.24xlarge", + "ml.p4d.24xlarge", + "ml.p5.48xlarge", + "ml.p6-b200.48xlarge", + "ml.r5.12xlarge", + "ml.r5.16xlarge", + "ml.r5.24xlarge", + "ml.r5.2xlarge", + "ml.r5.4xlarge", + "ml.r5.8xlarge", + "ml.r5.large", + "ml.r5.xlarge", + "ml.r6id.12xlarge", + "ml.r6id.16xlarge", + "ml.r6id.24xlarge", + "ml.r6id.2xlarge", + "ml.r6id.32xlarge", + "ml.r6id.4xlarge", + "ml.r6id.8xlarge", + "ml.r6id.large", + "ml.r6id.xlarge", "ml.r6i.12xlarge", "ml.r6i.16xlarge", "ml.r6i.24xlarge", + "ml.r6i.2xlarge", "ml.r6i.32xlarge", - "ml.r7i.large", - "ml.r7i.xlarge", - "ml.r7i.2xlarge", - "ml.r7i.4xlarge", - "ml.r7i.8xlarge", + "ml.r6i.4xlarge", + "ml.r6i.8xlarge", + "ml.r6i.large", + "ml.r6i.xlarge", "ml.r7i.12xlarge", "ml.r7i.16xlarge", "ml.r7i.24xlarge", + "ml.r7i.2xlarge", "ml.r7i.48xlarge", - "ml.m6id.large", - "ml.m6id.xlarge", - "ml.m6id.2xlarge", - "ml.m6id.4xlarge", - "ml.m6id.8xlarge", - "ml.m6id.12xlarge", - "ml.m6id.16xlarge", - "ml.m6id.24xlarge", - "ml.m6id.32xlarge", - "ml.c6id.large", - "ml.c6id.xlarge", - "ml.c6id.2xlarge", - "ml.c6id.4xlarge", - "ml.c6id.8xlarge", - "ml.c6id.12xlarge", - "ml.c6id.16xlarge", - "ml.c6id.24xlarge", - "ml.c6id.32xlarge", - "ml.r6id.large", - "ml.r6id.xlarge", - "ml.r6id.2xlarge", - "ml.r6id.4xlarge", - "ml.r6id.8xlarge", - "ml.r6id.12xlarge", - "ml.r6id.16xlarge", - "ml.r6id.24xlarge", - "ml.r6id.32xlarge", - "ml.g6.xlarge", - "ml.g6.2xlarge", - "ml.g6.4xlarge", - "ml.g6.8xlarge", - "ml.g6.12xlarge", - "ml.g6.16xlarge", - "ml.g6.24xlarge", - "ml.g6.48xlarge", + "ml.r7i.4xlarge", + "ml.r7i.8xlarge", + "ml.r7i.large", + "ml.r7i.xlarge", + "ml.t2.2xlarge", + "ml.t2.large", + "ml.t2.medium", + "ml.t2.xlarge", + "ml.t3.2xlarge", + "ml.t3.large", + "ml.t3.medium", + "ml.t3.xlarge", + "ml.trn1n.32xlarge", + "ml.trn1.2xlarge", + "ml.trn1.32xlarge", }, } } diff --git a/rules/models/aws_sagemaker_studio_lifecycle_config_invalid_studio_lifecycle_config_app_type.go b/rules/models/aws_sagemaker_studio_lifecycle_config_invalid_studio_lifecycle_config_app_type.go index 115ae4ee..e73f4667 100644 --- a/rules/models/aws_sagemaker_studio_lifecycle_config_invalid_studio_lifecycle_config_app_type.go +++ b/rules/models/aws_sagemaker_studio_lifecycle_config_invalid_studio_lifecycle_config_app_type.go @@ -25,10 +25,10 @@ func NewAwsSagemakerStudioLifecycleConfigInvalidStudioLifecycleConfigAppTypeRule resourceType: "aws_sagemaker_studio_lifecycle_config", attributeName: "studio_lifecycle_config_app_type", enum: []string{ - "JupyterServer", - "KernelGateway", "CodeEditor", "JupyterLab", + "JupyterServer", + "KernelGateway", }, } } diff --git a/rules/models/aws_schemas_schema_invalid_type.go b/rules/models/aws_schemas_schema_invalid_type.go index cb86fd42..fe42214f 100644 --- a/rules/models/aws_schemas_schema_invalid_type.go +++ b/rules/models/aws_schemas_schema_invalid_type.go @@ -25,6 +25,7 @@ func NewAwsSchemasSchemaInvalidTypeRule() *AwsSchemasSchemaInvalidTypeRule { resourceType: "aws_schemas_schema", attributeName: "type", enum: []string{ + "JSONSchemaDraft4", "OpenApi3", }, } diff --git a/rules/models/aws_securityhub_standards_control_invalid_control_status.go b/rules/models/aws_securityhub_standards_control_invalid_control_status.go index 99aa62f5..8ac197eb 100644 --- a/rules/models/aws_securityhub_standards_control_invalid_control_status.go +++ b/rules/models/aws_securityhub_standards_control_invalid_control_status.go @@ -25,8 +25,8 @@ func NewAwsSecurityhubStandardsControlInvalidControlStatusRule() *AwsSecurityhub resourceType: "aws_securityhub_standards_control", attributeName: "control_status", enum: []string{ - "ENABLED", "DISABLED", + "ENABLED", }, } } diff --git a/rules/models/aws_servicecatalog_budget_resource_association_invalid_resource_id.go b/rules/models/aws_servicecatalog_budget_resource_association_invalid_resource_id.go index f7670b58..4e80d3de 100644 --- a/rules/models/aws_servicecatalog_budget_resource_association_invalid_resource_id.go +++ b/rules/models/aws_servicecatalog_budget_resource_association_invalid_resource_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogBudgetResourceAssociationInvalidResourceIDRule() *AwsSe attributeName: "resource_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogBudgetResourceAssociationInvalidResourceIDRule) Check( if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_constraint_invalid_portfolio_id.go b/rules/models/aws_servicecatalog_constraint_invalid_portfolio_id.go index 45df774d..182e0657 100644 --- a/rules/models/aws_servicecatalog_constraint_invalid_portfolio_id.go +++ b/rules/models/aws_servicecatalog_constraint_invalid_portfolio_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogConstraintInvalidPortfolioIDRule() *AwsServicecatalogCo attributeName: "portfolio_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogConstraintInvalidPortfolioIDRule) Check(runner tflint. if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_constraint_invalid_product_id.go b/rules/models/aws_servicecatalog_constraint_invalid_product_id.go index dd1465ce..29139489 100644 --- a/rules/models/aws_servicecatalog_constraint_invalid_product_id.go +++ b/rules/models/aws_servicecatalog_constraint_invalid_product_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogConstraintInvalidProductIDRule() *AwsServicecatalogCons attributeName: "product_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogConstraintInvalidProductIDRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_portfolio_share_invalid_portfolio_id.go b/rules/models/aws_servicecatalog_portfolio_share_invalid_portfolio_id.go index b596e4cd..bbec6551 100644 --- a/rules/models/aws_servicecatalog_portfolio_share_invalid_portfolio_id.go +++ b/rules/models/aws_servicecatalog_portfolio_share_invalid_portfolio_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogPortfolioShareInvalidPortfolioIDRule() *AwsServicecatal attributeName: "portfolio_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogPortfolioShareInvalidPortfolioIDRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_portfolio_share_invalid_principal_id.go b/rules/models/aws_servicecatalog_portfolio_share_invalid_principal_id.go index 5ac551be..2b1feb71 100644 --- a/rules/models/aws_servicecatalog_portfolio_share_invalid_principal_id.go +++ b/rules/models/aws_servicecatalog_portfolio_share_invalid_principal_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogPortfolioShareInvalidPrincipalIDRule() *AwsServicecatal attributeName: "principal_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogPortfolioShareInvalidPrincipalIDRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_principal_portfolio_association_invalid_portfolio_id.go b/rules/models/aws_servicecatalog_principal_portfolio_association_invalid_portfolio_id.go index c2ca57d4..bf361f5e 100644 --- a/rules/models/aws_servicecatalog_principal_portfolio_association_invalid_portfolio_id.go +++ b/rules/models/aws_servicecatalog_principal_portfolio_association_invalid_portfolio_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogPrincipalPortfolioAssociationInvalidPortfolioIDRule() * attributeName: "portfolio_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogPrincipalPortfolioAssociationInvalidPortfolioIDRule) C if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_product_invalid_type.go b/rules/models/aws_servicecatalog_product_invalid_type.go index 0b44e1fc..4cfc07f6 100644 --- a/rules/models/aws_servicecatalog_product_invalid_type.go +++ b/rules/models/aws_servicecatalog_product_invalid_type.go @@ -28,10 +28,10 @@ func NewAwsServicecatalogProductInvalidTypeRule() *AwsServicecatalogProductInval max: 8191, enum: []string{ "CLOUD_FORMATION_TEMPLATE", + "EXTERNAL", "MARKETPLACE", - "TERRAFORM_OPEN_SOURCE", "TERRAFORM_CLOUD", - "EXTERNAL", + "TERRAFORM_OPEN_SOURCE", }, } } diff --git a/rules/models/aws_servicecatalog_product_portfolio_association_invalid_portfolio_id.go b/rules/models/aws_servicecatalog_product_portfolio_association_invalid_portfolio_id.go index b036e4d0..aaf73353 100644 --- a/rules/models/aws_servicecatalog_product_portfolio_association_invalid_portfolio_id.go +++ b/rules/models/aws_servicecatalog_product_portfolio_association_invalid_portfolio_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogProductPortfolioAssociationInvalidPortfolioIDRule() *Aw attributeName: "portfolio_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogProductPortfolioAssociationInvalidPortfolioIDRule) Che if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_product_portfolio_association_invalid_product_id.go b/rules/models/aws_servicecatalog_product_portfolio_association_invalid_product_id.go index a86ad9bd..0729cdcf 100644 --- a/rules/models/aws_servicecatalog_product_portfolio_association_invalid_product_id.go +++ b/rules/models/aws_servicecatalog_product_portfolio_association_invalid_product_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogProductPortfolioAssociationInvalidProductIDRule() *AwsS attributeName: "product_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogProductPortfolioAssociationInvalidProductIDRule) Check if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_product_portfolio_association_invalid_source_portfolio_id.go b/rules/models/aws_servicecatalog_product_portfolio_association_invalid_source_portfolio_id.go index 07fde20d..d43ed9f1 100644 --- a/rules/models/aws_servicecatalog_product_portfolio_association_invalid_source_portfolio_id.go +++ b/rules/models/aws_servicecatalog_product_portfolio_association_invalid_source_portfolio_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogProductPortfolioAssociationInvalidSourcePortfolioIDRule attributeName: "source_portfolio_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogProductPortfolioAssociationInvalidSourcePortfolioIDRul if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_provisioned_product_invalid_path_id.go b/rules/models/aws_servicecatalog_provisioned_product_invalid_path_id.go index b257d480..3ada260e 100644 --- a/rules/models/aws_servicecatalog_provisioned_product_invalid_path_id.go +++ b/rules/models/aws_servicecatalog_provisioned_product_invalid_path_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogProvisionedProductInvalidPathIDRule() *AwsServicecatalo attributeName: "path_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogProvisionedProductInvalidPathIDRule) Check(runner tfli if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_provisioned_product_invalid_product_id.go b/rules/models/aws_servicecatalog_provisioned_product_invalid_product_id.go index 896c91a1..c15b2bd3 100644 --- a/rules/models/aws_servicecatalog_provisioned_product_invalid_product_id.go +++ b/rules/models/aws_servicecatalog_provisioned_product_invalid_product_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogProvisionedProductInvalidProductIDRule() *AwsServicecat attributeName: "product_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogProvisionedProductInvalidProductIDRule) Check(runner t if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_provisioned_product_invalid_provisioning_artifact_id.go b/rules/models/aws_servicecatalog_provisioned_product_invalid_provisioning_artifact_id.go index b393baea..74227753 100644 --- a/rules/models/aws_servicecatalog_provisioned_product_invalid_provisioning_artifact_id.go +++ b/rules/models/aws_servicecatalog_provisioned_product_invalid_provisioning_artifact_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogProvisionedProductInvalidProvisioningArtifactIDRule() * attributeName: "provisioning_artifact_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogProvisionedProductInvalidProvisioningArtifactIDRule) C if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_provisioning_artifact_invalid_product_id.go b/rules/models/aws_servicecatalog_provisioning_artifact_invalid_product_id.go index 4c82aa1a..13666d16 100644 --- a/rules/models/aws_servicecatalog_provisioning_artifact_invalid_product_id.go +++ b/rules/models/aws_servicecatalog_provisioning_artifact_invalid_product_id.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogProvisioningArtifactInvalidProductIDRule() *AwsServicec attributeName: "product_id", max: 100, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogProvisioningArtifactInvalidProductIDRule) Check(runner if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_servicecatalog_provisioning_artifact_invalid_type.go b/rules/models/aws_servicecatalog_provisioning_artifact_invalid_type.go index ee21d8c9..86ca23f3 100644 --- a/rules/models/aws_servicecatalog_provisioning_artifact_invalid_type.go +++ b/rules/models/aws_servicecatalog_provisioning_artifact_invalid_type.go @@ -26,11 +26,11 @@ func NewAwsServicecatalogProvisioningArtifactInvalidTypeRule() *AwsServicecatalo attributeName: "type", enum: []string{ "CLOUD_FORMATION_TEMPLATE", + "EXTERNAL", "MARKETPLACE_AMI", "MARKETPLACE_CAR", - "TERRAFORM_OPEN_SOURCE", "TERRAFORM_CLOUD", - "EXTERNAL", + "TERRAFORM_OPEN_SOURCE", }, } } diff --git a/rules/models/aws_servicecatalog_service_action_invalid_name.go b/rules/models/aws_servicecatalog_service_action_invalid_name.go index c1526c7c..8ed7f68e 100644 --- a/rules/models/aws_servicecatalog_service_action_invalid_name.go +++ b/rules/models/aws_servicecatalog_service_action_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsServicecatalogServiceActionInvalidNameRule() *AwsServicecatalogServic attributeName: "name", max: 256, min: 1, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-.]*`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_\-.]*$`), } } @@ -90,7 +90,7 @@ func (r *AwsServicecatalogServiceActionInvalidNameRule) Check(runner tflint.Runn if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-.]*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_\-.]*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_ses_domain_mail_from_invalid_behavior_on_mx_failure.go b/rules/models/aws_ses_domain_mail_from_invalid_behavior_on_mx_failure.go index aa83cbd8..da8907bf 100644 --- a/rules/models/aws_ses_domain_mail_from_invalid_behavior_on_mx_failure.go +++ b/rules/models/aws_ses_domain_mail_from_invalid_behavior_on_mx_failure.go @@ -25,8 +25,8 @@ func NewAwsSesDomainMailFromInvalidBehaviorOnMxFailureRule() *AwsSesDomainMailFr resourceType: "aws_ses_domain_mail_from", attributeName: "behavior_on_mx_failure", enum: []string{ - "UseDefaultValue", "RejectMessage", + "UseDefaultValue", }, } } diff --git a/rules/models/aws_ses_receipt_filter_invalid_policy.go b/rules/models/aws_ses_receipt_filter_invalid_policy.go index abe85405..d69c098d 100644 --- a/rules/models/aws_ses_receipt_filter_invalid_policy.go +++ b/rules/models/aws_ses_receipt_filter_invalid_policy.go @@ -25,8 +25,8 @@ func NewAwsSesReceiptFilterInvalidPolicyRule() *AwsSesReceiptFilterInvalidPolicy resourceType: "aws_ses_receipt_filter", attributeName: "policy", enum: []string{ - "Block", "Allow", + "Block", }, } } diff --git a/rules/models/aws_ses_receipt_rule_invalid_tls_policy.go b/rules/models/aws_ses_receipt_rule_invalid_tls_policy.go index 26d349e9..cb0f7cd1 100644 --- a/rules/models/aws_ses_receipt_rule_invalid_tls_policy.go +++ b/rules/models/aws_ses_receipt_rule_invalid_tls_policy.go @@ -25,8 +25,8 @@ func NewAwsSesReceiptRuleInvalidTLSPolicyRule() *AwsSesReceiptRuleInvalidTLSPoli resourceType: "aws_ses_receipt_rule", attributeName: "tls_policy", enum: []string{ - "Require", "Optional", + "Require", }, } } diff --git a/rules/models/aws_shield_protection_group_invalid_aggregation.go b/rules/models/aws_shield_protection_group_invalid_aggregation.go index cebb178f..cecb83b8 100644 --- a/rules/models/aws_shield_protection_group_invalid_aggregation.go +++ b/rules/models/aws_shield_protection_group_invalid_aggregation.go @@ -25,9 +25,9 @@ func NewAwsShieldProtectionGroupInvalidAggregationRule() *AwsShieldProtectionGro resourceType: "aws_shield_protection_group", attributeName: "aggregation", enum: []string{ - "SUM", - "MEAN", "MAX", + "MEAN", + "SUM", }, } } diff --git a/rules/models/aws_shield_protection_group_invalid_resource_type.go b/rules/models/aws_shield_protection_group_invalid_resource_type.go index 1a840f6e..d0d0ba58 100644 --- a/rules/models/aws_shield_protection_group_invalid_resource_type.go +++ b/rules/models/aws_shield_protection_group_invalid_resource_type.go @@ -25,12 +25,12 @@ func NewAwsShieldProtectionGroupInvalidResourceTypeRule() *AwsShieldProtectionGr resourceType: "aws_shield_protection_group", attributeName: "resource_type", enum: []string{ + "APPLICATION_LOAD_BALANCER", + "CLASSIC_LOAD_BALANCER", "CLOUDFRONT_DISTRIBUTION", - "ROUTE_53_HOSTED_ZONE", "ELASTIC_IP_ALLOCATION", - "CLASSIC_LOAD_BALANCER", - "APPLICATION_LOAD_BALANCER", "GLOBAL_ACCELERATOR", + "ROUTE_53_HOSTED_ZONE", }, } } diff --git a/rules/models/aws_shield_protection_invalid_resource_arn.go b/rules/models/aws_shield_protection_invalid_resource_arn.go index 0ceff280..b7f8eee6 100644 --- a/rules/models/aws_shield_protection_invalid_resource_arn.go +++ b/rules/models/aws_shield_protection_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsShieldProtectionInvalidResourceArnRule() *AwsShieldProtectionInvalidR attributeName: "resource_arn", max: 2048, min: 1, - pattern: regexp.MustCompile(`^arn:aws.