ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
terraform/builtin/providers/aws/validators.go

894 lines
26 KiB
Go
Raw Normal View History

provider/aws: Separate existing validate functions
2015-12-23 15:11:45 +01:00
package aws
import (
"fmt"
provider/aws: improve vpc cidr_block err message Pull CIDR block validation into a shared func ready to be used elsewhere Example of new err message: ``` Errors: * aws_vpc.foo: "cidr_block" must contain a valid network CIDR, expected "10.0.0.0/16", got "10.0.1.0/16" ```
2016-02-22 22:05:55 +01:00
"net"
provider/aws: Separate existing validate functions
2015-12-23 15:11:45 +01:00
"regexp"
provider/aws: Improved the SNS topic subscription protocols validation
2016-12-13 17:54:52 +01:00
"strings"
provider/aws: Separate existing validate functions
2015-12-23 15:11:45 +01:00
"time"
provider/aws: Add CloudWatch Event Rule
2016-01-29 20:13:52 +01:00
provider/aws: Add support S3 Object Lifecycle Rule (#6220) * providers/aws: Add support S3 Object Lifecycle Rule * Fix failed vet command * Fix failed acceptance tests * Check nil pointer before dereference. * Move S3 lifecycle rule id validator func to validators.go * Don't fail when get lifecycle rule's response code is 404
2016-04-20 12:16:14 +02:00
"github.com/aws/aws-sdk-go/service/s3"
provider/aws: Add CloudWatch Event Rule
2016-01-29 20:13:52 +01:00
"github.com/hashicorp/terraform/helper/schema"
provider/aws: Separate existing validate functions
2015-12-23 15:11:45 +01:00
)
func validateRdsId(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
provider/aws: Extends the `aws_elasticache_cluster` validation (#6332) The validation as part of #6330 was only for length. This PR adds the rules for alphanumeric, not having -- within, not ending with a - and that the id must start with a letter. The PR also adds tests for these rules
2016-04-25 22:44:55 +02:00
if !regexp.MustCompile(`^[0-9a-z-]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"only lowercase alphanumeric characters and hyphens allowed in %q", k))
}
if !regexp.MustCompile(`^[a-z]`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"first character of %q must be a letter", k))
}
if regexp.MustCompile(`--`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot contain two consecutive hyphens", k))
}
if regexp.MustCompile(`-$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot end with a hyphen", k))
}
return
}
func validateElastiCacheClusterId(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if (len(value) < 1) || (len(value) > 20) {
errors = append(errors, fmt.Errorf(
"%q must contain from 1 to 20 alphanumeric characters or hyphens", k))
}
provider/aws: Separate existing validate functions
2015-12-23 15:11:45 +01:00
if !regexp.MustCompile(`^[0-9a-z-]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"only lowercase alphanumeric characters and hyphens allowed in %q", k))
}
if !regexp.MustCompile(`^[a-z]`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"first character of %q must be a letter", k))
}
if regexp.MustCompile(`--`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot contain two consecutive hyphens", k))
}
if regexp.MustCompile(`-$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot end with a hyphen", k))
}
return
}
func validateASGScheduleTimestamp(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
_, err := time.Parse(awsAutoscalingScheduleTimeLayout, value)
if err != nil {
errors = append(errors, fmt.Errorf(
"%q cannot be parsed as iso8601 Timestamp Format", value))
}
return
}
// validateTagFilters confirms the "value" component of a tag filter is one of
// AWS's three allowed types.
func validateTagFilters(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if value != "KEY_ONLY" && value != "VALUE_ONLY" && value != "KEY_AND_VALUE" {
errors = append(errors, fmt.Errorf(
"%q must be one of \"KEY_ONLY\", \"VALUE_ONLY\", or \"KEY_AND_VALUE\"", k))
}
return
}
func validateDbParamGroupName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if !regexp.MustCompile(`^[0-9a-z-]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"only lowercase alphanumeric characters and hyphens allowed in %q", k))
}
if !regexp.MustCompile(`^[a-z]`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"first character of %q must be a letter", k))
}
if regexp.MustCompile(`--`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot contain two consecutive hyphens", k))
}
if regexp.MustCompile(`-$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot end with a hyphen", k))
}
if len(value) > 255 {
errors = append(errors, fmt.Errorf(
"%q cannot be greater than 255 characters", k))
}
return
}
func validateStreamViewType(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
viewTypes := map[string]bool{
"KEYS_ONLY": true,
"NEW_IMAGE": true,
"OLD_IMAGE": true,
"NEW_AND_OLD_IMAGES": true,
}
if !viewTypes[value] {
errors = append(errors, fmt.Errorf("%q be a valid DynamoDB StreamViewType", k))
}
return
}
func validateElbName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if !regexp.MustCompile(`^[0-9A-Za-z-]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"only alphanumeric characters and hyphens allowed in %q: %q",
k, value))
}
if len(value) > 32 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 32 characters: %q", k, value))
}
if regexp.MustCompile(`^-`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot begin with a hyphen: %q", k, value))
}
if regexp.MustCompile(`-$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q cannot end with a hyphen: %q", k, value))
}
return
}
aws: Add validation for ECR repository name
2015-12-23 16:07:39 +01:00
func validateEcrRepositoryName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) < 2 {
errors = append(errors, fmt.Errorf(
"%q must be at least 2 characters long: %q", k, value))
}
if len(value) > 256 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 256 characters: %q", k, value))
}
// http://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CreateRepository.html
pattern := `^(?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)*$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}
return
}
provider/aws: Add CloudWatch Event Rule
2016-01-29 20:13:52 +01:00
func validateCloudWatchEventRuleName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 64 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 64 characters: %q", k, value))
}
// http://docs.aws.amazon.com/AmazonCloudWatchEvents/latest/APIReference/API_PutRule.html
pattern := `^[\.\-_A-Za-z0-9]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}
return
}
func validateMaxLength(length int) schema.SchemaValidateFunc {
return func(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > length {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than %d characters: %q", k, length, value))
}
provider/aws: Add support for api_gateway_authorizer (#6320)
2016-04-25 13:22:37 +02:00
return
}
}
func validateIntegerInRange(min, max int) schema.SchemaValidateFunc {
return func(v interface{}, k string) (ws []string, errors []error) {
value := v.(int)
if value < min {
errors = append(errors, fmt.Errorf(
"%q cannot be lower than %d: %d", k, min, value))
}
if value > max {
errors = append(errors, fmt.Errorf(
"%q cannot be higher than %d: %d", k, max, value))
}
provider/aws: Add CloudWatch Event Rule
2016-01-29 20:13:52 +01:00
return
}
}
provider/aws: Add CloudWatch Event Target
2016-02-03 18:55:59 +01:00
func validateCloudWatchEventTargetId(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 64 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 64 characters: %q", k, value))
}
// http://docs.aws.amazon.com/AmazonCloudWatchEvents/latest/APIReference/API_Target.html
pattern := `^[\.\-_A-Za-z0-9]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}
return
}
provider/aws: Add aws_lambda_permission
2016-01-25 15:19:52 +01:00
func validateLambdaFunctionName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 140 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 140 characters: %q", k, value))
}
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
provider/aws: Allow ARN identifier to be set Allows users from govcloud and other regions (aws-cn) to now use the following resources correctly: ``` - data "aws_billing_service_account" - data "aws_elb_service_account" - resource "aws_cloudfront_origin_access_identity" - resource "aws_ecs_service" - resource "aws_iam_saml_provider" - resource "aws_lambda_permission" - resource "aws_sns_topic_policy" ```
2017-01-23 17:30:28 +01:00
pattern := `^(arn:[\w-]+:lambda:)?([a-z]{2}-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`
provider/aws: Add aws_lambda_permission
2016-01-25 15:19:52 +01:00
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}
return
}
func validateLambdaQualifier(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 128 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 128 characters: %q", k, value))
}
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
Fix: Incorrect AWS Lambda Qualifier Regexp Type of change: =============== - Bug fix What changed? ... and Why: ========================== The regexp is currently set to: `pattern := `^[a-zA-Z0-9$_]+$` The AWS docs state that qualifer names must conform to the following regexp: `Pattern: (|[a-zA-Z0-9$_-]+)` As you can see, the current regexp in Terraform is missing the `-` at the end. This addresses that. How has it been tested? ======================= Added a few test cases to the existing spec for `AwsLambdaQualifier` validation.