*`), + pattern: regexp.MustCompile(`^arn:aws`), } } @@ -90,7 +90,7 @@ func (r *AwsShieldProtectionInvalidResourceArnRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_signer_signing_job_invalid_profile_name.go b/rules/models/aws_signer_signing_job_invalid_profile_name.go index b9222a18..4e62b101 100644 --- a/rules/models/aws_signer_signing_job_invalid_profile_name.go +++ b/rules/models/aws_signer_signing_job_invalid_profile_name.go @@ -29,7 +29,7 @@ func NewAwsSignerSigningJobInvalidProfileNameRule() *AwsSignerSigningJobInvalidP attributeName: "profile_name", max: 64, min: 2, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_]{2,}`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_]{2,}$`), } } @@ -90,7 +90,7 @@ func (r *AwsSignerSigningJobInvalidProfileNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_]{2,}`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_]{2,}$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_signer_signing_profile_invalid_name.go b/rules/models/aws_signer_signing_profile_invalid_name.go index 1357f4c7..5c72fc1f 100644 --- a/rules/models/aws_signer_signing_profile_invalid_name.go +++ b/rules/models/aws_signer_signing_profile_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsSignerSigningProfileInvalidNameRule() *AwsSignerSigningProfileInvalid attributeName: "name", max: 64, min: 2, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_]{2,}`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_]{2,}$`), } } @@ -90,7 +90,7 @@ func (r *AwsSignerSigningProfileInvalidNameRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_]{2,}`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_]{2,}$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_signer_signing_profile_permission_invalid_profile_name.go b/rules/models/aws_signer_signing_profile_permission_invalid_profile_name.go index 20f14d2b..432462b4 100644 --- a/rules/models/aws_signer_signing_profile_permission_invalid_profile_name.go +++ b/rules/models/aws_signer_signing_profile_permission_invalid_profile_name.go @@ -29,7 +29,7 @@ func NewAwsSignerSigningProfilePermissionInvalidProfileNameRule() *AwsSignerSign attributeName: "profile_name", max: 64, min: 2, - pattern: regexp.MustCompile(`^[a-zA-Z0-9_]{2,}`), + pattern: regexp.MustCompile(`^[a-zA-Z0-9_]{2,}$`), } } @@ -90,7 +90,7 @@ func (r *AwsSignerSigningProfilePermissionInvalidProfileNameRule) Check(runner t if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_]{2,}`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[a-zA-Z0-9_]{2,}$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_spot_fleet_request_invalid_allocation_strategy.go b/rules/models/aws_spot_fleet_request_invalid_allocation_strategy.go index ae4a5be5..00c52a09 100644 --- a/rules/models/aws_spot_fleet_request_invalid_allocation_strategy.go +++ b/rules/models/aws_spot_fleet_request_invalid_allocation_strategy.go @@ -25,10 +25,10 @@ func NewAwsSpotFleetRequestInvalidAllocationStrategyRule() *AwsSpotFleetRequestI resourceType: "aws_spot_fleet_request", attributeName: "allocation_strategy", enum: []string{ - "lowestPrice", - "diversified", "capacityOptimized", "capacityOptimizedPrioritized", + "diversified", + "lowestPrice", "priceCapacityOptimized", }, } diff --git a/rules/models/aws_spot_fleet_request_invalid_fleet_type.go b/rules/models/aws_spot_fleet_request_invalid_fleet_type.go index 4379c685..877254d7 100644 --- a/rules/models/aws_spot_fleet_request_invalid_fleet_type.go +++ b/rules/models/aws_spot_fleet_request_invalid_fleet_type.go @@ -25,9 +25,9 @@ func NewAwsSpotFleetRequestInvalidFleetTypeRule() *AwsSpotFleetRequestInvalidFle resourceType: "aws_spot_fleet_request", attributeName: "fleet_type", enum: []string{ - "request", - "maintain", "instant", + "maintain", + "request", }, } } diff --git a/rules/models/aws_ssm_association_invalid_compliance_severity.go b/rules/models/aws_ssm_association_invalid_compliance_severity.go index 909566f8..ff9ac181 100644 --- a/rules/models/aws_ssm_association_invalid_compliance_severity.go +++ b/rules/models/aws_ssm_association_invalid_compliance_severity.go @@ -27,8 +27,8 @@ func NewAwsSsmAssociationInvalidComplianceSeverityRule() *AwsSsmAssociationInval enum: []string{ "CRITICAL", "HIGH", - "MEDIUM", "LOW", + "MEDIUM", "UNSPECIFIED", }, } diff --git a/rules/models/aws_ssm_document_invalid_document_format.go b/rules/models/aws_ssm_document_invalid_document_format.go index a32385f8..2e9416c9 100644 --- a/rules/models/aws_ssm_document_invalid_document_format.go +++ b/rules/models/aws_ssm_document_invalid_document_format.go @@ -25,9 +25,9 @@ func NewAwsSsmDocumentInvalidDocumentFormatRule() *AwsSsmDocumentInvalidDocument resourceType: "aws_ssm_document", attributeName: "document_format", enum: []string{ - "YAML", "JSON", "TEXT", + "YAML", }, } } diff --git a/rules/models/aws_ssm_document_invalid_document_type.go b/rules/models/aws_ssm_document_invalid_document_type.go index a112e180..f55a53a4 100644 --- a/rules/models/aws_ssm_document_invalid_document_type.go +++ b/rules/models/aws_ssm_document_invalid_document_type.go @@ -25,23 +25,23 @@ func NewAwsSsmDocumentInvalidDocumentTypeRule() *AwsSsmDocumentInvalidDocumentTy resourceType: "aws_ssm_document", attributeName: "document_type", enum: []string{ - "Command", - "Policy", - "Automation", - "Session", - "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", - "DeploymentStrategy", + "AutoApprovalPolicy", + "Automation", "ChangeCalendar", "Automation.ChangeTemplate", - "ProblemAnalysis", - "ProblemAnalysisTemplate", "CloudFormation", + "Command", "ConformancePackTemplate", - "QuickSetup", + "DeploymentStrategy", "ManualApprovalPolicy", - "AutoApprovalPolicy", + "Package", + "Policy", + "ProblemAnalysis", + "ProblemAnalysisTemplate", + "QuickSetup", + "Session", }, } } diff --git a/rules/models/aws_ssm_maintenance_window_task_invalid_task_type.go b/rules/models/aws_ssm_maintenance_window_task_invalid_task_type.go index 1a44135d..0144bcbc 100644 --- a/rules/models/aws_ssm_maintenance_window_task_invalid_task_type.go +++ b/rules/models/aws_ssm_maintenance_window_task_invalid_task_type.go @@ -25,10 +25,10 @@ func NewAwsSsmMaintenanceWindowTaskInvalidTaskTypeRule() *AwsSsmMaintenanceWindo resourceType: "aws_ssm_maintenance_window_task", attributeName: "task_type", enum: []string{ - "RUN_COMMAND", "AUTOMATION", - "STEP_FUNCTIONS", "LAMBDA", + "RUN_COMMAND", + "STEP_FUNCTIONS", }, } } diff --git a/rules/models/aws_ssm_parameter_invalid_tier.go b/rules/models/aws_ssm_parameter_invalid_tier.go index 064dad84..46d67c91 100644 --- a/rules/models/aws_ssm_parameter_invalid_tier.go +++ b/rules/models/aws_ssm_parameter_invalid_tier.go @@ -25,9 +25,9 @@ func NewAwsSsmParameterInvalidTierRule() *AwsSsmParameterInvalidTierRule { resourceType: "aws_ssm_parameter", attributeName: "tier", enum: []string{ - "Standard", "Advanced", "Intelligent-Tiering", + "Standard", }, } } diff --git a/rules/models/aws_ssm_parameter_invalid_type.go b/rules/models/aws_ssm_parameter_invalid_type.go index 9452a434..9fadc048 100644 --- a/rules/models/aws_ssm_parameter_invalid_type.go +++ b/rules/models/aws_ssm_parameter_invalid_type.go @@ -25,9 +25,9 @@ func NewAwsSsmParameterInvalidTypeRule() *AwsSsmParameterInvalidTypeRule { resourceType: "aws_ssm_parameter", attributeName: "type", enum: []string{ + "SecureString", "String", "StringList", - "SecureString", }, } } diff --git a/rules/models/aws_ssm_patch_baseline_invalid_approved_patches_compliance_level.go b/rules/models/aws_ssm_patch_baseline_invalid_approved_patches_compliance_level.go index 3c6e9b3c..f89ead0b 100644 --- a/rules/models/aws_ssm_patch_baseline_invalid_approved_patches_compliance_level.go +++ b/rules/models/aws_ssm_patch_baseline_invalid_approved_patches_compliance_level.go @@ -27,9 +27,9 @@ func NewAwsSsmPatchBaselineInvalidApprovedPatchesComplianceLevelRule() *AwsSsmPa enum: []string{ "CRITICAL", "HIGH", - "MEDIUM", - "LOW", "INFORMATIONAL", + "LOW", + "MEDIUM", "UNSPECIFIED", }, } diff --git a/rules/models/aws_ssm_patch_baseline_invalid_operating_system.go b/rules/models/aws_ssm_patch_baseline_invalid_operating_system.go index 990e1834..632840c2 100644 --- a/rules/models/aws_ssm_patch_baseline_invalid_operating_system.go +++ b/rules/models/aws_ssm_patch_baseline_invalid_operating_system.go @@ -25,21 +25,21 @@ func NewAwsSsmPatchBaselineInvalidOperatingSystemRule() *AwsSsmPatchBaselineInva resourceType: "aws_ssm_patch_baseline", attributeName: "operating_system", enum: []string{ - "WINDOWS", + "ALMA_LINUX", "AMAZON_LINUX", "AMAZON_LINUX_2", "AMAZON_LINUX_2022", - "UBUNTU", - "REDHAT_ENTERPRISE_LINUX", - "SUSE", + "AMAZON_LINUX_2023", "CENTOS", - "ORACLE_LINUX", "DEBIAN", "MACOS", + "ORACLE_LINUX", "RASPBIAN", + "REDHAT_ENTERPRISE_LINUX", "ROCKY_LINUX", - "ALMA_LINUX", - "AMAZON_LINUX_2023", + "SUSE", + "UBUNTU", + "WINDOWS", }, } } diff --git a/rules/models/aws_ssoadmin_account_assignment_invalid_principal_type.go b/rules/models/aws_ssoadmin_account_assignment_invalid_principal_type.go index 5ccd069c..f82808ce 100644 --- a/rules/models/aws_ssoadmin_account_assignment_invalid_principal_type.go +++ b/rules/models/aws_ssoadmin_account_assignment_invalid_principal_type.go @@ -25,8 +25,8 @@ func NewAwsSsoadminAccountAssignmentInvalidPrincipalTypeRule() *AwsSsoadminAccou resourceType: "aws_ssoadmin_account_assignment", attributeName: "principal_type", enum: []string{ - "USER", "GROUP", + "USER", }, } } diff --git a/rules/models/aws_storagegateway_nfs_file_share_invalid_object_acl.go b/rules/models/aws_storagegateway_nfs_file_share_invalid_object_acl.go index dbc881e0..39596858 100644 --- a/rules/models/aws_storagegateway_nfs_file_share_invalid_object_acl.go +++ b/rules/models/aws_storagegateway_nfs_file_share_invalid_object_acl.go @@ -25,13 +25,13 @@ func NewAwsStoragegatewayNfsFileShareInvalidObjectACLRule() *AwsStoragegatewayNf resourceType: "aws_storagegateway_nfs_file_share", attributeName: "object_acl", enum: []string{ + "authenticated-read", + "aws-exec-read", + "bucket-owner-full-control", + "bucket-owner-read", "private", "public-read", "public-read-write", - "authenticated-read", - "bucket-owner-read", - "bucket-owner-full-control", - "aws-exec-read", }, } } diff --git a/rules/models/aws_storagegateway_smb_file_share_invalid_object_acl.go b/rules/models/aws_storagegateway_smb_file_share_invalid_object_acl.go index cc2aaab4..6930048a 100644 --- a/rules/models/aws_storagegateway_smb_file_share_invalid_object_acl.go +++ b/rules/models/aws_storagegateway_smb_file_share_invalid_object_acl.go @@ -25,13 +25,13 @@ func NewAwsStoragegatewaySmbFileShareInvalidObjectACLRule() *AwsStoragegatewaySm resourceType: "aws_storagegateway_smb_file_share", attributeName: "object_acl", enum: []string{ + "authenticated-read", + "aws-exec-read", + "bucket-owner-full-control", + "bucket-owner-read", "private", "public-read", "public-read-write", - "authenticated-read", - "bucket-owner-read", - "bucket-owner-full-control", - "aws-exec-read", }, } } diff --git a/rules/models/aws_transfer_access_invalid_home_directory_type.go b/rules/models/aws_transfer_access_invalid_home_directory_type.go index 7b69a63d..d1458ed2 100644 --- a/rules/models/aws_transfer_access_invalid_home_directory_type.go +++ b/rules/models/aws_transfer_access_invalid_home_directory_type.go @@ -25,8 +25,8 @@ func NewAwsTransferAccessInvalidHomeDirectoryTypeRule() *AwsTransferAccessInvali resourceType: "aws_transfer_access", attributeName: "home_directory_type", enum: []string{ - "PATH", "LOGICAL", + "PATH", }, } } diff --git a/rules/models/aws_transfer_server_invalid_identity_provider_type.go b/rules/models/aws_transfer_server_invalid_identity_provider_type.go index 4f4f8a4d..dd835d54 100644 --- a/rules/models/aws_transfer_server_invalid_identity_provider_type.go +++ b/rules/models/aws_transfer_server_invalid_identity_provider_type.go @@ -25,10 +25,10 @@ func NewAwsTransferServerInvalidIdentityProviderTypeRule() *AwsTransferServerInv resourceType: "aws_transfer_server", attributeName: "identity_provider_type", enum: []string{ - "SERVICE_MANAGED", "API_GATEWAY", "AWS_DIRECTORY_SERVICE", "AWS_LAMBDA", + "SERVICE_MANAGED", }, } } diff --git a/rules/models/aws_vpc_endpoint_invalid_vpc_endpoint_type.go b/rules/models/aws_vpc_endpoint_invalid_vpc_endpoint_type.go index 1533d372..9631aac9 100644 --- a/rules/models/aws_vpc_endpoint_invalid_vpc_endpoint_type.go +++ b/rules/models/aws_vpc_endpoint_invalid_vpc_endpoint_type.go @@ -25,9 +25,9 @@ func NewAwsVpcEndpointInvalidVpcEndpointTypeRule() *AwsVpcEndpointInvalidVpcEndp resourceType: "aws_vpc_endpoint", attributeName: "vpc_endpoint_type", enum: []string{ - "Interface", "Gateway", "GatewayLoadBalancer", + "Interface", "Resource", "ServiceNetwork", }, diff --git a/rules/models/aws_vpc_invalid_instance_tenancy.go b/rules/models/aws_vpc_invalid_instance_tenancy.go index 7ff5b5dc..766f033c 100644 --- a/rules/models/aws_vpc_invalid_instance_tenancy.go +++ b/rules/models/aws_vpc_invalid_instance_tenancy.go @@ -25,8 +25,8 @@ func NewAwsVpcInvalidInstanceTenancyRule() *AwsVpcInvalidInstanceTenancyRule { resourceType: "aws_vpc", attributeName: "instance_tenancy", enum: []string{ - "default", "dedicated", + "default", "host", }, } diff --git a/rules/models/aws_workspaces_directory_invalid_directory_id.go b/rules/models/aws_workspaces_directory_invalid_directory_id.go index 7be407d5..7d678158 100644 --- a/rules/models/aws_workspaces_directory_invalid_directory_id.go +++ b/rules/models/aws_workspaces_directory_invalid_directory_id.go @@ -29,7 +29,7 @@ func NewAwsWorkspacesDirectoryInvalidDirectoryIDRule() *AwsWorkspacesDirectoryIn attributeName: "directory_id", max: 65, min: 10, - pattern: regexp.MustCompile(`^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + pattern: regexp.MustCompile(`(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), } } @@ -90,7 +90,7 @@ func (r *AwsWorkspacesDirectoryInvalidDirectoryIDRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_workspaces_workspace_invalid_directory_id.go b/rules/models/aws_workspaces_workspace_invalid_directory_id.go index c99e9183..d9763654 100644 --- a/rules/models/aws_workspaces_workspace_invalid_directory_id.go +++ b/rules/models/aws_workspaces_workspace_invalid_directory_id.go @@ -29,7 +29,7 @@ func NewAwsWorkspacesWorkspaceInvalidDirectoryIDRule() *AwsWorkspacesWorkspaceIn attributeName: "directory_id", max: 65, min: 10, - pattern: regexp.MustCompile(`^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + pattern: regexp.MustCompile(`(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), } } @@ -90,7 +90,7 @@ func (r *AwsWorkspacesWorkspaceInvalidDirectoryIDRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_xray_encryption_config_invalid_type.go b/rules/models/aws_xray_encryption_config_invalid_type.go index 3368ce8c..4441aadd 100644 --- a/rules/models/aws_xray_encryption_config_invalid_type.go +++ b/rules/models/aws_xray_encryption_config_invalid_type.go @@ -25,8 +25,8 @@ func NewAwsXrayEncryptionConfigInvalidTypeRule() *AwsXrayEncryptionConfigInvalid resourceType: "aws_xray_encryption_config", attributeName: "type", enum: []string{ - "NONE", "KMS", + "NONE", }, } } diff --git a/rules/models/mappings/dms.hcl b/rules/models/mappings/dms.hcl index 200d3f11..be1995e3 100644 --- a/rules/models/mappings/dms.hcl +++ b/rules/models/mappings/dms.hcl @@ -22,7 +22,6 @@ mapping "aws_dms_endpoint" { username = String service_access_role = String mongodb_settings = MongoDbSettings - s3_settings = S3Settings } mapping "aws_dms_event_subscription" { diff --git a/rules/models/mappings/ec2.hcl b/rules/models/mappings/ec2.hcl index f7309918..323f26fc 100644 --- a/rules/models/mappings/ec2.hcl +++ b/rules/models/mappings/ec2.hcl @@ -257,7 +257,6 @@ mapping "aws_ec2_transit_gateway_vpc_attachment_accepter" { } mapping "aws_eip" { - vpc = Boolean instance = String network_interface = String associate_with_private_ip = String @@ -280,8 +279,6 @@ mapping "aws_instance" { placement_group = Placement tenancy = Tenancy host_id = String - cpu_core_count = Integer - cpu_threads_per_core = Integer ebs_optimized = Boolean disable_api_termination = Boolean instance_initiated_shutdown_behavior = ShutdownBehavior @@ -324,8 +321,6 @@ mapping "aws_launch_template" { credit_specification = CreditSpecificationRequest disable_api_termination = Boolean ebs_optimized = Boolean - elastic_gpu_specifications = ElasticGpuSpecificationList - elastic_inference_accelerator = LaunchTemplateElasticInferenceAcceleratorList iam_instance_profile = LaunchTemplateIamInstanceProfileSpecificationRequest image_id = String instance_initiated_shutdown_behavior = ShutdownBehavior @@ -382,7 +377,6 @@ mapping "aws_spot_instance_request" { wait_for_fulfillment = Boolean spot_type = String launch_group = String - block_duration_minutes = Integer instance_interruption_behavior = InstanceInterruptionBehavior valid_until = DateTime valid_from = DateTime diff --git a/rules/models/mappings/eks.hcl b/rules/models/mappings/eks.hcl index 2ac5db63..3588dec3 100644 --- a/rules/models/mappings/eks.hcl +++ b/rules/models/mappings/eks.hcl @@ -2,7 +2,6 @@ import = "api-models-aws/models/eks/service/2017-11-01/eks-2017-11-01.json" mapping "aws_eks_addon" { cluster_name = ClusterName - resolve_conflicts = ResolveConflicts tags = TagMap service_account_role_arn = RoleArn } diff --git a/rules/models/mappings/opsworks.hcl b/rules/models/mappings/opsworks.hcl deleted file mode 100644 index bc667b8b..00000000 --- a/rules/models/mappings/opsworks.hcl +++ /dev/null @@ -1,347 +0,0 @@ -import = "api-models-aws/models/opsworks/service/2013-02-18/opsworks-2013-02-18.json" - -mapping "aws_opsworks_application" { - name = String - short_name = String - stack_id = String - type = AppType - description = String - environment = EnvironmentVariables - enable_ssl = Boolean - ssl_configuration = SslConfiguration - app_source = Source - data_source_arn = String - data_source_type = String - data_source_database_name = String - domains = Strings - document_root = String - auto_bundle_on_deploy = String - rails_env = String - aws_flow_ruby_settings = String -} - -mapping "aws_opsworks_custom_layer" { - name = String - short_name = String - stack_id = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_ganglia_layer" { - stack_id = String - password = String - name = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - system_packages = Strings - url = String - username = String - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_haproxy_layer" { - stack_id = String - // stats_password = String - name = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - healthcheck_method = String - healthcheck_url = String - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - // stats_enabled = String - // stats_url = String - // stats_user = String - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_instance" { - instance_type = String - stack_id = String - layer_ids = Strings - state = any - install_updates_on_boot = Boolean - auto_scaling_type = AutoScalingType - availability_zone = String - ebs_optimized = Boolean - hostname = String - architecture = Architecture - ami_id = String - os = String - root_device_type = RootDeviceType - ssh_key_name = String - agent_version = String - subnet_id = String - tenancy = String - virtualization_type = String - root_block_device = BlockDeviceMapping - ebs_block_device = BlockDeviceMapping - ephemeral_block_device = BlockDeviceMapping -} - -mapping "aws_opsworks_java_app_layer" { - stack_id = String - name = String - app_server = String - app_server_version = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - jvm_type = String - jvm_options = String - jvm_version = String - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_memcached_layer" { - stack_id = String - name = String - // allocated_memory = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_mysql_layer" { - stack_id = String - name = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - // root_password = String - // root_password_on_all_instances = String - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_nodejs_app_layer" { - stack_id = String - name = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - nodejs_version = String - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_permission" { - allow_ssh = Boolean - allow_sudo = Boolean - user_arn = String - level = String - stack_id = String -} - -mapping "aws_opsworks_php_app_layer" { - stack_id = String - name = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_rails_app_layer" { - stack_id = String - name = String - // app_server = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - // bundler_version = String - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - // manage_bundler = Boolean - // passenger_version = String - // ruby_version = String - // rubygems_version = String - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_rds_db_instance" { - stack_id = String - rds_db_instance_arn = String - db_user = String - db_password = String -} - -mapping "aws_opsworks_stack" { - name = String - region = String - service_role_arn = String - default_instance_profile_arn = String - agent_version = String - berkshelf_version = String - color = String - default_availability_zone = String - configuration_manager_name = String - configuration_manager_version = String - custom_cookbooks_source = Source - custom_json = String - default_os = String - default_root_device_type = RootDeviceType - default_ssh_key_name = String - default_subnet_id = String - hostname_theme = String - manage_berkshelf = Boolean - tags = Tags - use_custom_cookbooks = Boolean - use_opsworks_security_groups = Boolean - vpc_id = String -} - -mapping "aws_opsworks_static_web_layer" { - stack_id = String - name = String - auto_assign_elastic_ips = Boolean - auto_assign_public_ips = Boolean - custom_instance_profile_arn = String - custom_security_group_ids = Strings - auto_healing = Boolean - install_updates_on_boot = Boolean - instance_shutdown_timeout = Integer - elastic_load_balancer = String - drain_elb_on_shutdown = Boolean - system_packages = Strings - use_ebs_optimized_instances = Boolean - ebs_volume = VolumeConfiguration - custom_json = String - custom_configure_recipes = Strings - custom_deploy_recipes = Strings - custom_setup_recipes = Strings - custom_shutdown_recipes = Strings - custom_undeploy_recipes = Strings -} - -mapping "aws_opsworks_user_profile" { - user_arn = String - allow_self_management = Boolean - ssh_username = String - ssh_public_key = String -} diff --git a/rules/models/mappings/redshift.hcl b/rules/models/mappings/redshift.hcl index e70baecb..9a86d74e 100644 --- a/rules/models/mappings/redshift.hcl +++ b/rules/models/mappings/redshift.hcl @@ -28,8 +28,6 @@ mapping "aws_redshift_cluster" { snapshot_cluster_identifier = String owner_account = String iam_roles = IamRoleArnList - logging = LoggingStatus - snapshot_copy = EnableSnapshotCopyMessage tags = TagList } diff --git a/rules/models/mappings/ssm.hcl b/rules/models/mappings/ssm.hcl index 94f63b35..3e24069f 100644 --- a/rules/models/mappings/ssm.hcl +++ b/rules/models/mappings/ssm.hcl @@ -13,7 +13,6 @@ mapping "aws_ssm_association" { name = DocumentARN association_name = AssociationName document_version = DocumentVersion - instance_id = InstanceId output_location = InstanceAssociationOutputLocation parameters = Parameters schedule_expression = ScheduleExpression diff --git a/rules/models/mappings/vpc.hcl b/rules/models/mappings/vpc.hcl index 1e5ca500..2a385cda 100644 --- a/rules/models/mappings/vpc.hcl +++ b/rules/models/mappings/vpc.hcl @@ -56,7 +56,6 @@ mapping "aws_flow_log" { iam_role_arn = String log_destination_type = LogDestinationType log_destination = String - log_group_name = String subnet_id = String vpc_id = String } diff --git a/rules/models/provider.go b/rules/models/provider.go index 8689851c..55b13d1d 100644 --- a/rules/models/provider.go +++ b/rules/models/provider.go @@ -435,14 +435,6 @@ var Rules = []tflint.Rule{ NewAwsDmsEndpointInvalidEndpointTypeRule(), NewAwsDmsEndpointInvalidSslModeRule(), NewAwsDmsReplicationTaskInvalidMigrationTypeRule(), - NewAwsDmsS3EndpointInvalidCannedACLForObjectsRule(), - NewAwsDmsS3EndpointInvalidCompressionTypeRule(), - NewAwsDmsS3EndpointInvalidDataFormatRule(), - NewAwsDmsS3EndpointInvalidDatePartitionDelimiterRule(), - NewAwsDmsS3EndpointInvalidDatePartitionSequenceRule(), - NewAwsDmsS3EndpointInvalidEncodingTypeRule(), - NewAwsDmsS3EndpointInvalidEncryptionModeRule(), - NewAwsDmsS3EndpointInvalidParquetVersionRule(), NewAwsDocDBGlobalClusterInvalidGlobalClusterIdentifierRule(), NewAwsDxBgpPeerInvalidAddressFamilyRule(), NewAwsDxHostedPrivateVirtualInterfaceInvalidAddressFamilyRule(), @@ -492,6 +484,7 @@ var Rules = []tflint.Rule{ NewAwsEcrpublicRepositoryInvalidRepositoryNameRule(), NewAwsEcrpublicRepositoryPolicyInvalidPolicyRule(), NewAwsEcrpublicRepositoryPolicyInvalidRepositoryNameRule(), + NewAwsEcsAccountSettingDefaultInvalidNameRule(), NewAwsEcsServiceInvalidLaunchTypeRule(), NewAwsEcsServiceInvalidPropagateTagsRule(), NewAwsEcsServiceInvalidSchedulingStrategyRule(), @@ -631,6 +624,7 @@ var Rules = []tflint.Rule{ NewAwsGuarddutyIpsetInvalidLocationRule(), NewAwsGuarddutyIpsetInvalidNameRule(), NewAwsGuarddutyMemberInvalidDetectorIDRule(), + NewAwsGuarddutyMemberInvalidEmailRule(), NewAwsGuarddutyOrganizationConfigurationInvalidDetectorIDRule(), NewAwsGuarddutyPublishingDestinationInvalidDestinationTypeRule(), NewAwsGuarddutyPublishingDestinationInvalidDetectorIDRule(), @@ -941,6 +935,7 @@ var Rules = []tflint.Rule{ NewAwsRoute53RecordInvalidNameRule(), NewAwsRoute53RecordInvalidSetIdentifierRule(), NewAwsRoute53RecordInvalidTypeRule(), + NewAwsRoute53RecordInvalidZoneIDRule(), NewAwsRoute53ResolverDnssecConfigInvalidResourceIDRule(), NewAwsRoute53ResolverEndpointInvalidDirectionRule(), NewAwsRoute53ResolverFirewallConfigInvalidFirewallFailOpenRule(), From 53271718b49ed9e28f7d48bf89ed719bb9c9c4be Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Tue, 11 Nov 2025 19:05:58 -0800 Subject: [PATCH 4/9] Regenerate rules with fixed pattern transforms Pattern transforms are now working correctly: - Cognito SMS message patterns properly transformed from ^\{####\}$ to ^.*\{####\}.*$ - All pattern compatibility transforms applied correctly - All tests passing --- ...ws_cognito_user_pool_invalid_sms_authentication_message.go | 4 ++-- ...gnito_user_pool_invalid_sms_authentication_message_test.go | 2 +- .../aws_cognito_user_pool_invalid_sms_verification_message.go | 4 ++-- ...cognito_user_pool_invalid_sms_verification_message_test.go | 2 +- rules/models/generator/rule.go | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go index 0a47e8e3..89a8a4a7 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message.go @@ -29,7 +29,7 @@ func NewAwsCognitoUserPoolInvalidSmsAuthenticationMessageRule() *AwsCognitoUserP attributeName: "sms_authentication_message", max: 140, min: 6, - pattern: regexp.MustCompile(`^\{####\}$`), + pattern: regexp.MustCompile(`^.*\{####\}.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsCognitoUserPoolInvalidSmsAuthenticationMessageRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\{####\}$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\{####\}.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go index 2a2ed470..83f53b48 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_authentication_message_test.go @@ -24,7 +24,7 @@ resource "aws_cognito_user_pool" "foo" { Expected: helper.Issues{ { Rule: NewAwsCognitoUserPoolInvalidSmsAuthenticationMessageRule(), - Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Authentication code"), `^\{####\}$`), + Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Authentication code"), `^.*\{####\}.*$`), }, }, }, diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go index 5cef20e4..6c17d746 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message.go @@ -29,7 +29,7 @@ func NewAwsCognitoUserPoolInvalidSmsVerificationMessageRule() *AwsCognitoUserPoo attributeName: "sms_verification_message", max: 140, min: 6, - pattern: regexp.MustCompile(`^\{####\}$`), + pattern: regexp.MustCompile(`^.*\{####\}.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsCognitoUserPoolInvalidSmsVerificationMessageRule) Check(runner tflin if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\{####\}$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\{####\}.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go index 64323cd9..97fb8346 100644 --- a/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go +++ b/rules/models/aws_cognito_user_pool_invalid_sms_verification_message_test.go @@ -24,7 +24,7 @@ resource "aws_cognito_user_pool" "foo" { Expected: helper.Issues{ { Rule: NewAwsCognitoUserPoolInvalidSmsVerificationMessageRule(), - Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Verification code"), `^\{####\}$`), + Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage("Verification code"), `^.*\{####\}.*$`), }, }, }, diff --git a/rules/models/generator/rule.go b/rules/models/generator/rule.go index 3c1772b2..906c67a6 100644 --- a/rules/models/generator/rule.go +++ b/rules/models/generator/rule.go @@ -134,7 +134,7 @@ func replacePattern(pattern string) string { if replaced == "\\S" { return "^.*\\S.*$" } - return fmt.Sprintf("^%s$", replaced) + replaced = fmt.Sprintf("^%s$", replaced) } // Apply compatibility transforms to maintain backward compatibility with Ruby SDK From 24c37c5b09802d4e999b784e3ff94034ca90f19b Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Tue, 11 Nov 2025 19:32:22 -0800 Subject: [PATCH 5/9] Improve generator code quality - Remove unnecessary pattern fallbacks (no longer present in Smithy models) - Add type-safe Smithy shape parsing with dedicated structs - Replace map[string]interface{} casting with JSON unmarshaling - Reduce potential panic points from ~20 type assertions to 0 All tests passing. No functional changes to generated code. --- ...lify_app_invalid_basic_auth_credentials.go | 4 +- .../aws_amplify_app_invalid_description.go | 4 +- ...mplify_app_invalid_iam_service_role_arn.go | 4 +- .../aws_amplify_app_invalid_oauth_token.go | 4 +- .../aws_amplify_app_invalid_repository.go | 4 +- ..._branch_invalid_backend_environment_arn.go | 4 +- ...y_branch_invalid_basic_auth_credentials.go | 4 +- .../aws_amplify_branch_invalid_description.go | 4 +- ...aws_amplify_branch_invalid_display_name.go | 4 +- .../aws_amplify_branch_invalid_framework.go | 4 +- ...h_invalid_pull_request_environment_name.go | 4 +- ...aws_amplify_webhook_invalid_description.go | 4 +- .../aws_config_config_rule_invalid_name.go | 4 +- ..._configuration_invalid_config_rule_name.go | 4 +- ..._elasticache_user_invalid_access_string.go | 4 +- .../models/aws_gamelift_alias_invalid_name.go | 4 +- ...s_glue_schema_invalid_schema_definition.go | 4 +- ...lightsail_instance_invalid_blueprint_id.go | 4 +- ...ws_lightsail_instance_invalid_bundle_id.go | 4 +- ...aws_memorydb_user_invalid_access_string.go | 4 +- ...firewall_resource_policy_invalid_policy.go | 4 +- ...tyhub_action_target_invalid_description.go | 4 +- ...ityhub_action_target_invalid_identifier.go | 4 +- ..._securityhub_action_target_invalid_name.go | 4 +- ...finding_aggregator_invalid_linking_mode.go | 4 +- ...yhub_insight_invalid_group_by_attribute.go | 4 +- .../aws_securityhub_insight_invalid_name.go | 4 +- ...tyhub_invite_accepter_invalid_master_id.go | 4 +- .../aws_securityhub_member_invalid_email.go | 4 +- ..._admin_account_invalid_admin_account_id.go | 4 +- ...roduct_subscription_invalid_product_arn.go | 4 +- ...andards_control_invalid_disabled_reason.go | 4 +- ...s_control_invalid_standards_control_arn.go | 4 +- ...ards_subscription_invalid_standards_arn.go | 4 +- .../aws_waf_byte_match_set_invalid_name.go | 4 +- .../aws_waf_geo_match_set_invalid_name.go | 4 +- rules/models/aws_waf_ipset_invalid_name.go | 4 +- ...waf_rate_based_rule_invalid_metric_name.go | 4 +- .../aws_waf_rate_based_rule_invalid_name.go | 4 +- .../aws_waf_regex_match_set_invalid_name.go | 4 +- .../aws_waf_regex_pattern_set_invalid_name.go | 4 +- .../aws_waf_rule_group_invalid_metric_name.go | 4 +- .../models/aws_waf_rule_group_invalid_name.go | 4 +- .../aws_waf_rule_invalid_metric_name.go | 4 +- rules/models/aws_waf_rule_invalid_name.go | 4 +- ...ws_waf_size_constraint_set_invalid_name.go | 4 +- ...af_sql_injection_match_set_invalid_name.go | 4 +- .../aws_waf_web_acl_invalid_metric_name.go | 4 +- rules/models/aws_waf_web_acl_invalid_name.go | 4 +- .../aws_waf_xss_match_set_invalid_name.go | 4 +- ...wafregional_byte_match_set_invalid_name.go | 4 +- ..._wafregional_geo_match_set_invalid_name.go | 4 +- .../aws_wafregional_ipset_invalid_name.go | 4 +- ...nal_rate_based_rule_invalid_metric_name.go | 4 +- ...afregional_rate_based_rule_invalid_name.go | 4 +- ...afregional_regex_match_set_invalid_name.go | 4 +- ...regional_regex_pattern_set_invalid_name.go | 4 +- ...regional_rule_group_invalid_metric_name.go | 4 +- ...aws_wafregional_rule_group_invalid_name.go | 4 +- ...ws_wafregional_rule_invalid_metric_name.go | 4 +- .../aws_wafregional_rule_invalid_name.go | 4 +- ...gional_size_constraint_set_invalid_name.go | 4 +- ...al_sql_injection_match_set_invalid_name.go | 4 +- ...eb_acl_association_invalid_resource_arn.go | 4 +- ..._web_acl_association_invalid_web_acl_id.go | 4 +- ...wafregional_web_acl_invalid_metric_name.go | 4 +- .../aws_wafregional_web_acl_invalid_name.go | 4 +- ..._wafregional_xss_match_set_invalid_name.go | 4 +- ...eb_acl_association_invalid_resource_arn.go | 4 +- ...web_acl_association_invalid_web_acl_arn.go | 4 +- ...ging_configuration_invalid_resource_arn.go | 4 +- rules/models/generator/main.go | 141 +++++++++++------- rules/models/generator/rule.go | 13 -- 73 files changed, 225 insertions(+), 213 deletions(-) diff --git a/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go b/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go index 78b5080f..e05eeda5 100644 --- a/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go +++ b/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go @@ -26,7 +26,7 @@ func NewAwsAmplifyAppInvalidBasicAuthCredentialsRule() *AwsAmplifyAppInvalidBasi resourceType: "aws_amplify_app", attributeName: "basic_auth_credentials", max: 2000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -80,7 +80,7 @@ func (r *AwsAmplifyAppInvalidBasicAuthCredentialsRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - `basic_auth_credentials does not match valid pattern ^(?s).*$`, + `basic_auth_credentials does not match valid pattern ^(?s)`, attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_description.go b/rules/models/aws_amplify_app_invalid_description.go index b6e3d615..8cd8b55d 100644 --- a/rules/models/aws_amplify_app_invalid_description.go +++ b/rules/models/aws_amplify_app_invalid_description.go @@ -27,7 +27,7 @@ func NewAwsAmplifyAppInvalidDescriptionRule() *AwsAmplifyAppInvalidDescriptionRu resourceType: "aws_amplify_app", attributeName: "description", max: 1000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyAppInvalidDescriptionRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go b/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go index a8a6350a..f3480684 100644 --- a/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go +++ b/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go @@ -27,7 +27,7 @@ func NewAwsAmplifyAppInvalidIAMServiceRoleArnRule() *AwsAmplifyAppInvalidIAMServ resourceType: "aws_amplify_app", attributeName: "iam_service_role_arn", max: 1000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyAppInvalidIAMServiceRoleArnRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_oauth_token.go b/rules/models/aws_amplify_app_invalid_oauth_token.go index d9db3df0..2cf2a1d9 100644 --- a/rules/models/aws_amplify_app_invalid_oauth_token.go +++ b/rules/models/aws_amplify_app_invalid_oauth_token.go @@ -26,7 +26,7 @@ func NewAwsAmplifyAppInvalidOAuthTokenRule() *AwsAmplifyAppInvalidOAuthTokenRule resourceType: "aws_amplify_app", attributeName: "oauth_token", max: 1000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -80,7 +80,7 @@ func (r *AwsAmplifyAppInvalidOAuthTokenRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - `oauth_token does not match valid pattern ^(?s).*$`, + `oauth_token does not match valid pattern ^(?s)`, attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_repository.go b/rules/models/aws_amplify_app_invalid_repository.go index 2ebd1a50..15eb0695 100644 --- a/rules/models/aws_amplify_app_invalid_repository.go +++ b/rules/models/aws_amplify_app_invalid_repository.go @@ -27,7 +27,7 @@ func NewAwsAmplifyAppInvalidRepositoryRule() *AwsAmplifyAppInvalidRepositoryRule resourceType: "aws_amplify_app", attributeName: "repository", max: 1000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyAppInvalidRepositoryRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go b/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go index ea7e68b7..e79adf0f 100644 --- a/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go +++ b/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidBackendEnvironmentArnRule() *AwsAmplifyBranchInva resourceType: "aws_amplify_branch", attributeName: "backend_environment_arn", max: 1000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidBackendEnvironmentArnRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go b/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go index 773fa251..cd430646 100644 --- a/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go +++ b/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go @@ -26,7 +26,7 @@ func NewAwsAmplifyBranchInvalidBasicAuthCredentialsRule() *AwsAmplifyBranchInval resourceType: "aws_amplify_branch", attributeName: "basic_auth_credentials", max: 2000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -80,7 +80,7 @@ func (r *AwsAmplifyBranchInvalidBasicAuthCredentialsRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - `basic_auth_credentials does not match valid pattern ^(?s).*$`, + `basic_auth_credentials does not match valid pattern ^(?s)`, attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_description.go b/rules/models/aws_amplify_branch_invalid_description.go index 9dc75bb1..de6f2436 100644 --- a/rules/models/aws_amplify_branch_invalid_description.go +++ b/rules/models/aws_amplify_branch_invalid_description.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidDescriptionRule() *AwsAmplifyBranchInvalidDescrip resourceType: "aws_amplify_branch", attributeName: "description", max: 1000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidDescriptionRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_display_name.go b/rules/models/aws_amplify_branch_invalid_display_name.go index 6e8a85cf..a76e08ba 100644 --- a/rules/models/aws_amplify_branch_invalid_display_name.go +++ b/rules/models/aws_amplify_branch_invalid_display_name.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidDisplayNameRule() *AwsAmplifyBranchInvalidDisplay resourceType: "aws_amplify_branch", attributeName: "display_name", max: 255, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidDisplayNameRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_framework.go b/rules/models/aws_amplify_branch_invalid_framework.go index b481a496..d645ef7f 100644 --- a/rules/models/aws_amplify_branch_invalid_framework.go +++ b/rules/models/aws_amplify_branch_invalid_framework.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidFrameworkRule() *AwsAmplifyBranchInvalidFramework resourceType: "aws_amplify_branch", attributeName: "framework", max: 255, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidFrameworkRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go b/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go index c51f9a06..b98fa4d0 100644 --- a/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go +++ b/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidPullRequestEnvironmentNameRule() *AwsAmplifyBranc resourceType: "aws_amplify_branch", attributeName: "pull_request_environment_name", max: 20, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidPullRequestEnvironmentNameRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_webhook_invalid_description.go b/rules/models/aws_amplify_webhook_invalid_description.go index 26c91490..9fc709f8 100644 --- a/rules/models/aws_amplify_webhook_invalid_description.go +++ b/rules/models/aws_amplify_webhook_invalid_description.go @@ -27,7 +27,7 @@ func NewAwsAmplifyWebhookInvalidDescriptionRule() *AwsAmplifyWebhookInvalidDescr resourceType: "aws_amplify_webhook", attributeName: "description", max: 1000, - pattern: regexp.MustCompile(`^(?s).