2017-01-24 16:47:45 +01:00
pattern := `^[a-zA-Z0-9$_-]+$`
provider/aws: Add aws_lambda_permission
2016-01-25 15:19:52 +01:00
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}
return
}
func validateLambdaPermissionAction(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
pattern := `^(lambda:[*]|lambda:[a-zA-Z]+|[*])$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}
return
}
func validateAwsAccountId(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
pattern := `^\d{12}$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't look like AWS Account ID (exactly 12 digits): %q",
k, value))
}
return
}
func validateArn(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
provider/aws: Reworked validateArn function to handle empty values (#10833)
2016-12-27 21:52:22 +01:00
if value == "" {
return
}
provider/aws: Add aws_lambda_permission
2016-01-25 15:19:52 +01:00
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
provider/aws: Allow ARN identifier to be set Allows users from govcloud and other regions (aws-cn) to now use the following resources correctly: ``` - data "aws_billing_service_account" - data "aws_elb_service_account" - resource "aws_cloudfront_origin_access_identity" - resource "aws_ecs_service" - resource "aws_iam_saml_provider" - resource "aws_lambda_permission" - resource "aws_sns_topic_policy" ```
2017-01-23 17:30:28 +01:00
pattern := `^arn:[\w-]+:([a-zA-Z0-9\-])+:([a-z]{2}-[a-z]+-\d{1})?:(\d{12})?:(.*)$`
provider/aws: Add aws_lambda_permission
2016-01-25 15:19:52 +01:00
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't look like a valid ARN (%q): %q",
k, pattern, value))
}
return
}
func validatePolicyStatementId(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 100 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 100 characters: %q", k, value))
}
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
pattern := `^[a-zA-Z0-9-_]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't look like a valid statement ID (%q): %q",
k, pattern, value))
}
return
}
provider/aws: improve vpc cidr_block err message Pull CIDR block validation into a shared func ready to be used elsewhere Example of new err message: ``` Errors: * aws_vpc.foo: "cidr_block" must contain a valid network CIDR, expected "10.0.0.0/16", got "10.0.1.0/16" ```
2016-02-22 22:05:55 +01:00
// validateCIDRNetworkAddress ensures that the string value is a valid CIDR that
// represents a network address - it adds an error otherwise
func validateCIDRNetworkAddress(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
_, ipnet, err := net.ParseCIDR(value)
if err != nil {
errors = append(errors, fmt.Errorf(
"%q must contain a valid CIDR, got error parsing: %s", k, err))
return
}
if ipnet == nil || value != ipnet.String() {
errors = append(errors, fmt.Errorf(
"%q must contain a valid network CIDR, expected %q, got %q",
k, ipnet, value))
}
return
}
Add aws_api_gateway_method resource
2016-03-05 23:15:22 +01:00
func validateHTTPMethod(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
Add new "ANY" as valid HTTP method to API Gateway validator. This commit adds a new HTTP method to a list of valid HTTP methods which is now accepted by API Gateway. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-06 12:48:23 +02:00
validMethods := map[string]bool{
"ANY": true,
"DELETE": true,
"GET": true,
"HEAD": true,
"OPTIONS": true,
"PATCH": true,
"POST": true,
"PUT": true,
}
if _, ok := validMethods[value]; !ok {
Add aws_api_gateway_method resource
2016-03-05 23:15:22 +01:00
errors = append(errors, fmt.Errorf(
Add missing unit test and re-factor for clarity. This commit adds a missing unit test for the API Gateway integration type attribute validation helper, plus changes the way how value is inspected to a simple lookup table. Additionally, changes the wording of the error message, and adds invalid test cases to the HTTP method validation helper. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-10 19:41:05 +02:00
"%q contains an invalid method %q. Valid methods are either %q, %q, %q, %q, %q, %q, %q, or %q.",
k, value, "ANY", "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"))
Add aws_api_gateway_method resource
2016-03-05 23:15:22 +01:00
}
return
}
provider/aws: Add validation for CW Log Metric Filter
2016-03-05 17:37:45 +01:00
func validateLogMetricFilterName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 512 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 512 characters: %q", k, value))
}
// http://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutMetricFilter.html
pattern := `^[^:*]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q isn't a valid log metric name (must not contain colon nor asterisk): %q",
k, value))
}
return
}
func validateLogMetricFilterTransformationName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 255 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 255 characters: %q", k, value))
}
// http://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_MetricTransformation.html
pattern := `^[^:*$]*$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q isn't a valid log metric transformation name (must not contain"+
" colon, asterisk nor dollar sign): %q",
k, value))
}
return
}
func validateLogGroupName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 512 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 512 characters: %q", k, value))
}
// http://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogGroup.html
pattern := `^[\.\-_/#A-Za-z0-9]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q isn't a valid log group name (alphanumeric characters, underscores,"+
" hyphens, slashes, hash signs and dots are allowed): %q",
k, value))
}
return
}
provider/aws: Add support S3 Object Lifecycle Rule (#6220) * providers/aws: Add support S3 Object Lifecycle Rule * Fix failed vet command * Fix failed acceptance tests * Check nil pointer before dereference. * Move S3 lifecycle rule id validator func to validators.go * Don't fail when get lifecycle rule's response code is 404
2016-04-20 12:16:14 +02:00
func validateS3BucketLifecycleTimestamp(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
_, err := time.Parse(time.RFC3339, fmt.Sprintf("%sT00:00:00Z", value))
if err != nil {
errors = append(errors, fmt.Errorf(
"%q cannot be parsed as RFC3339 Timestamp Format", value))
}
return
}
func validateS3BucketLifecycleStorageClass(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if value != s3.TransitionStorageClassStandardIa && value != s3.TransitionStorageClassGlacier {
errors = append(errors, fmt.Errorf(
"%q must be one of '%q', '%q'", k, s3.TransitionStorageClassStandardIa, s3.TransitionStorageClassGlacier))
}
return
}
provider/aws: Added S3 Bucket replication (#10552)
2016-12-08 11:59:13 +01:00
func validateS3BucketReplicationRuleId(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 255 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 255 characters: %q", k, value))
}
return
}
func validateS3BucketReplicationRulePrefix(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 1024 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 1024 characters: %q", k, value))
}
return
}
func validateS3BucketReplicationDestinationStorageClass(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if value != s3.StorageClassStandard && value != s3.StorageClassStandardIa && value != s3.StorageClassReducedRedundancy {
errors = append(errors, fmt.Errorf(
"%q must be one of '%q', '%q' or '%q'", k, s3.StorageClassStandard, s3.StorageClassStandardIa, s3.StorageClassReducedRedundancy))
}
return
}
func validateS3BucketReplicationRuleStatus(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if value != s3.ReplicationRuleStatusEnabled && value != s3.ReplicationRuleStatusDisabled {
errors = append(errors, fmt.Errorf(
"%q must be one of '%q' or '%q'", k, s3.ReplicationRuleStatusEnabled, s3.ReplicationRuleStatusDisabled))
}
return
}
provider/aws: Add support S3 Object Lifecycle Rule (#6220) * providers/aws: Add support S3 Object Lifecycle Rule * Fix failed vet command * Fix failed acceptance tests * Check nil pointer before dereference. * Move S3 lifecycle rule id validator func to validators.go * Don't fail when get lifecycle rule's response code is 404
2016-04-20 12:16:14 +02:00
func validateS3BucketLifecycleRuleId(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 255 {
errors = append(errors, fmt.Errorf(
"%q cannot exceed 255 characters", k))
}
return
}