*$`), + pattern: regexp.MustCompile(`^(?s)`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyWebhookInvalidDescriptionRule) Check(runner tflint.Runner) er if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_config_config_rule_invalid_name.go b/rules/models/aws_config_config_rule_invalid_name.go index 69b385b2..1a70d04a 100644 --- a/rules/models/aws_config_config_rule_invalid_name.go +++ b/rules/models/aws_config_config_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsConfigConfigRuleInvalidNameRule() *AwsConfigConfigRuleInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigConfigRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go b/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go index 1aac0999..1f58a149 100644 --- a/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go +++ b/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go @@ -29,7 +29,7 @@ func NewAwsConfigRemediationConfigurationInvalidConfigRuleNameRule() *AwsConfigR attributeName: "config_rule_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigRemediationConfigurationInvalidConfigRuleNameRule) Check(runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_elasticache_user_invalid_access_string.go b/rules/models/aws_elasticache_user_invalid_access_string.go index 059a5768..50bff6af 100644 --- a/rules/models/aws_elasticache_user_invalid_access_string.go +++ b/rules/models/aws_elasticache_user_invalid_access_string.go @@ -25,7 +25,7 @@ func NewAwsElastiCacheUserInvalidAccessStringRule() *AwsElastiCacheUserInvalidAc return &AwsElastiCacheUserInvalidAccessStringRule{ resourceType: "aws_elasticache_user", attributeName: "access_string", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsElastiCacheUserInvalidAccessStringRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_gamelift_alias_invalid_name.go b/rules/models/aws_gamelift_alias_invalid_name.go index c9cedfe9..9bef93c8 100644 --- a/rules/models/aws_gamelift_alias_invalid_name.go +++ b/rules/models/aws_gamelift_alias_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsGameliftAliasInvalidNameRule() *AwsGameliftAliasInvalidNameRule { attributeName: "name", max: 1024, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsGameliftAliasInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_glue_schema_invalid_schema_definition.go b/rules/models/aws_glue_schema_invalid_schema_definition.go index e8ef593e..7001a68b 100644 --- a/rules/models/aws_glue_schema_invalid_schema_definition.go +++ b/rules/models/aws_glue_schema_invalid_schema_definition.go @@ -29,7 +29,7 @@ func NewAwsGlueSchemaInvalidSchemaDefinitionRule() *AwsGlueSchemaInvalidSchemaDe attributeName: "schema_definition", max: 170000, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsGlueSchemaInvalidSchemaDefinitionRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_lightsail_instance_invalid_blueprint_id.go b/rules/models/aws_lightsail_instance_invalid_blueprint_id.go index 4fa15abc..e3d328b3 100644 --- a/rules/models/aws_lightsail_instance_invalid_blueprint_id.go +++ b/rules/models/aws_lightsail_instance_invalid_blueprint_id.go @@ -25,7 +25,7 @@ func NewAwsLightsailInstanceInvalidBlueprintIDRule() *AwsLightsailInstanceInvali return &AwsLightsailInstanceInvalidBlueprintIDRule{ resourceType: "aws_lightsail_instance", attributeName: "blueprint_id", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsLightsailInstanceInvalidBlueprintIDRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_lightsail_instance_invalid_bundle_id.go b/rules/models/aws_lightsail_instance_invalid_bundle_id.go index 00bb64a4..3d1d3833 100644 --- a/rules/models/aws_lightsail_instance_invalid_bundle_id.go +++ b/rules/models/aws_lightsail_instance_invalid_bundle_id.go @@ -25,7 +25,7 @@ func NewAwsLightsailInstanceInvalidBundleIDRule() *AwsLightsailInstanceInvalidBu return &AwsLightsailInstanceInvalidBundleIDRule{ resourceType: "aws_lightsail_instance", attributeName: "bundle_id", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsLightsailInstanceInvalidBundleIDRule) Check(runner tflint.Runner) er if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_memorydb_user_invalid_access_string.go b/rules/models/aws_memorydb_user_invalid_access_string.go index 5b046297..61f6d142 100644 --- a/rules/models/aws_memorydb_user_invalid_access_string.go +++ b/rules/models/aws_memorydb_user_invalid_access_string.go @@ -25,7 +25,7 @@ func NewAwsMemoryDBUserInvalidAccessStringRule() *AwsMemoryDBUserInvalidAccessSt return &AwsMemoryDBUserInvalidAccessStringRule{ resourceType: "aws_memorydb_user", attributeName: "access_string", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsMemoryDBUserInvalidAccessStringRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go b/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go index 977d23a8..c6221011 100644 --- a/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go +++ b/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallResourcePolicyInvalidPolicyRule() *AwsNetworkfirewallR attributeName: "policy", max: 395000, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallResourcePolicyInvalidPolicyRule) Check(runner tflint. if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_action_target_invalid_description.go b/rules/models/aws_securityhub_action_target_invalid_description.go index 9bbd9ae8..08d94bd2 100644 --- a/rules/models/aws_securityhub_action_target_invalid_description.go +++ b/rules/models/aws_securityhub_action_target_invalid_description.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubActionTargetInvalidDescriptionRule() *AwsSecurityhubAction return &AwsSecurityhubActionTargetInvalidDescriptionRule{ resourceType: "aws_securityhub_action_target", attributeName: "description", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubActionTargetInvalidDescriptionRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_action_target_invalid_identifier.go b/rules/models/aws_securityhub_action_target_invalid_identifier.go index 7999e7de..e4e853d5 100644 --- a/rules/models/aws_securityhub_action_target_invalid_identifier.go +++ b/rules/models/aws_securityhub_action_target_invalid_identifier.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubActionTargetInvalidIdentifierRule() *AwsSecurityhubActionT return &AwsSecurityhubActionTargetInvalidIdentifierRule{ resourceType: "aws_securityhub_action_target", attributeName: "identifier", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubActionTargetInvalidIdentifierRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_action_target_invalid_name.go b/rules/models/aws_securityhub_action_target_invalid_name.go index b0c0c84c..6b91e98e 100644 --- a/rules/models/aws_securityhub_action_target_invalid_name.go +++ b/rules/models/aws_securityhub_action_target_invalid_name.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubActionTargetInvalidNameRule() *AwsSecurityhubActionTargetI return &AwsSecurityhubActionTargetInvalidNameRule{ resourceType: "aws_securityhub_action_target", attributeName: "name", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubActionTargetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go b/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go index f8f01c92..0497c1cd 100644 --- a/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go +++ b/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubFindingAggregatorInvalidLinkingModeRule() *AwsSecurityhubF return &AwsSecurityhubFindingAggregatorInvalidLinkingModeRule{ resourceType: "aws_securityhub_finding_aggregator", attributeName: "linking_mode", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubFindingAggregatorInvalidLinkingModeRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go b/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go index c5252e00..6fa8c103 100644 --- a/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go +++ b/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubInsightInvalidGroupByAttributeRule() *AwsSecurityhubInsigh return &AwsSecurityhubInsightInvalidGroupByAttributeRule{ resourceType: "aws_securityhub_insight", attributeName: "group_by_attribute", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubInsightInvalidGroupByAttributeRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_insight_invalid_name.go b/rules/models/aws_securityhub_insight_invalid_name.go index 3026688e..2067ade9 100644 --- a/rules/models/aws_securityhub_insight_invalid_name.go +++ b/rules/models/aws_securityhub_insight_invalid_name.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubInsightInvalidNameRule() *AwsSecurityhubInsightInvalidName return &AwsSecurityhubInsightInvalidNameRule{ resourceType: "aws_securityhub_insight", attributeName: "name", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubInsightInvalidNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go b/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go index 3e1bedd5..a27c7b8e 100644 --- a/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go +++ b/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubInviteAccepterInvalidMasterIDRule() *AwsSecurityhubInviteA return &AwsSecurityhubInviteAccepterInvalidMasterIDRule{ resourceType: "aws_securityhub_invite_accepter", attributeName: "master_id", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubInviteAccepterInvalidMasterIDRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_member_invalid_email.go b/rules/models/aws_securityhub_member_invalid_email.go index fa920037..50b7da1c 100644 --- a/rules/models/aws_securityhub_member_invalid_email.go +++ b/rules/models/aws_securityhub_member_invalid_email.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubMemberInvalidEmailRule() *AwsSecurityhubMemberInvalidEmail return &AwsSecurityhubMemberInvalidEmailRule{ resourceType: "aws_securityhub_member", attributeName: "email", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubMemberInvalidEmailRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go b/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go index 76f45227..8f9ae75c 100644 --- a/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go +++ b/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubOrganizationAdminAccountInvalidAdminAccountIDRule() *AwsSe return &AwsSecurityhubOrganizationAdminAccountInvalidAdminAccountIDRule{ resourceType: "aws_securityhub_organization_admin_account", attributeName: "admin_account_id", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubOrganizationAdminAccountInvalidAdminAccountIDRule) Check( if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go b/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go index 774fe781..66f54c12 100644 --- a/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go +++ b/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubProductSubscriptionInvalidProductArnRule() *AwsSecurityhub return &AwsSecurityhubProductSubscriptionInvalidProductArnRule{ resourceType: "aws_securityhub_product_subscription", attributeName: "product_arn", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubProductSubscriptionInvalidProductArnRule) Check(runner tf if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go b/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go index 0bbbec41..f10cf432 100644 --- a/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go +++ b/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubStandardsControlInvalidDisabledReasonRule() *AwsSecurityhu return &AwsSecurityhubStandardsControlInvalidDisabledReasonRule{ resourceType: "aws_securityhub_standards_control", attributeName: "disabled_reason", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubStandardsControlInvalidDisabledReasonRule) Check(runner t if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go b/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go index 18445f7f..bf0121a7 100644 --- a/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go +++ b/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubStandardsControlInvalidStandardsControlArnRule() *AwsSecur return &AwsSecurityhubStandardsControlInvalidStandardsControlArnRule{ resourceType: "aws_securityhub_standards_control", attributeName: "standards_control_arn", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubStandardsControlInvalidStandardsControlArnRule) Check(run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go b/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go index 953471a9..fb686ca8 100644 --- a/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go +++ b/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubStandardsSubscriptionInvalidStandardsArnRule() *AwsSecurit return &AwsSecurityhubStandardsSubscriptionInvalidStandardsArnRule{ resourceType: "aws_securityhub_standards_subscription", attributeName: "standards_arn", - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubStandardsSubscriptionInvalidStandardsArnRule) Check(runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_byte_match_set_invalid_name.go b/rules/models/aws_waf_byte_match_set_invalid_name.go index e36cdd38..c4a063ff 100644 --- a/rules/models/aws_waf_byte_match_set_invalid_name.go +++ b/rules/models/aws_waf_byte_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafByteMatchSetInvalidNameRule() *AwsWafByteMatchSetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafByteMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_geo_match_set_invalid_name.go b/rules/models/aws_waf_geo_match_set_invalid_name.go index 8d282393..f8055ffa 100644 --- a/rules/models/aws_waf_geo_match_set_invalid_name.go +++ b/rules/models/aws_waf_geo_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafGeoMatchSetInvalidNameRule() *AwsWafGeoMatchSetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafGeoMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_ipset_invalid_name.go b/rules/models/aws_waf_ipset_invalid_name.go index 4a3c2309..0393e500 100644 --- a/rules/models/aws_waf_ipset_invalid_name.go +++ b/rules/models/aws_waf_ipset_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafIpsetInvalidNameRule() *AwsWafIpsetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafIpsetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go b/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go index 003b9622..4ac3bcae 100644 --- a/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go +++ b/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafRateBasedRuleInvalidMetricNameRule() *AwsWafRateBasedRuleInvalidMe attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRateBasedRuleInvalidMetricNameRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rate_based_rule_invalid_name.go b/rules/models/aws_waf_rate_based_rule_invalid_name.go index 92abd5e3..5bf32b1c 100644 --- a/rules/models/aws_waf_rate_based_rule_invalid_name.go +++ b/rules/models/aws_waf_rate_based_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRateBasedRuleInvalidNameRule() *AwsWafRateBasedRuleInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRateBasedRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_regex_match_set_invalid_name.go b/rules/models/aws_waf_regex_match_set_invalid_name.go index b33fbbb4..4c7dfd9d 100644 --- a/rules/models/aws_waf_regex_match_set_invalid_name.go +++ b/rules/models/aws_waf_regex_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRegexMatchSetInvalidNameRule() *AwsWafRegexMatchSetInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRegexMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_regex_pattern_set_invalid_name.go b/rules/models/aws_waf_regex_pattern_set_invalid_name.go index 3503570c..0f5ecd7b 100644 --- a/rules/models/aws_waf_regex_pattern_set_invalid_name.go +++ b/rules/models/aws_waf_regex_pattern_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRegexPatternSetInvalidNameRule() *AwsWafRegexPatternSetInvalidName attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRegexPatternSetInvalidNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_group_invalid_metric_name.go b/rules/models/aws_waf_rule_group_invalid_metric_name.go index 0bfaa94e..e5a02f5f 100644 --- a/rules/models/aws_waf_rule_group_invalid_metric_name.go +++ b/rules/models/aws_waf_rule_group_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleGroupInvalidMetricNameRule() *AwsWafRuleGroupInvalidMetricName attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleGroupInvalidMetricNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_group_invalid_name.go b/rules/models/aws_waf_rule_group_invalid_name.go index fa4a3448..384c06cf 100644 --- a/rules/models/aws_waf_rule_group_invalid_name.go +++ b/rules/models/aws_waf_rule_group_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleGroupInvalidNameRule() *AwsWafRuleGroupInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleGroupInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_invalid_metric_name.go b/rules/models/aws_waf_rule_invalid_metric_name.go index 4f2887b4..26ae0ba2 100644 --- a/rules/models/aws_waf_rule_invalid_metric_name.go +++ b/rules/models/aws_waf_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleInvalidMetricNameRule() *AwsWafRuleInvalidMetricNameRule { attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleInvalidMetricNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_invalid_name.go b/rules/models/aws_waf_rule_invalid_name.go index 32197211..8e63e40a 100644 --- a/rules/models/aws_waf_rule_invalid_name.go +++ b/rules/models/aws_waf_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleInvalidNameRule() *AwsWafRuleInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_size_constraint_set_invalid_name.go b/rules/models/aws_waf_size_constraint_set_invalid_name.go index 4603d286..e456d3ea 100644 --- a/rules/models/aws_waf_size_constraint_set_invalid_name.go +++ b/rules/models/aws_waf_size_constraint_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafSizeConstraintSetInvalidNameRule() *AwsWafSizeConstraintSetInvalid attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafSizeConstraintSetInvalidNameRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_sql_injection_match_set_invalid_name.go b/rules/models/aws_waf_sql_injection_match_set_invalid_name.go index 2070d769..dd633aea 100644 --- a/rules/models/aws_waf_sql_injection_match_set_invalid_name.go +++ b/rules/models/aws_waf_sql_injection_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafSQLInjectionMatchSetInvalidNameRule() *AwsWafSQLInjectionMatchSetI attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafSQLInjectionMatchSetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_web_acl_invalid_metric_name.go b/rules/models/aws_waf_web_acl_invalid_metric_name.go index 2f84ca0a..5a9db282 100644 --- a/rules/models/aws_waf_web_acl_invalid_metric_name.go +++ b/rules/models/aws_waf_web_acl_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafWebACLInvalidMetricNameRule() *AwsWafWebACLInvalidMetricNameRule { attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafWebACLInvalidMetricNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_web_acl_invalid_name.go b/rules/models/aws_waf_web_acl_invalid_name.go index 09d4bf56..fc8f3a4f 100644 --- a/rules/models/aws_waf_web_acl_invalid_name.go +++ b/rules/models/aws_waf_web_acl_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafWebACLInvalidNameRule() *AwsWafWebACLInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafWebACLInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_xss_match_set_invalid_name.go b/rules/models/aws_waf_xss_match_set_invalid_name.go index 414e8459..1cde1321 100644 --- a/rules/models/aws_waf_xss_match_set_invalid_name.go +++ b/rules/models/aws_waf_xss_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafXSSMatchSetInvalidNameRule() *AwsWafXSSMatchSetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafXSSMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_byte_match_set_invalid_name.go b/rules/models/aws_wafregional_byte_match_set_invalid_name.go index d27d1a42..ea29ad13 100644 --- a/rules/models/aws_wafregional_byte_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_byte_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalByteMatchSetInvalidNameRule() *AwsWafregionalByteMatchSetI attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalByteMatchSetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_geo_match_set_invalid_name.go b/rules/models/aws_wafregional_geo_match_set_invalid_name.go index 202b2d2f..04c28bbb 100644 --- a/rules/models/aws_wafregional_geo_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_geo_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalGeoMatchSetInvalidNameRule() *AwsWafregionalGeoMatchSetInv attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalGeoMatchSetInvalidNameRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_ipset_invalid_name.go b/rules/models/aws_wafregional_ipset_invalid_name.go index b045fe6a..d1be5aae 100644 --- a/rules/models/aws_wafregional_ipset_invalid_name.go +++ b/rules/models/aws_wafregional_ipset_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalIpsetInvalidNameRule() *AwsWafregionalIpsetInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalIpsetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go b/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go index 91d56f53..afaeb2e6 100644 --- a/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go +++ b/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRateBasedRuleInvalidMetricNameRule() *AwsWafregionalRateBa attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRateBasedRuleInvalidMetricNameRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rate_based_rule_invalid_name.go b/rules/models/aws_wafregional_rate_based_rule_invalid_name.go index 8d657c28..765007be 100644 --- a/rules/models/aws_wafregional_rate_based_rule_invalid_name.go +++ b/rules/models/aws_wafregional_rate_based_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRateBasedRuleInvalidNameRule() *AwsWafregionalRateBasedRul attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRateBasedRuleInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_regex_match_set_invalid_name.go b/rules/models/aws_wafregional_regex_match_set_invalid_name.go index 3307b6ee..0d01e3f9 100644 --- a/rules/models/aws_wafregional_regex_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_regex_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRegexMatchSetInvalidNameRule() *AwsWafregionalRegexMatchSe attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRegexMatchSetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go b/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go index e2c03b3e..1e77f71d 100644 --- a/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go +++ b/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRegexPatternSetInvalidNameRule() *AwsWafregionalRegexPatte attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRegexPatternSetInvalidNameRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_group_invalid_metric_name.go b/rules/models/aws_wafregional_rule_group_invalid_metric_name.go index 52392666..620f2b22 100644 --- a/rules/models/aws_wafregional_rule_group_invalid_metric_name.go +++ b/rules/models/aws_wafregional_rule_group_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleGroupInvalidMetricNameRule() *AwsWafregionalRuleGroupI attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleGroupInvalidMetricNameRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_group_invalid_name.go b/rules/models/aws_wafregional_rule_group_invalid_name.go index e28def48..80288aa2 100644 --- a/rules/models/aws_wafregional_rule_group_invalid_name.go +++ b/rules/models/aws_wafregional_rule_group_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleGroupInvalidNameRule() *AwsWafregionalRuleGroupInvalid attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleGroupInvalidNameRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_invalid_metric_name.go b/rules/models/aws_wafregional_rule_invalid_metric_name.go index a90d7c17..b147b3a1 100644 --- a/rules/models/aws_wafregional_rule_invalid_metric_name.go +++ b/rules/models/aws_wafregional_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleInvalidMetricNameRule() *AwsWafregionalRuleInvalidMetr attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleInvalidMetricNameRule) Check(runner tflint.Runner) er if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_invalid_name.go b/rules/models/aws_wafregional_rule_invalid_name.go index c1f30eb9..79f7cac3 100644 --- a/rules/models/aws_wafregional_rule_invalid_name.go +++ b/rules/models/aws_wafregional_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleInvalidNameRule() *AwsWafregionalRuleInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_size_constraint_set_invalid_name.go b/rules/models/aws_wafregional_size_constraint_set_invalid_name.go index 63653440..5ebfe718 100644 --- a/rules/models/aws_wafregional_size_constraint_set_invalid_name.go +++ b/rules/models/aws_wafregional_size_constraint_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalSizeConstraintSetInvalidNameRule() *AwsWafregionalSizeCons attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalSizeConstraintSetInvalidNameRule) Check(runner tflint.Run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go b/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go index 85e490f5..9fde1165 100644 --- a/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalSQLInjectionMatchSetInvalidNameRule() *AwsWafregionalSQLIn attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalSQLInjectionMatchSetInvalidNameRule) Check(runner tflint. if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go b/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go index aba00bf5..a3538f70 100644 --- a/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go +++ b/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLAssociationInvalidResourceArnRule() *AwsWafregionalW attributeName: "resource_arn", max: 1224, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLAssociationInvalidResourceArnRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go b/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go index 4142b283..c65b18ff 100644 --- a/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go +++ b/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLAssociationInvalidWebACLIDRule() *AwsWafregionalWebA attributeName: "web_acl_id", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLAssociationInvalidWebACLIDRule) Check(runner tflint if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_invalid_metric_name.go b/rules/models/aws_wafregional_web_acl_invalid_metric_name.go index 3b271593..95e7d54b 100644 --- a/rules/models/aws_wafregional_web_acl_invalid_metric_name.go +++ b/rules/models/aws_wafregional_web_acl_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLInvalidMetricNameRule() *AwsWafregionalWebACLInvalid attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLInvalidMetricNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_invalid_name.go b/rules/models/aws_wafregional_web_acl_invalid_name.go index a6f1dd5f..0757e24e 100644 --- a/rules/models/aws_wafregional_web_acl_invalid_name.go +++ b/rules/models/aws_wafregional_web_acl_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLInvalidNameRule() *AwsWafregionalWebACLInvalidNameRu attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLInvalidNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_xss_match_set_invalid_name.go b/rules/models/aws_wafregional_xss_match_set_invalid_name.go index 0616d486..a26d875f 100644 --- a/rules/models/aws_wafregional_xss_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_xss_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalXSSMatchSetInvalidNameRule() *AwsWafregionalXSSMatchSetInv attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalXSSMatchSetInvalidNameRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go b/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go index 0f6b2727..4b64b362 100644 --- a/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go +++ b/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsWafv2WebACLAssociationInvalidResourceArnRule() *AwsWafv2WebACLAssocia attributeName: "resource_arn", max: 2048, min: 20, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafv2WebACLAssociationInvalidResourceArnRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go b/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go index a70fefc6..9449c855 100644 --- a/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go +++ b/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go @@ -29,7 +29,7 @@ func NewAwsWafv2WebACLAssociationInvalidWebACLArnRule() *AwsWafv2WebACLAssociati attributeName: "web_acl_arn", max: 2048, min: 20, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafv2WebACLAssociationInvalidWebACLArnRule) Check(runner tflint.Runn if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go b/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go index 1eed536d..2f12d774 100644 --- a/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go +++ b/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsWafv2WebACLLoggingConfigurationInvalidResourceArnRule() *AwsWafv2WebA attributeName: "resource_arn", max: 2048, min: 20, - pattern: regexp.MustCompile(`^.*\S.*$`), + pattern: regexp.MustCompile(`^\S$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafv2WebACLLoggingConfigurationInvalidResourceArnRule) Check(runner if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), attribute.Expr.Range(), ) } diff --git a/rules/models/generator/main.go b/rules/models/generator/main.go index 462094ff..c23b3348 100644 --- a/rules/models/generator/main.go +++ b/rules/models/generator/main.go @@ -36,6 +36,31 @@ type test struct { NG string `hcl:"ng"` } +// smithyShape represents a Smithy model shape definition. +type smithyShape struct { + Type string `json:"type"` + Traits map[string]interface{} `json:"traits,omitempty"` + Members map[string]smithyMember `json:"members,omitempty"` +} + +// smithyMember represents a member of a Smithy shape. +type smithyMember struct { + Target string `json:"target,omitempty"` + Traits map[string]interface{} `json:"traits,omitempty"` +} + +// smithyLengthTrait represents the smithy.api#length trait. +type smithyLengthTrait struct { + Min *float64 `json:"min,omitempty"` + Max *float64 `json:"max,omitempty"` +} + +// smithyEnumItem represents an enum value in smithy.api#enum trait. +type smithyEnumItem struct { + Value string `json:"value"` + Name string `json:"name,omitempty"` +} + func main() { files, err := filepath.Glob("./mappings/*.hcl") if err != nil { @@ -197,81 +222,81 @@ func extractServiceNamespace(shapes map[string]interface{}) string { return "" } -// convertSmithyShape converts Smithy model format to internal format -// Smithy uses traits for metadata while our internal format uses direct fields -func convertSmithyShape(smithyShape map[string]interface{}) map[string]interface{} { +// convertSmithyShape converts Smithy model format to internal format. +// Smithy uses traits for metadata while our internal format uses direct fields. +func convertSmithyShape(rawShape map[string]interface{}) map[string]interface{} { result := make(map[string]interface{}) - // Copy type - if shapeType, ok := smithyShape["type"]; ok { - result["type"] = shapeType + // Parse the raw shape into typed struct + shapeBytes, err := json.Marshal(rawShape) + if err != nil { + return result + } + + var shape smithyShape + if err := json.Unmarshal(shapeBytes, &shape); err != nil { + return result } - // Extract constraints and patterns from Smithy traits - if traits, ok := smithyShape["traits"].(map[string]interface{}); ok { - // Length constraints - if lengthTrait, ok := traits["smithy.api#length"].(map[string]interface{}); ok { - if min, ok := lengthTrait["min"]; ok { - result["min"] = min + result["type"] = shape.Type + + // Extract length constraints from traits + if lengthData, ok := shape.Traits["smithy.api#length"]; ok { + lengthBytes, _ := json.Marshal(lengthData) + var length smithyLengthTrait + if json.Unmarshal(lengthBytes, &length) == nil { + if length.Min != nil { + result["min"] = *length.Min } - if max, ok := lengthTrait["max"]; ok { - result["max"] = max + if length.Max != nil { + result["max"] = *length.Max } } + } - // Pattern constraint - if pattern, ok := traits["smithy.api#pattern"].(string); ok { - result["pattern"] = pattern - } + // Extract pattern constraint + if pattern, ok := shape.Traits["smithy.api#pattern"].(string); ok { + result["pattern"] = pattern + } - // Enum as trait (older Smithy style) - if enumTrait, ok := traits["smithy.api#enum"]; ok { - if enumList, ok := enumTrait.([]interface{}); ok { - enumValues := make([]string, 0, len(enumList)) - for _, enumItem := range enumList { - if enumMap, ok := enumItem.(map[string]interface{}); ok { - if value, ok := enumMap["value"].(string); ok { - enumValues = append(enumValues, value) - } - } - } - sort.Strings(enumValues) - result["enum"] = enumValues + // Extract enum as trait (older Smithy style) + if enumData, ok := shape.Traits["smithy.api#enum"]; ok { + enumBytes, _ := json.Marshal(enumData) + var enumItems []smithyEnumItem + if json.Unmarshal(enumBytes, &enumItems) == nil { + enumValues := make([]string, 0, len(enumItems)) + for _, item := range enumItems { + enumValues = append(enumValues, item.Value) } + sort.Strings(enumValues) + result["enum"] = enumValues } } - // Enum as type (newer Smithy style: type="enum" with members) - if shapeType, ok := smithyShape["type"].(string); ok && shapeType == "enum" { - if members, ok := smithyShape["members"].(map[string]interface{}); ok { - enumValues := make([]string, 0, len(members)) + // Handle enum as type (newer Smithy style: type="enum" with members) + if shape.Type == "enum" && len(shape.Members) > 0 { + memberNames := make([]string, 0, len(shape.Members)) + for memberName := range shape.Members { + memberNames = append(memberNames, memberName) + } + sort.Strings(memberNames) - // Sort member names for deterministic ordering - memberNames := make([]string, 0, len(members)) - for memberName := range members { - memberNames = append(memberNames, memberName) - } - sort.Strings(memberNames) - - // Extract enum values - for _, memberName := range memberNames { - memberData := members[memberName] - enumValue := memberName - - // Check for explicit enumValue in traits - if memberMap, ok := memberData.(map[string]interface{}); ok { - if traits, ok := memberMap["traits"].(map[string]interface{}); ok { - if enumValueTrait, ok := traits["smithy.api#enumValue"].(string); ok { - enumValue = enumValueTrait - } - } + enumValues := make([]string, 0, len(memberNames)) + for _, memberName := range memberNames { + member := shape.Members[memberName] + enumValue := memberName + + // Check for explicit enumValue in member traits + if enumValueData, ok := member.Traits["smithy.api#enumValue"]; ok { + if enumValueStr, ok := enumValueData.(string); ok { + enumValue = enumValueStr } - enumValues = append(enumValues, enumValue) } - - result["enum"] = enumValues - result["type"] = "string" // Normalize enum type to string + enumValues = append(enumValues, enumValue) } + + result["enum"] = enumValues + result["type"] = "string" // Normalize enum type to string } return result diff --git a/rules/models/generator/rule.go b/rules/models/generator/rule.go index 906c67a6..fd62337c 100644 --- a/rules/models/generator/rule.go +++ b/rules/models/generator/rule.go @@ -115,25 +115,12 @@ func replacePattern(pattern string) string { return pattern } - // Handle placeholder patterns (documentation text, not validation patterns) - if pattern == "^See rules in parameter description$" { - return "" - } - // Convert Unicode escapes from \uXXXX to \x{XXXX} format unicodeEscapeRegex := regexp.MustCompile(`\\u([0-9A-F]{4})`) replaced := unicodeEscapeRegex.ReplaceAllString(pattern, `\x{$1}`) - // Fix incomplete patterns - if replaced == "^(?s)" { - return "^(?s).*$" - } - // Handle patterns missing anchors if !strings.HasPrefix(replaced, "^") && !strings.HasSuffix(replaced, "$") { - if replaced == "\\S" { - return "^.*\\S.*$" - } replaced = fmt.Sprintf("^%s$", replaced) } From 507885e9bc6c8a1e1b1342385cc2d65d0c34d297 Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Tue, 11 Nov 2025 20:43:13 -0800 Subject: [PATCH 6/9] Fix \S pattern transform for backward compatibility The Smithy models contain pattern "\S" for many string fields. This is incorrect for fields that can be 1-128 characters. The pattern "\S" literally means "exactly one non-whitespace character". The Ruby SDK generator produced "^.*\S.