Added RDS event subscriptions (#6367)
2016-05-05 12:14:25 +02:00
func validateDbEventSubscriptionName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if !regexp.MustCompile(`^[0-9A-Za-z-]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"only alphanumeric characters and hyphens allowed in %q", k))
}
if len(value) > 255 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 255 characters", k))
}
return
}
Adding passthrough behavior for API Gateway integration (#7801)
2016-07-26 10:38:51 +02:00
func validateApiGatewayIntegrationPassthroughBehavior(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if value != "WHEN_NO_MATCH" && value != "WHEN_NO_TEMPLATES" && value != "NEVER" {
errors = append(errors, fmt.Errorf(
"%q must be one of 'WHEN_NO_MATCH', 'WHEN_NO_TEMPLATES', 'NEVER'", k))
}
return
}
[WIP] provider/aws: Add normalizeJsonString and validateJsonString functions. (#8028) * Add normalizeJsonString and validateJsonString functions. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com> * Add unit test for the normalizeJsonString helper function. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com> * Fix. Remove incrrect format string. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com> * Remove surplus type assertion. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com> * Add unit test for the validateJsonStringhelper function. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com> * Remove surplus whitespaces. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-09-17 20:50:38 +02:00
func validateJsonString(v interface{}, k string) (ws []string, errors []error) {
if _, err := normalizeJsonString(v); err != nil {
errors = append(errors, fmt.Errorf("%q contains an invalid JSON: %s", k, err))
}
return
}
Extract integration type validator
2016-10-04 18:51:18 +02:00
provider/aws: CloudFormation YAML template support (#11121)
2017-01-20 15:00:32 +01:00
func validateCloudFormationTemplate(v interface{}, k string) (ws []string, errors []error) {
if looksLikeJsonString(v) {
if _, err := normalizeJsonString(v); err != nil {
errors = append(errors, fmt.Errorf("%q contains an invalid JSON: %s", k, err))
}
} else {
if _, err := checkYamlString(v); err != nil {
errors = append(errors, fmt.Errorf("%q contains an invalid YAML: %s", k, err))
}
}
return
}
Extract integration type validator
2016-10-04 18:51:18 +02:00
func validateApiGatewayIntegrationType(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
Add missing unit test and re-factor for clarity. This commit adds a missing unit test for the API Gateway integration type attribute validation helper, plus changes the way how value is inspected to a simple lookup table. Additionally, changes the wording of the error message, and adds invalid test cases to the HTTP method validation helper. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-10 19:41:05 +02:00
validTypes := map[string]bool{
"AWS": true,
"AWS_PROXY": true,
"HTTP": true,
"HTTP_PROXY": true,
"MOCK": true,
}
if _, ok := validTypes[value]; !ok {
Extract integration type validator
2016-10-04 18:51:18 +02:00
errors = append(errors, fmt.Errorf(
Add missing unit test and re-factor for clarity. This commit adds a missing unit test for the API Gateway integration type attribute validation helper, plus changes the way how value is inspected to a simple lookup table. Additionally, changes the wording of the error message, and adds invalid test cases to the HTTP method validation helper. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-10 19:41:05 +02:00
"%q contains an invalid integration type %q. Valid types are either %q, %q, %q, %q, or %q.",
k, value, "AWS", "AWS_PROXY", "HTTP", "HTTP_PROXY", "MOCK"))
Extract integration type validator
2016-10-04 18:51:18 +02:00
}
return
}
provider/aws: Added SQS FIFO queues (#10614)
2016-12-12 18:40:59 +01:00
Add support for binary media type to AWS API Gateway
2016-12-16 03:14:29 +01:00
func validateApiGatewayIntegrationContentHandling(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
validTypes := map[string]bool{
"CONVERT_TO_BINARY": true,
"CONVERT_TO_TEXT": true,
}
if _, ok := validTypes[value]; !ok {
errors = append(errors, fmt.Errorf(
"%q contains an invalid integration type %q. Valid types are either %q or %q.",
k, value, "CONVERT_TO_BINARY", "CONVERT_TO_TEXT"))
}
return
}
provider/aws: Added SQS FIFO queues (#10614)
2016-12-12 18:40:59 +01:00
func validateSQSQueueName(v interface{}, k string) (errors []error) {
value := v.(string)
if len(value) > 80 {
errors = append(errors, fmt.Errorf("%q cannot be longer than 80 characters", k))
}
if !regexp.MustCompile(`^[0-9A-Za-z-_]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf("only alphanumeric characters and hyphens allowed in %q", k))
}
return
}
func validateSQSFifoQueueName(v interface{}, k string) (errors []error) {
value := v.(string)
if len(value) > 80 {
errors = append(errors, fmt.Errorf("%q cannot be longer than 80 characters", k))
}
if !regexp.MustCompile(`^[0-9A-Za-z-_.]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf("only alphanumeric characters and hyphens allowed in %q", k))
}
if regexp.MustCompile(`^[^a-zA-Z0-9-_]`).MatchString(value) {
errors = append(errors, fmt.Errorf("FIFO queue name must start with one of these characters [a-zA-Z0-9-_]: %v", value))
}
if !regexp.MustCompile(`\.fifo$`).MatchString(value) {
errors = append(errors, fmt.Errorf("FIFO queue name should ends with \".fifo\": %v", value))
}
return
}
provider/aws: Improved the SNS topic subscription protocols validation
2016-12-13 17:54:52 +01:00
func validateSNSSubscriptionProtocol(v interface{}, k string) (ws []string, errors []error) {
value := strings.ToLower(v.(string))
forbidden := []string{"email", "sms"}
for _, f := range forbidden {
if strings.Contains(value, f) {
errors = append(
errors,
fmt.Errorf("Unsupported protocol (%s) for SNS Topic", value),
)
}
}
return
}
provider/aws: Added a validation for security group rule types (#10864)
2016-12-30 01:26:01 +01:00
func validateSecurityRuleType(v interface{}, k string) (ws []string, errors []error) {
value := strings.ToLower(v.(string))
validTypes := map[string]bool{
"ingress": true,
"egress": true,
}
if _, ok := validTypes[value]; !ok {
errors = append(errors, fmt.Errorf(
"%q contains an invalid Security Group Rule type %q. Valid types are either %q or %q.",
k, value, "ingress", "egress"))
}
return
}
provider/aws: Validate window time format (#11089) * create window format validate function * apply ValidateFunc for window time format
2017-01-09 14:12:07 +01:00
func validateOnceAWeekWindowFormat(v interface{}, k string) (ws []string, errors []error) {
// valid time format is "ddd:hh24:mi"
validTimeFormat := "(sun|mon|tue|wed|thu|fri|sat):([0-1][0-9]|2[0-3]):([0-5][0-9])"
value := strings.ToLower(v.(string))
if !regexp.MustCompile(validTimeFormat + "-" + validTimeFormat).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q must satisfy the format of \"ddd:hh24:mi-ddd:hh24:mi\".", k))
}
return
}
func validateOnceADayWindowFormat(v interface{}, k string) (ws []string, errors []error) {
// valid time format is "hh24:mi"
validTimeFormat := "([0-1][0-9]|2[0-3]):([0-5][0-9])"
value := v.(string)
if !regexp.MustCompile(validTimeFormat + "-" + validTimeFormat).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q must satisfy the format of \"hh24:mi-hh24:mi\".", k))
}
return
}
provider/aws: Route53 Record: Add Type validation Adds validation for the `type` parameter of an `aws_route53_record` resource. This will allow Terraform to catch any user errors of a `type` parameter during a `terraform plan` instead of during a `terraform apply`. Fixes: #11114
2017-01-09 21:45:26 +01:00
func validateRoute53RecordType(v interface{}, k string) (ws []string, errors []error) {
// Valid Record types
// SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA
validTypes := map[string]struct{}{
"SOA": {},
"A": {},
"TXT": {},
"NS": {},
"CNAME": {},
"MX": {},
"NAPTR": {},
"PTR": {},
"SRV": {},
"SPF": {},
"AAAA": {},
}
value := v.(string)
if _, ok := validTypes[value]; !ok {
errors = append(errors, fmt.Errorf(
"%q must be one of [SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA]", k))
}
return
}
provider/aws: Update ECS task_definition and service Updates ECS task_definition documentation, and schema validation functions to match the AWS API documentation. Updates ECS service documentation, and schema validation functions match the AWS API documentation.