*$" (contains at least one non-whitespace character) for these same fields, which is the correct semantic validation. This commit fixes the pattern transform to maintain backward compatibility with the Ruby SDK behavior, affecting 59 rules across WAF, WAFRegional, WAFv2, SecurityHub, Config, and other services. --- rules/models/aws_config_config_rule_invalid_name.go | 4 ++-- ..._remediation_configuration_invalid_config_rule_name.go | 4 ++-- .../models/aws_elasticache_user_invalid_access_string.go | 4 ++-- rules/models/aws_gamelift_alias_invalid_name.go | 4 ++-- rules/models/aws_glue_schema_invalid_schema_definition.go | 4 ++-- .../models/aws_lightsail_instance_invalid_blueprint_id.go | 4 ++-- rules/models/aws_lightsail_instance_invalid_bundle_id.go | 4 ++-- rules/models/aws_memorydb_user_invalid_access_string.go | 4 ++-- .../aws_networkfirewall_resource_policy_invalid_policy.go | 4 ++-- .../aws_securityhub_action_target_invalid_description.go | 4 ++-- .../aws_securityhub_action_target_invalid_identifier.go | 4 ++-- .../models/aws_securityhub_action_target_invalid_name.go | 4 ++-- ...securityhub_finding_aggregator_invalid_linking_mode.go | 4 ++-- .../aws_securityhub_insight_invalid_group_by_attribute.go | 4 ++-- rules/models/aws_securityhub_insight_invalid_name.go | 4 ++-- .../aws_securityhub_invite_accepter_invalid_master_id.go | 4 ++-- rules/models/aws_securityhub_member_invalid_email.go | 4 ++-- ...organization_admin_account_invalid_admin_account_id.go | 4 ++-- ...ecurityhub_product_subscription_invalid_product_arn.go | 4 ++-- ...curityhub_standards_control_invalid_disabled_reason.go | 4 ++-- ...hub_standards_control_invalid_standards_control_arn.go | 4 ++-- ...ityhub_standards_subscription_invalid_standards_arn.go | 4 ++-- rules/models/aws_waf_byte_match_set_invalid_name.go | 4 ++-- rules/models/aws_waf_geo_match_set_invalid_name.go | 4 ++-- rules/models/aws_waf_ipset_invalid_name.go | 4 ++-- .../models/aws_waf_rate_based_rule_invalid_metric_name.go | 4 ++-- rules/models/aws_waf_rate_based_rule_invalid_name.go | 4 ++-- rules/models/aws_waf_regex_match_set_invalid_name.go | 4 ++-- rules/models/aws_waf_regex_pattern_set_invalid_name.go | 4 ++-- rules/models/aws_waf_rule_group_invalid_metric_name.go | 4 ++-- rules/models/aws_waf_rule_group_invalid_name.go | 4 ++-- rules/models/aws_waf_rule_invalid_metric_name.go | 4 ++-- rules/models/aws_waf_rule_invalid_name.go | 4 ++-- rules/models/aws_waf_size_constraint_set_invalid_name.go | 4 ++-- .../aws_waf_sql_injection_match_set_invalid_name.go | 4 ++-- rules/models/aws_waf_web_acl_invalid_metric_name.go | 4 ++-- rules/models/aws_waf_web_acl_invalid_name.go | 4 ++-- rules/models/aws_waf_xss_match_set_invalid_name.go | 4 ++-- .../models/aws_wafregional_byte_match_set_invalid_name.go | 4 ++-- .../models/aws_wafregional_geo_match_set_invalid_name.go | 4 ++-- rules/models/aws_wafregional_ipset_invalid_name.go | 4 ++-- ...aws_wafregional_rate_based_rule_invalid_metric_name.go | 4 ++-- .../aws_wafregional_rate_based_rule_invalid_name.go | 4 ++-- .../aws_wafregional_regex_match_set_invalid_name.go | 4 ++-- .../aws_wafregional_regex_pattern_set_invalid_name.go | 4 ++-- .../aws_wafregional_rule_group_invalid_metric_name.go | 4 ++-- rules/models/aws_wafregional_rule_group_invalid_name.go | 4 ++-- rules/models/aws_wafregional_rule_invalid_metric_name.go | 4 ++-- rules/models/aws_wafregional_rule_invalid_name.go | 4 ++-- .../aws_wafregional_size_constraint_set_invalid_name.go | 4 ++-- ...ws_wafregional_sql_injection_match_set_invalid_name.go | 4 ++-- ...afregional_web_acl_association_invalid_resource_arn.go | 4 ++-- ..._wafregional_web_acl_association_invalid_web_acl_id.go | 4 ++-- .../models/aws_wafregional_web_acl_invalid_metric_name.go | 4 ++-- rules/models/aws_wafregional_web_acl_invalid_name.go | 4 ++-- .../models/aws_wafregional_xss_match_set_invalid_name.go | 4 ++-- .../aws_wafv2_web_acl_association_invalid_resource_arn.go | 4 ++-- .../aws_wafv2_web_acl_association_invalid_web_acl_arn.go | 4 ++-- ..._web_acl_logging_configuration_invalid_resource_arn.go | 4 ++-- rules/models/generator/rule.go | 8 ++++++++ 60 files changed, 126 insertions(+), 118 deletions(-) diff --git a/rules/models/aws_config_config_rule_invalid_name.go b/rules/models/aws_config_config_rule_invalid_name.go index 1a70d04a..69b385b2 100644 --- a/rules/models/aws_config_config_rule_invalid_name.go +++ b/rules/models/aws_config_config_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsConfigConfigRuleInvalidNameRule() *AwsConfigConfigRuleInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigConfigRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go b/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go index 1f58a149..1aac0999 100644 --- a/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go +++ b/rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go @@ -29,7 +29,7 @@ func NewAwsConfigRemediationConfigurationInvalidConfigRuleNameRule() *AwsConfigR attributeName: "config_rule_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigRemediationConfigurationInvalidConfigRuleNameRule) Check(runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_elasticache_user_invalid_access_string.go b/rules/models/aws_elasticache_user_invalid_access_string.go index 50bff6af..059a5768 100644 --- a/rules/models/aws_elasticache_user_invalid_access_string.go +++ b/rules/models/aws_elasticache_user_invalid_access_string.go @@ -25,7 +25,7 @@ func NewAwsElastiCacheUserInvalidAccessStringRule() *AwsElastiCacheUserInvalidAc return &AwsElastiCacheUserInvalidAccessStringRule{ resourceType: "aws_elasticache_user", attributeName: "access_string", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsElastiCacheUserInvalidAccessStringRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_gamelift_alias_invalid_name.go b/rules/models/aws_gamelift_alias_invalid_name.go index 9bef93c8..c9cedfe9 100644 --- a/rules/models/aws_gamelift_alias_invalid_name.go +++ b/rules/models/aws_gamelift_alias_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsGameliftAliasInvalidNameRule() *AwsGameliftAliasInvalidNameRule { attributeName: "name", max: 1024, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsGameliftAliasInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_glue_schema_invalid_schema_definition.go b/rules/models/aws_glue_schema_invalid_schema_definition.go index 7001a68b..e8ef593e 100644 --- a/rules/models/aws_glue_schema_invalid_schema_definition.go +++ b/rules/models/aws_glue_schema_invalid_schema_definition.go @@ -29,7 +29,7 @@ func NewAwsGlueSchemaInvalidSchemaDefinitionRule() *AwsGlueSchemaInvalidSchemaDe attributeName: "schema_definition", max: 170000, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsGlueSchemaInvalidSchemaDefinitionRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_lightsail_instance_invalid_blueprint_id.go b/rules/models/aws_lightsail_instance_invalid_blueprint_id.go index e3d328b3..4fa15abc 100644 --- a/rules/models/aws_lightsail_instance_invalid_blueprint_id.go +++ b/rules/models/aws_lightsail_instance_invalid_blueprint_id.go @@ -25,7 +25,7 @@ func NewAwsLightsailInstanceInvalidBlueprintIDRule() *AwsLightsailInstanceInvali return &AwsLightsailInstanceInvalidBlueprintIDRule{ resourceType: "aws_lightsail_instance", attributeName: "blueprint_id", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsLightsailInstanceInvalidBlueprintIDRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_lightsail_instance_invalid_bundle_id.go b/rules/models/aws_lightsail_instance_invalid_bundle_id.go index 3d1d3833..00bb64a4 100644 --- a/rules/models/aws_lightsail_instance_invalid_bundle_id.go +++ b/rules/models/aws_lightsail_instance_invalid_bundle_id.go @@ -25,7 +25,7 @@ func NewAwsLightsailInstanceInvalidBundleIDRule() *AwsLightsailInstanceInvalidBu return &AwsLightsailInstanceInvalidBundleIDRule{ resourceType: "aws_lightsail_instance", attributeName: "bundle_id", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsLightsailInstanceInvalidBundleIDRule) Check(runner tflint.Runner) er if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_memorydb_user_invalid_access_string.go b/rules/models/aws_memorydb_user_invalid_access_string.go index 61f6d142..5b046297 100644 --- a/rules/models/aws_memorydb_user_invalid_access_string.go +++ b/rules/models/aws_memorydb_user_invalid_access_string.go @@ -25,7 +25,7 @@ func NewAwsMemoryDBUserInvalidAccessStringRule() *AwsMemoryDBUserInvalidAccessSt return &AwsMemoryDBUserInvalidAccessStringRule{ resourceType: "aws_memorydb_user", attributeName: "access_string", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsMemoryDBUserInvalidAccessStringRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go b/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go index c6221011..977d23a8 100644 --- a/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go +++ b/rules/models/aws_networkfirewall_resource_policy_invalid_policy.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallResourcePolicyInvalidPolicyRule() *AwsNetworkfirewallR attributeName: "policy", max: 395000, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallResourcePolicyInvalidPolicyRule) Check(runner tflint. if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_action_target_invalid_description.go b/rules/models/aws_securityhub_action_target_invalid_description.go index 08d94bd2..9bbd9ae8 100644 --- a/rules/models/aws_securityhub_action_target_invalid_description.go +++ b/rules/models/aws_securityhub_action_target_invalid_description.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubActionTargetInvalidDescriptionRule() *AwsSecurityhubAction return &AwsSecurityhubActionTargetInvalidDescriptionRule{ resourceType: "aws_securityhub_action_target", attributeName: "description", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubActionTargetInvalidDescriptionRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_action_target_invalid_identifier.go b/rules/models/aws_securityhub_action_target_invalid_identifier.go index e4e853d5..7999e7de 100644 --- a/rules/models/aws_securityhub_action_target_invalid_identifier.go +++ b/rules/models/aws_securityhub_action_target_invalid_identifier.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubActionTargetInvalidIdentifierRule() *AwsSecurityhubActionT return &AwsSecurityhubActionTargetInvalidIdentifierRule{ resourceType: "aws_securityhub_action_target", attributeName: "identifier", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubActionTargetInvalidIdentifierRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_action_target_invalid_name.go b/rules/models/aws_securityhub_action_target_invalid_name.go index 6b91e98e..b0c0c84c 100644 --- a/rules/models/aws_securityhub_action_target_invalid_name.go +++ b/rules/models/aws_securityhub_action_target_invalid_name.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubActionTargetInvalidNameRule() *AwsSecurityhubActionTargetI return &AwsSecurityhubActionTargetInvalidNameRule{ resourceType: "aws_securityhub_action_target", attributeName: "name", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubActionTargetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go b/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go index 0497c1cd..f8f01c92 100644 --- a/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go +++ b/rules/models/aws_securityhub_finding_aggregator_invalid_linking_mode.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubFindingAggregatorInvalidLinkingModeRule() *AwsSecurityhubF return &AwsSecurityhubFindingAggregatorInvalidLinkingModeRule{ resourceType: "aws_securityhub_finding_aggregator", attributeName: "linking_mode", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubFindingAggregatorInvalidLinkingModeRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go b/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go index 6fa8c103..c5252e00 100644 --- a/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go +++ b/rules/models/aws_securityhub_insight_invalid_group_by_attribute.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubInsightInvalidGroupByAttributeRule() *AwsSecurityhubInsigh return &AwsSecurityhubInsightInvalidGroupByAttributeRule{ resourceType: "aws_securityhub_insight", attributeName: "group_by_attribute", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubInsightInvalidGroupByAttributeRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_insight_invalid_name.go b/rules/models/aws_securityhub_insight_invalid_name.go index 2067ade9..3026688e 100644 --- a/rules/models/aws_securityhub_insight_invalid_name.go +++ b/rules/models/aws_securityhub_insight_invalid_name.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubInsightInvalidNameRule() *AwsSecurityhubInsightInvalidName return &AwsSecurityhubInsightInvalidNameRule{ resourceType: "aws_securityhub_insight", attributeName: "name", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubInsightInvalidNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go b/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go index a27c7b8e..3e1bedd5 100644 --- a/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go +++ b/rules/models/aws_securityhub_invite_accepter_invalid_master_id.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubInviteAccepterInvalidMasterIDRule() *AwsSecurityhubInviteA return &AwsSecurityhubInviteAccepterInvalidMasterIDRule{ resourceType: "aws_securityhub_invite_accepter", attributeName: "master_id", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubInviteAccepterInvalidMasterIDRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_member_invalid_email.go b/rules/models/aws_securityhub_member_invalid_email.go index 50b7da1c..fa920037 100644 --- a/rules/models/aws_securityhub_member_invalid_email.go +++ b/rules/models/aws_securityhub_member_invalid_email.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubMemberInvalidEmailRule() *AwsSecurityhubMemberInvalidEmail return &AwsSecurityhubMemberInvalidEmailRule{ resourceType: "aws_securityhub_member", attributeName: "email", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubMemberInvalidEmailRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go b/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go index 8f9ae75c..76f45227 100644 --- a/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go +++ b/rules/models/aws_securityhub_organization_admin_account_invalid_admin_account_id.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubOrganizationAdminAccountInvalidAdminAccountIDRule() *AwsSe return &AwsSecurityhubOrganizationAdminAccountInvalidAdminAccountIDRule{ resourceType: "aws_securityhub_organization_admin_account", attributeName: "admin_account_id", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubOrganizationAdminAccountInvalidAdminAccountIDRule) Check( if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go b/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go index 66f54c12..774fe781 100644 --- a/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go +++ b/rules/models/aws_securityhub_product_subscription_invalid_product_arn.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubProductSubscriptionInvalidProductArnRule() *AwsSecurityhub return &AwsSecurityhubProductSubscriptionInvalidProductArnRule{ resourceType: "aws_securityhub_product_subscription", attributeName: "product_arn", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubProductSubscriptionInvalidProductArnRule) Check(runner tf if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go b/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go index f10cf432..0bbbec41 100644 --- a/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go +++ b/rules/models/aws_securityhub_standards_control_invalid_disabled_reason.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubStandardsControlInvalidDisabledReasonRule() *AwsSecurityhu return &AwsSecurityhubStandardsControlInvalidDisabledReasonRule{ resourceType: "aws_securityhub_standards_control", attributeName: "disabled_reason", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubStandardsControlInvalidDisabledReasonRule) Check(runner t if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go b/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go index bf0121a7..18445f7f 100644 --- a/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go +++ b/rules/models/aws_securityhub_standards_control_invalid_standards_control_arn.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubStandardsControlInvalidStandardsControlArnRule() *AwsSecur return &AwsSecurityhubStandardsControlInvalidStandardsControlArnRule{ resourceType: "aws_securityhub_standards_control", attributeName: "standards_control_arn", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubStandardsControlInvalidStandardsControlArnRule) Check(run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go b/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go index fb686ca8..953471a9 100644 --- a/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go +++ b/rules/models/aws_securityhub_standards_subscription_invalid_standards_arn.go @@ -25,7 +25,7 @@ func NewAwsSecurityhubStandardsSubscriptionInvalidStandardsArnRule() *AwsSecurit return &AwsSecurityhubStandardsSubscriptionInvalidStandardsArnRule{ resourceType: "aws_securityhub_standards_subscription", attributeName: "standards_arn", - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -72,7 +72,7 @@ func (r *AwsSecurityhubStandardsSubscriptionInvalidStandardsArnRule) Check(runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_byte_match_set_invalid_name.go b/rules/models/aws_waf_byte_match_set_invalid_name.go index c4a063ff..e36cdd38 100644 --- a/rules/models/aws_waf_byte_match_set_invalid_name.go +++ b/rules/models/aws_waf_byte_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafByteMatchSetInvalidNameRule() *AwsWafByteMatchSetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafByteMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_geo_match_set_invalid_name.go b/rules/models/aws_waf_geo_match_set_invalid_name.go index f8055ffa..8d282393 100644 --- a/rules/models/aws_waf_geo_match_set_invalid_name.go +++ b/rules/models/aws_waf_geo_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafGeoMatchSetInvalidNameRule() *AwsWafGeoMatchSetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafGeoMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_ipset_invalid_name.go b/rules/models/aws_waf_ipset_invalid_name.go index 0393e500..4a3c2309 100644 --- a/rules/models/aws_waf_ipset_invalid_name.go +++ b/rules/models/aws_waf_ipset_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafIpsetInvalidNameRule() *AwsWafIpsetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafIpsetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go b/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go index 4ac3bcae..003b9622 100644 --- a/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go +++ b/rules/models/aws_waf_rate_based_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafRateBasedRuleInvalidMetricNameRule() *AwsWafRateBasedRuleInvalidMe attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRateBasedRuleInvalidMetricNameRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rate_based_rule_invalid_name.go b/rules/models/aws_waf_rate_based_rule_invalid_name.go index 5bf32b1c..92abd5e3 100644 --- a/rules/models/aws_waf_rate_based_rule_invalid_name.go +++ b/rules/models/aws_waf_rate_based_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRateBasedRuleInvalidNameRule() *AwsWafRateBasedRuleInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRateBasedRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_regex_match_set_invalid_name.go b/rules/models/aws_waf_regex_match_set_invalid_name.go index 4c7dfd9d..b33fbbb4 100644 --- a/rules/models/aws_waf_regex_match_set_invalid_name.go +++ b/rules/models/aws_waf_regex_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRegexMatchSetInvalidNameRule() *AwsWafRegexMatchSetInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRegexMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_regex_pattern_set_invalid_name.go b/rules/models/aws_waf_regex_pattern_set_invalid_name.go index 0f5ecd7b..3503570c 100644 --- a/rules/models/aws_waf_regex_pattern_set_invalid_name.go +++ b/rules/models/aws_waf_regex_pattern_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRegexPatternSetInvalidNameRule() *AwsWafRegexPatternSetInvalidName attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRegexPatternSetInvalidNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_group_invalid_metric_name.go b/rules/models/aws_waf_rule_group_invalid_metric_name.go index e5a02f5f..0bfaa94e 100644 --- a/rules/models/aws_waf_rule_group_invalid_metric_name.go +++ b/rules/models/aws_waf_rule_group_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleGroupInvalidMetricNameRule() *AwsWafRuleGroupInvalidMetricName attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleGroupInvalidMetricNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_group_invalid_name.go b/rules/models/aws_waf_rule_group_invalid_name.go index 384c06cf..fa4a3448 100644 --- a/rules/models/aws_waf_rule_group_invalid_name.go +++ b/rules/models/aws_waf_rule_group_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleGroupInvalidNameRule() *AwsWafRuleGroupInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleGroupInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_invalid_metric_name.go b/rules/models/aws_waf_rule_invalid_metric_name.go index 26ae0ba2..4f2887b4 100644 --- a/rules/models/aws_waf_rule_invalid_metric_name.go +++ b/rules/models/aws_waf_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleInvalidMetricNameRule() *AwsWafRuleInvalidMetricNameRule { attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleInvalidMetricNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_rule_invalid_name.go b/rules/models/aws_waf_rule_invalid_name.go index 8e63e40a..32197211 100644 --- a/rules/models/aws_waf_rule_invalid_name.go +++ b/rules/models/aws_waf_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafRuleInvalidNameRule() *AwsWafRuleInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_size_constraint_set_invalid_name.go b/rules/models/aws_waf_size_constraint_set_invalid_name.go index e456d3ea..4603d286 100644 --- a/rules/models/aws_waf_size_constraint_set_invalid_name.go +++ b/rules/models/aws_waf_size_constraint_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafSizeConstraintSetInvalidNameRule() *AwsWafSizeConstraintSetInvalid attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafSizeConstraintSetInvalidNameRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_sql_injection_match_set_invalid_name.go b/rules/models/aws_waf_sql_injection_match_set_invalid_name.go index dd633aea..2070d769 100644 --- a/rules/models/aws_waf_sql_injection_match_set_invalid_name.go +++ b/rules/models/aws_waf_sql_injection_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafSQLInjectionMatchSetInvalidNameRule() *AwsWafSQLInjectionMatchSetI attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafSQLInjectionMatchSetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_web_acl_invalid_metric_name.go b/rules/models/aws_waf_web_acl_invalid_metric_name.go index 5a9db282..2f84ca0a 100644 --- a/rules/models/aws_waf_web_acl_invalid_metric_name.go +++ b/rules/models/aws_waf_web_acl_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafWebACLInvalidMetricNameRule() *AwsWafWebACLInvalidMetricNameRule { attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafWebACLInvalidMetricNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_web_acl_invalid_name.go b/rules/models/aws_waf_web_acl_invalid_name.go index fc8f3a4f..09d4bf56 100644 --- a/rules/models/aws_waf_web_acl_invalid_name.go +++ b/rules/models/aws_waf_web_acl_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafWebACLInvalidNameRule() *AwsWafWebACLInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafWebACLInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_waf_xss_match_set_invalid_name.go b/rules/models/aws_waf_xss_match_set_invalid_name.go index 1cde1321..414e8459 100644 --- a/rules/models/aws_waf_xss_match_set_invalid_name.go +++ b/rules/models/aws_waf_xss_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafXSSMatchSetInvalidNameRule() *AwsWafXSSMatchSetInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafXSSMatchSetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_byte_match_set_invalid_name.go b/rules/models/aws_wafregional_byte_match_set_invalid_name.go index ea29ad13..d27d1a42 100644 --- a/rules/models/aws_wafregional_byte_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_byte_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalByteMatchSetInvalidNameRule() *AwsWafregionalByteMatchSetI attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalByteMatchSetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_geo_match_set_invalid_name.go b/rules/models/aws_wafregional_geo_match_set_invalid_name.go index 04c28bbb..202b2d2f 100644 --- a/rules/models/aws_wafregional_geo_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_geo_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalGeoMatchSetInvalidNameRule() *AwsWafregionalGeoMatchSetInv attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalGeoMatchSetInvalidNameRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_ipset_invalid_name.go b/rules/models/aws_wafregional_ipset_invalid_name.go index d1be5aae..b045fe6a 100644 --- a/rules/models/aws_wafregional_ipset_invalid_name.go +++ b/rules/models/aws_wafregional_ipset_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalIpsetInvalidNameRule() *AwsWafregionalIpsetInvalidNameRule attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalIpsetInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go b/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go index afaeb2e6..91d56f53 100644 --- a/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go +++ b/rules/models/aws_wafregional_rate_based_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRateBasedRuleInvalidMetricNameRule() *AwsWafregionalRateBa attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRateBasedRuleInvalidMetricNameRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rate_based_rule_invalid_name.go b/rules/models/aws_wafregional_rate_based_rule_invalid_name.go index 765007be..8d657c28 100644 --- a/rules/models/aws_wafregional_rate_based_rule_invalid_name.go +++ b/rules/models/aws_wafregional_rate_based_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRateBasedRuleInvalidNameRule() *AwsWafregionalRateBasedRul attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRateBasedRuleInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_regex_match_set_invalid_name.go b/rules/models/aws_wafregional_regex_match_set_invalid_name.go index 0d01e3f9..3307b6ee 100644 --- a/rules/models/aws_wafregional_regex_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_regex_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRegexMatchSetInvalidNameRule() *AwsWafregionalRegexMatchSe attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRegexMatchSetInvalidNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go b/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go index 1e77f71d..e2c03b3e 100644 --- a/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go +++ b/rules/models/aws_wafregional_regex_pattern_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRegexPatternSetInvalidNameRule() *AwsWafregionalRegexPatte attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRegexPatternSetInvalidNameRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_group_invalid_metric_name.go b/rules/models/aws_wafregional_rule_group_invalid_metric_name.go index 620f2b22..52392666 100644 --- a/rules/models/aws_wafregional_rule_group_invalid_metric_name.go +++ b/rules/models/aws_wafregional_rule_group_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleGroupInvalidMetricNameRule() *AwsWafregionalRuleGroupI attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleGroupInvalidMetricNameRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_group_invalid_name.go b/rules/models/aws_wafregional_rule_group_invalid_name.go index 80288aa2..e28def48 100644 --- a/rules/models/aws_wafregional_rule_group_invalid_name.go +++ b/rules/models/aws_wafregional_rule_group_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleGroupInvalidNameRule() *AwsWafregionalRuleGroupInvalid attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleGroupInvalidNameRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_invalid_metric_name.go b/rules/models/aws_wafregional_rule_invalid_metric_name.go index b147b3a1..a90d7c17 100644 --- a/rules/models/aws_wafregional_rule_invalid_metric_name.go +++ b/rules/models/aws_wafregional_rule_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleInvalidMetricNameRule() *AwsWafregionalRuleInvalidMetr attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleInvalidMetricNameRule) Check(runner tflint.Runner) er if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_rule_invalid_name.go b/rules/models/aws_wafregional_rule_invalid_name.go index 79f7cac3..c1f30eb9 100644 --- a/rules/models/aws_wafregional_rule_invalid_name.go +++ b/rules/models/aws_wafregional_rule_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalRuleInvalidNameRule() *AwsWafregionalRuleInvalidNameRule { attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalRuleInvalidNameRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_size_constraint_set_invalid_name.go b/rules/models/aws_wafregional_size_constraint_set_invalid_name.go index 5ebfe718..63653440 100644 --- a/rules/models/aws_wafregional_size_constraint_set_invalid_name.go +++ b/rules/models/aws_wafregional_size_constraint_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalSizeConstraintSetInvalidNameRule() *AwsWafregionalSizeCons attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalSizeConstraintSetInvalidNameRule) Check(runner tflint.Run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go b/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go index 9fde1165..85e490f5 100644 --- a/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_sql_injection_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalSQLInjectionMatchSetInvalidNameRule() *AwsWafregionalSQLIn attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalSQLInjectionMatchSetInvalidNameRule) Check(runner tflint. if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go b/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go index a3538f70..aba00bf5 100644 --- a/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go +++ b/rules/models/aws_wafregional_web_acl_association_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLAssociationInvalidResourceArnRule() *AwsWafregionalW attributeName: "resource_arn", max: 1224, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLAssociationInvalidResourceArnRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go b/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go index c65b18ff..4142b283 100644 --- a/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go +++ b/rules/models/aws_wafregional_web_acl_association_invalid_web_acl_id.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLAssociationInvalidWebACLIDRule() *AwsWafregionalWebA attributeName: "web_acl_id", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLAssociationInvalidWebACLIDRule) Check(runner tflint if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_invalid_metric_name.go b/rules/models/aws_wafregional_web_acl_invalid_metric_name.go index 95e7d54b..3b271593 100644 --- a/rules/models/aws_wafregional_web_acl_invalid_metric_name.go +++ b/rules/models/aws_wafregional_web_acl_invalid_metric_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLInvalidMetricNameRule() *AwsWafregionalWebACLInvalid attributeName: "metric_name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLInvalidMetricNameRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_web_acl_invalid_name.go b/rules/models/aws_wafregional_web_acl_invalid_name.go index 0757e24e..a6f1dd5f 100644 --- a/rules/models/aws_wafregional_web_acl_invalid_name.go +++ b/rules/models/aws_wafregional_web_acl_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalWebACLInvalidNameRule() *AwsWafregionalWebACLInvalidNameRu attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalWebACLInvalidNameRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafregional_xss_match_set_invalid_name.go b/rules/models/aws_wafregional_xss_match_set_invalid_name.go index a26d875f..0616d486 100644 --- a/rules/models/aws_wafregional_xss_match_set_invalid_name.go +++ b/rules/models/aws_wafregional_xss_match_set_invalid_name.go @@ -29,7 +29,7 @@ func NewAwsWafregionalXSSMatchSetInvalidNameRule() *AwsWafregionalXSSMatchSetInv attributeName: "name", max: 128, min: 1, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafregionalXSSMatchSetInvalidNameRule) Check(runner tflint.Runner) e if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go b/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go index 4b64b362..0f6b2727 100644 --- a/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go +++ b/rules/models/aws_wafv2_web_acl_association_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsWafv2WebACLAssociationInvalidResourceArnRule() *AwsWafv2WebACLAssocia attributeName: "resource_arn", max: 2048, min: 20, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafv2WebACLAssociationInvalidResourceArnRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go b/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go index 9449c855..a70fefc6 100644 --- a/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go +++ b/rules/models/aws_wafv2_web_acl_association_invalid_web_acl_arn.go @@ -29,7 +29,7 @@ func NewAwsWafv2WebACLAssociationInvalidWebACLArnRule() *AwsWafv2WebACLAssociati attributeName: "web_acl_arn", max: 2048, min: 20, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafv2WebACLAssociationInvalidWebACLArnRule) Check(runner tflint.Runn if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go b/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go index 2f12d774..1eed536d 100644 --- a/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go +++ b/rules/models/aws_wafv2_web_acl_logging_configuration_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsWafv2WebACLLoggingConfigurationInvalidResourceArnRule() *AwsWafv2WebA attributeName: "resource_arn", max: 2048, min: 20, - pattern: regexp.MustCompile(`^\S$`), + pattern: regexp.MustCompile(`^.*\S.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsWafv2WebACLLoggingConfigurationInvalidResourceArnRule) Check(runner if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/generator/rule.go b/rules/models/generator/rule.go index fd62337c..512f7478 100644 --- a/rules/models/generator/rule.go +++ b/rules/models/generator/rule.go @@ -121,6 +121,14 @@ func replacePattern(pattern string) string { // Handle patterns missing anchors if !strings.HasPrefix(replaced, "^") && !strings.HasSuffix(replaced, "$") { + // The Smithy models contain pattern "\S" (single non-whitespace character) + // for many string fields (ResourceName, ResourceArn, etc). This is clearly + // incorrect for fields that can be 1-128 characters. The Ruby SDK generator + // produced "^.*\S.*$" (contains non-whitespace) for these same fields. + // We maintain this transformation for backward compatibility. + if replaced == "\\S" { + return "^.*\\S.*$" + } replaced = fmt.Sprintf("^%s$", replaced) } From 71da4daa74d566c798dff0b9831d60d3973a4f6e Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Wed, 12 Nov 2025 18:33:58 -0800 Subject: [PATCH 7/9] Fix pattern anchor completion for partial Smithy patterns MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Smithy models contain many incomplete patterns that are missing anchors. The Ruby SDK generator added both ^ and $ anchors to ensure patterns match entire strings, but used different strategies: 1. Patterns ending with quantifiers (* + ? {}) just need $ Example: "^[a-z]*" → "^[a-z]*$" 2. Patterns ending with delimiters (: /) or literals need .*$ Example: "^arn:" → "^arn:.*$" (matches "arn:aws:...") Example: "^s3://" → "^s3://.*$" (matches "s3://bucket/key") 3. Bare modifier patterns need .*$ Example: "^(?s)" → "^(?s).*$" (matches any content in dotall mode) This commit implements these heuristics to maintain backward compatibility with the Ruby SDK generator, affecting ~20 patterns across various AWS services. --- ...lify_app_invalid_basic_auth_credentials.go | 4 +- .../aws_amplify_app_invalid_description.go | 4 +- ...mplify_app_invalid_iam_service_role_arn.go | 4 +- .../aws_amplify_app_invalid_oauth_token.go | 4 +- .../aws_amplify_app_invalid_repository.go | 4 +- ..._branch_invalid_backend_environment_arn.go | 4 +- ...y_branch_invalid_basic_auth_credentials.go | 4 +- .../aws_amplify_branch_invalid_description.go | 4 +- ...aws_amplify_branch_invalid_display_name.go | 4 +- .../aws_amplify_branch_invalid_framework.go | 4 +- ...h_invalid_pull_request_environment_name.go | 4 +- ...aws_amplify_webhook_invalid_description.go | 4 +- ...oudwatch_metric_alarm_invalid_namespace.go | 4 +- ...tch_metric_alarm_invalid_namespace_test.go | 2 +- ...onformance_pack_invalid_template_s3_uri.go | 4 +- ...onformance_pack_invalid_template_s3_uri.go | 4 +- ...lication_invalid_service_execution_role.go | 4 +- ...ll_firewall_invalid_firewall_policy_arn.go | 4 +- ...ging_configuration_invalid_firewall_arn.go | 4 +- ...ll_resource_policy_invalid_resource_arn.go | 4 +- ..._shield_protection_invalid_resource_arn.go | 4 +- rules/models/generator/rule.go | 70 +++++++++++++++++-- 22 files changed, 105 insertions(+), 47 deletions(-) diff --git a/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go b/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go index e05eeda5..78b5080f 100644 --- a/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go +++ b/rules/models/aws_amplify_app_invalid_basic_auth_credentials.go @@ -26,7 +26,7 @@ func NewAwsAmplifyAppInvalidBasicAuthCredentialsRule() *AwsAmplifyAppInvalidBasi resourceType: "aws_amplify_app", attributeName: "basic_auth_credentials", max: 2000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -80,7 +80,7 @@ func (r *AwsAmplifyAppInvalidBasicAuthCredentialsRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - `basic_auth_credentials does not match valid pattern ^(?s)`, + `basic_auth_credentials does not match valid pattern ^(?s).*$`, attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_description.go b/rules/models/aws_amplify_app_invalid_description.go index 8cd8b55d..b6e3d615 100644 --- a/rules/models/aws_amplify_app_invalid_description.go +++ b/rules/models/aws_amplify_app_invalid_description.go @@ -27,7 +27,7 @@ func NewAwsAmplifyAppInvalidDescriptionRule() *AwsAmplifyAppInvalidDescriptionRu resourceType: "aws_amplify_app", attributeName: "description", max: 1000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyAppInvalidDescriptionRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go b/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go index f3480684..a8a6350a 100644 --- a/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go +++ b/rules/models/aws_amplify_app_invalid_iam_service_role_arn.go @@ -27,7 +27,7 @@ func NewAwsAmplifyAppInvalidIAMServiceRoleArnRule() *AwsAmplifyAppInvalidIAMServ resourceType: "aws_amplify_app", attributeName: "iam_service_role_arn", max: 1000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyAppInvalidIAMServiceRoleArnRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_oauth_token.go b/rules/models/aws_amplify_app_invalid_oauth_token.go index 2cf2a1d9..d9db3df0 100644 --- a/rules/models/aws_amplify_app_invalid_oauth_token.go +++ b/rules/models/aws_amplify_app_invalid_oauth_token.go @@ -26,7 +26,7 @@ func NewAwsAmplifyAppInvalidOAuthTokenRule() *AwsAmplifyAppInvalidOAuthTokenRule resourceType: "aws_amplify_app", attributeName: "oauth_token", max: 1000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -80,7 +80,7 @@ func (r *AwsAmplifyAppInvalidOAuthTokenRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - `oauth_token does not match valid pattern ^(?s)`, + `oauth_token does not match valid pattern ^(?s).