2017-01-19 23:54:52 +01:00
// Validates that ECS Placement Constraints are set correctly
// Takes type, and expression as strings
func validateAwsEcsPlacementConstraint(constType, constExpr string) error {
switch constType {
case "distinctInstance":
// Expression can be nil for distinctInstance
return nil
case "memberOf":
if constExpr == "" {
return fmt.Errorf("Expression cannot be nil for 'memberOf' type")
}
default:
return fmt.Errorf("Unknown type provided: %q", constType)
}
return nil
}
// Validates that an Ecs placement strategy is set correctly
// Takes type, and field as strings
func validateAwsEcsPlacementStrategy(stratType, stratField string) error {
switch stratType {
case "random":
// random does not need the field attribute set, could error, but it isn't read at the API level
return nil
case "spread":
// For the spread placement strategy, valid values are instanceId
// (or host, which has the same effect), or any platform or custom attribute
// that is applied to a container instance
// stratField is already cased to a string
return nil
case "binpack":
if stratField != "cpu" && stratField != "memory" {
return fmt.Errorf("Binpack type requires the field attribute to be either 'cpu' or 'memory'. Got: %s",
stratField)
}
default:
return fmt.Errorf("Unknown type %s. Must be one of 'random', 'spread', or 'binpack'.", stratType)
}
return nil
}
provider/aws: Add EBS Volume support for EMR Instance Groups Adds EBS Volume support and tests for EMR Instnace Groups ``` $ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEMRInstanceGroup_ebsBasic' ==> Checking that code complies with gofmt requirements... go generate $(go list ./... | grep -v /terraform/vendor/) 2017/01/25 10:14:58 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEMRInstanceGroup_ebsBasic -timeout 120m === RUN TestAccAWSEMRInstanceGroup_ebsBasic --- PASS: TestAccAWSEMRInstanceGroup_ebsBasic (675.14s) PASS ok github.com/hashicorp/terraform/builtin/providers/aws 675.171s ```
2017-01-25 16:29:41 +01:00
func validateAwsEmrEbsVolumeType(v interface{}, k string) (ws []string, errors []error) {
validTypes := map[string]struct{}{
"gp2": {},
"io1": {},
"standard": {},
}
value := v.(string)
if _, ok := validTypes[value]; !ok {
errors = append(errors, fmt.Errorf(
"%q must be one of ['gp2', 'io1', 'standard']", k))
}
return
}
Added Step Function resources (State Machine & Activity) (#11420) * Added Step Function Activity & Step Function State Machine * Added SFN State Machine documentation * Added aws_sfn_activity & documentation * Allowed import of sfn resources * Added more checks on tests, fixed documentation * Handled the update case of a SFN function (might be already deleting) * Removed the State Machine import test file * Fixed the eventual consistency of the read after delete for SFN functions
2017-01-31 21:17:38 +01:00
func validateSfnActivityName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 80 {
errors = append(errors, fmt.Errorf("%q cannot be longer than 80 characters", k))
}
return
}
func validateSfnStateMachineDefinition(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 1048576 {
errors = append(errors, fmt.Errorf("%q cannot be longer than 1048576 characters", k))
}
return
}
func validateSfnStateMachineName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 80 {
errors = append(errors, fmt.Errorf("%q cannot be longer than 80 characters", k))
}
if !regexp.MustCompile(`^[a-zA-Z0-9-_]+$`).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q must be composed with only these characters [a-zA-Z0-9-_]: %v", k, value))
}
return
}
Update Application Auto Scaling to support scaling an Amazon EC2 Spot fleet. (#8697) * provider/aws: Update Application Auto Scaling service model - Add support for automatically scaling an Amazon EC2 Spot fleet. * Remove duplicate policy_type check