*$`, attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_app_invalid_repository.go b/rules/models/aws_amplify_app_invalid_repository.go index 15eb0695..2ebd1a50 100644 --- a/rules/models/aws_amplify_app_invalid_repository.go +++ b/rules/models/aws_amplify_app_invalid_repository.go @@ -27,7 +27,7 @@ func NewAwsAmplifyAppInvalidRepositoryRule() *AwsAmplifyAppInvalidRepositoryRule resourceType: "aws_amplify_app", attributeName: "repository", max: 1000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyAppInvalidRepositoryRule) Check(runner tflint.Runner) error { if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go b/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go index e79adf0f..ea7e68b7 100644 --- a/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go +++ b/rules/models/aws_amplify_branch_invalid_backend_environment_arn.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidBackendEnvironmentArnRule() *AwsAmplifyBranchInva resourceType: "aws_amplify_branch", attributeName: "backend_environment_arn", max: 1000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidBackendEnvironmentArnRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go b/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go index cd430646..773fa251 100644 --- a/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go +++ b/rules/models/aws_amplify_branch_invalid_basic_auth_credentials.go @@ -26,7 +26,7 @@ func NewAwsAmplifyBranchInvalidBasicAuthCredentialsRule() *AwsAmplifyBranchInval resourceType: "aws_amplify_branch", attributeName: "basic_auth_credentials", max: 2000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -80,7 +80,7 @@ func (r *AwsAmplifyBranchInvalidBasicAuthCredentialsRule) Check(runner tflint.Ru if !r.pattern.MatchString(val) { runner.EmitIssue( r, - `basic_auth_credentials does not match valid pattern ^(?s)`, + `basic_auth_credentials does not match valid pattern ^(?s).*$`, attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_description.go b/rules/models/aws_amplify_branch_invalid_description.go index de6f2436..9dc75bb1 100644 --- a/rules/models/aws_amplify_branch_invalid_description.go +++ b/rules/models/aws_amplify_branch_invalid_description.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidDescriptionRule() *AwsAmplifyBranchInvalidDescrip resourceType: "aws_amplify_branch", attributeName: "description", max: 1000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidDescriptionRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_display_name.go b/rules/models/aws_amplify_branch_invalid_display_name.go index a76e08ba..6e8a85cf 100644 --- a/rules/models/aws_amplify_branch_invalid_display_name.go +++ b/rules/models/aws_amplify_branch_invalid_display_name.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidDisplayNameRule() *AwsAmplifyBranchInvalidDisplay resourceType: "aws_amplify_branch", attributeName: "display_name", max: 255, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidDisplayNameRule) Check(runner tflint.Runner) err if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_framework.go b/rules/models/aws_amplify_branch_invalid_framework.go index d645ef7f..b481a496 100644 --- a/rules/models/aws_amplify_branch_invalid_framework.go +++ b/rules/models/aws_amplify_branch_invalid_framework.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidFrameworkRule() *AwsAmplifyBranchInvalidFramework resourceType: "aws_amplify_branch", attributeName: "framework", max: 255, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidFrameworkRule) Check(runner tflint.Runner) error if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go b/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go index b98fa4d0..c51f9a06 100644 --- a/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go +++ b/rules/models/aws_amplify_branch_invalid_pull_request_environment_name.go @@ -27,7 +27,7 @@ func NewAwsAmplifyBranchInvalidPullRequestEnvironmentNameRule() *AwsAmplifyBranc resourceType: "aws_amplify_branch", attributeName: "pull_request_environment_name", max: 20, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyBranchInvalidPullRequestEnvironmentNameRule) Check(runner tfl if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_amplify_webhook_invalid_description.go b/rules/models/aws_amplify_webhook_invalid_description.go index 9fc709f8..26c91490 100644 --- a/rules/models/aws_amplify_webhook_invalid_description.go +++ b/rules/models/aws_amplify_webhook_invalid_description.go @@ -27,7 +27,7 @@ func NewAwsAmplifyWebhookInvalidDescriptionRule() *AwsAmplifyWebhookInvalidDescr resourceType: "aws_amplify_webhook", attributeName: "description", max: 1000, - pattern: regexp.MustCompile(`^(?s)`), + pattern: regexp.MustCompile(`^(?s).*$`), } } @@ -81,7 +81,7 @@ func (r *AwsAmplifyWebhookInvalidDescriptionRule) Check(runner tflint.Runner) er if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(?s).*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go index 1fded47a..58189e32 100644 --- a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go +++ b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace.go @@ -29,7 +29,7 @@ func NewAwsCloudwatchMetricAlarmInvalidNamespaceRule() *AwsCloudwatchMetricAlarm attributeName: "namespace", max: 255, min: 1, - pattern: regexp.MustCompile(`^[^:]`), + pattern: regexp.MustCompile(`^[^:].*$`), } } @@ -90,7 +90,7 @@ func (r *AwsCloudwatchMetricAlarmInvalidNamespaceRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[^:]`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[^:].*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go index 58affec9..eefd5fe6 100644 --- a/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go +++ b/rules/models/aws_cloudwatch_metric_alarm_invalid_namespace_test.go @@ -24,7 +24,7 @@ resource "aws_cloudwatch_metric_alarm" "foo" { Expected: helper.Issues{ { Rule: NewAwsCloudwatchMetricAlarmInvalidNamespaceRule(), - Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(":EC2"), `^[^:]`), + Message: fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(":EC2"), `^[^:].*$`), }, }, }, diff --git a/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go b/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go index 7dbc4638..518b6f47 100644 --- a/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go +++ b/rules/models/aws_config_conformance_pack_invalid_template_s3_uri.go @@ -29,7 +29,7 @@ func NewAwsConfigConformancePackInvalidTemplateS3URIRule() *AwsConfigConformance attributeName: "template_s3_uri", max: 1024, min: 1, - pattern: regexp.MustCompile(`^s3://`), + pattern: regexp.MustCompile(`^s3://.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigConformancePackInvalidTemplateS3URIRule) Check(runner tflint.R if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go b/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go index 205f50c9..1b971c37 100644 --- a/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go +++ b/rules/models/aws_config_organization_conformance_pack_invalid_template_s3_uri.go @@ -29,7 +29,7 @@ func NewAwsConfigOrganizationConformancePackInvalidTemplateS3URIRule() *AwsConfi attributeName: "template_s3_uri", max: 1024, min: 1, - pattern: regexp.MustCompile(`^s3://`), + pattern: regexp.MustCompile(`^s3://.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsConfigOrganizationConformancePackInvalidTemplateS3URIRule) Check(run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^s3://.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go b/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go index c1cb539f..162010b3 100644 --- a/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go +++ b/rules/models/aws_kinesisanalyticsv2_application_invalid_service_execution_role.go @@ -29,7 +29,7 @@ func NewAwsKinesisanalyticsv2ApplicationInvalidServiceExecutionRoleRule() *AwsKi attributeName: "service_execution_role", max: 2048, min: 1, - pattern: regexp.MustCompile(`^arn:`), + pattern: regexp.MustCompile(`^arn:.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsKinesisanalyticsv2ApplicationInvalidServiceExecutionRoleRule) Check( if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go b/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go index eb1bddc1..50fe9a54 100644 --- a/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go +++ b/rules/models/aws_networkfirewall_firewall_invalid_firewall_policy_arn.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallFirewallInvalidFirewallPolicyArnRule() *AwsNetworkfire attributeName: "firewall_policy_arn", max: 256, min: 1, - pattern: regexp.MustCompile(`^arn:aws`), + pattern: regexp.MustCompile(`^arn:aws.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallFirewallInvalidFirewallPolicyArnRule) Check(runner tf if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go b/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go index d00554b9..8420c27e 100644 --- a/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go +++ b/rules/models/aws_networkfirewall_logging_configuration_invalid_firewall_arn.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallLoggingConfigurationInvalidFirewallArnRule() *AwsNetwo attributeName: "firewall_arn", max: 256, min: 1, - pattern: regexp.MustCompile(`^arn:aws`), + pattern: regexp.MustCompile(`^arn:aws.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallLoggingConfigurationInvalidFirewallArnRule) Check(run if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go b/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go index a1fac3a0..51d0cd91 100644 --- a/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go +++ b/rules/models/aws_networkfirewall_resource_policy_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsNetworkfirewallResourcePolicyInvalidResourceArnRule() *AwsNetworkfire attributeName: "resource_arn", max: 256, min: 1, - pattern: regexp.MustCompile(`^arn:aws`), + pattern: regexp.MustCompile(`^arn:aws.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallResourcePolicyInvalidResourceArnRule) Check(runner tf if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_shield_protection_invalid_resource_arn.go b/rules/models/aws_shield_protection_invalid_resource_arn.go index b7f8eee6..8991816e 100644 --- a/rules/models/aws_shield_protection_invalid_resource_arn.go +++ b/rules/models/aws_shield_protection_invalid_resource_arn.go @@ -29,7 +29,7 @@ func NewAwsShieldProtectionInvalidResourceArnRule() *AwsShieldProtectionInvalidR attributeName: "resource_arn", max: 2048, min: 1, - pattern: regexp.MustCompile(`^arn:aws`), + pattern: regexp.MustCompile(`^arn:aws.*$`), } } @@ -90,7 +90,7 @@ func (r *AwsShieldProtectionInvalidResourceArnRule) Check(runner tflint.Runner) if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws.*$`), attribute.Expr.Range(), ) } diff --git a/rules/models/generator/rule.go b/rules/models/generator/rule.go index 512f7478..11ea90fd 100644 --- a/rules/models/generator/rule.go +++ b/rules/models/generator/rule.go @@ -120,16 +120,74 @@ func replacePattern(pattern string) string { replaced := unicodeEscapeRegex.ReplaceAllString(pattern, `\x{$1}`) // Handle patterns missing anchors - if !strings.HasPrefix(replaced, "^") && !strings.HasSuffix(replaced, "$") { - // The Smithy models contain pattern "\S" (single non-whitespace character) - // for many string fields (ResourceName, ResourceArn, etc). This is clearly - // incorrect for fields that can be 1-128 characters. The Ruby SDK generator - // produced "^.*\S.*$" (contains non-whitespace) for these same fields. - // We maintain this transformation for backward compatibility. + // The Ruby SDK generator ensured all patterns had both ^ and $ anchors. + // Smithy models often have incomplete patterns (e.g., "^(?s)" or "[a-z]*"). + // We add missing anchors to maintain backward compatibility. + hasPrefix := strings.HasPrefix(replaced, "^") + hasSuffix := strings.HasSuffix(replaced, "$") + + if !hasPrefix && !hasSuffix { + // No anchors at all + // Special case: \S in Smithy means "contains non-whitespace", not "is single non-whitespace char" if replaced == "\\S" { return "^.*\\S.*$" } replaced = fmt.Sprintf("^%s$", replaced) + } else if !hasPrefix { + // Has $ but missing ^ + replaced = "^" + replaced + } else if !hasSuffix { + // Has ^ but missing $ + // Check if pattern is just a modifier with no actual content + // e.g., "^(?s)" or "^(?i)" - these need .*$ to be useful + bareModifiers := []string{"^(?s)", "^(?i)", "^(?m)", "^(?s)(?i)", "^(?i)(?s)"} + isBareModifier := false + for _, mod := range bareModifiers { + if replaced == mod { + isBareModifier = true + break + } + } + + if isBareModifier { + // Bare modifier - add .*$ to match any content + // e.g., "^(?s)" becomes "^(?s).*$" + replaced = replaced + ".*$" + } else { + // Check if pattern looks like a prefix pattern (ends with delimiter or literal) + // These should match "starts with X" not "equals exactly X" + isPrefixPattern := false + lastChar := replaced[len(replaced)-1] + + // Common delimiters in ARNs, URIs, paths that indicate "starts with" + if lastChar == ':' || lastChar == '/' { + isPrefixPattern = true + } + // Patterns ending with quantifiers already match variable length + // e.g., "^[a-z]*" matches zero or more, just needs $ + // But patterns without quantifiers need .*$ for variable length + // e.g., "^arn" should be "^arn.*$" not "^arn$" + if lastChar == '*' || lastChar == '+' || lastChar == '?' || lastChar == '}' { + isPrefixPattern = false // Has quantifier, just add $ + } else if lastChar == ']' || lastChar == ')' || lastChar >= 'a' && lastChar <= 'z' || lastChar >= 'A' && lastChar <= 'Z' { + // Ends with literal character, character class, or group without quantifier + // Check if this is a pattern that should match exact length or variable length + // For now, treat patterns without quantifiers as needing .*$ for safety + // This matches Ruby SDK behavior + isPrefixPattern = true + } + + if isPrefixPattern { + // Prefix pattern - add .*$ to match remainder + // e.g., "^arn:" becomes "^arn:.*$", "^s3://" becomes "^s3://.*$" + // e.g., "^[a-z]" becomes "^[a-z].*$" + replaced = replaced + ".*$" + } else { + // Pattern with quantifier - just add $ + // e.g., "^[a-z]*" becomes "^[a-z]*$" + replaced = replaced + "$" + } + } } // Apply compatibility transforms to maintain backward compatibility with Ruby SDK From fc5e7feee6927f09e598683e990aa806e576d7ab Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Wed, 12 Nov 2025 18:52:45 -0800 Subject: [PATCH 8/9] Remove unnecessary WorkSpaces pattern transform The Smithy pattern for WorkSpaces directory IDs has a redundant trailing $ anchor: `^(d-...$)|(wsd-...$)$` While the final $ is redundant (both branches already have $), it doesn't change behavior - the patterns are functionally identical. Master was missing this final $, but there's no benefit to removing it, so keep the Smithy pattern as-is to minimize diffs. --- .../aws_workspaces_directory_invalid_directory_id.go | 4 ++-- .../aws_workspaces_workspace_invalid_directory_id.go | 4 ++-- rules/models/generator/rule.go | 10 +--------- 3 files changed, 5 insertions(+), 13 deletions(-) diff --git a/rules/models/aws_workspaces_directory_invalid_directory_id.go b/rules/models/aws_workspaces_directory_invalid_directory_id.go index 7d678158..6b8037d1 100644 --- a/rules/models/aws_workspaces_directory_invalid_directory_id.go +++ b/rules/models/aws_workspaces_directory_invalid_directory_id.go @@ -29,7 +29,7 @@ func NewAwsWorkspacesDirectoryInvalidDirectoryIDRule() *AwsWorkspacesDirectoryIn attributeName: "directory_id", max: 65, min: 10, - pattern: regexp.MustCompile(`(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + pattern: regexp.MustCompile(`^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)$`), } } @@ -90,7 +90,7 @@ func (r *AwsWorkspacesDirectoryInvalidDirectoryIDRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)$`), attribute.Expr.Range(), ) } diff --git a/rules/models/aws_workspaces_workspace_invalid_directory_id.go b/rules/models/aws_workspaces_workspace_invalid_directory_id.go index d9763654..ab4d8c54 100644 --- a/rules/models/aws_workspaces_workspace_invalid_directory_id.go +++ b/rules/models/aws_workspaces_workspace_invalid_directory_id.go @@ -29,7 +29,7 @@ func NewAwsWorkspacesWorkspaceInvalidDirectoryIDRule() *AwsWorkspacesWorkspaceIn attributeName: "directory_id", max: 65, min: 10, - pattern: regexp.MustCompile(`(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + pattern: regexp.MustCompile(`^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)$`), } } @@ -90,7 +90,7 @@ func (r *AwsWorkspacesWorkspaceInvalidDirectoryIDRule) Check(runner tflint.Runne if !r.pattern.MatchString(val) { runner.EmitIssue( r, - fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)`), + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)$`), attribute.Expr.Range(), ) } diff --git a/rules/models/generator/rule.go b/rules/models/generator/rule.go index 11ea90fd..f9e2b065 100644 --- a/rules/models/generator/rule.go +++ b/rules/models/generator/rule.go @@ -217,15 +217,7 @@ func applyCompatibilityTransforms(pattern string) string { "^\\{####\\}$": "^.*\\{####\\}.*$", } - // WorkSpaces directory IDs: Smithy pattern has redundant end anchors ($) - // inside each alternation branch AND at the end of the pattern. - // Pattern "(foo$)|(bar$)$" is equivalent to "(foo)|(bar)" when the outer - // anchors are present. Remove inner anchors for cleaner regex. - workspacesDirectoryPatterns := map[string]string{ - "^(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)$": "(d-[0-9a-f]{8,63}$)|(wsd-[0-9a-z]{8,63}$)", - } - - for _, transforms := range []map[string]string{arnRolePatterns, cognitoMessagePatterns, workspacesDirectoryPatterns} { + for _, transforms := range []map[string]string{arnRolePatterns, cognitoMessagePatterns} { if transformed, exists := transforms[pattern]; exists { return transformed } From db2dba17ee764e7cd3ab039b7dd59878a0518a15 Mon Sep 17 00:00:00 2001 From: Ben Drucker Date: Wed, 12 Nov 2025 19:43:30 -0800 Subject: [PATCH 9/9] Improve error handling in generator - Use two-value form for type assertion to avoid panic - Use %q for consistent string formatting in error messages --- rules/models/generator/main.go | 2 +- rules/models/generator/rule.go | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/rules/models/generator/main.go b/rules/models/generator/main.go index c23b3348..cf6ee5eb 100644 --- a/rules/models/generator/main.go +++ b/rules/models/generator/main.go @@ -109,7 +109,7 @@ func main() { model := findShape(shapes, shapeName) if model == nil { - fmt.Printf("Shape `%s` not found, skipping\n", shapeName) + fmt.Printf("Shape %q not found, skipping\n", shapeName) continue } diff --git a/rules/models/generator/rule.go b/rules/models/generator/rule.go index f9e2b065..3b243183 100644 --- a/rules/models/generator/rule.go +++ b/rules/models/generator/rule.go @@ -93,7 +93,11 @@ func fetchStrings(model map[string]interface{}, key string) []string { case []interface{}: ret := make([]string, len(v)) for i, item := range v { - ret[i] = item.(string) + str, ok := item.(string) + if !ok { + return []string{} + } + ret[i] = str } return ret case []string: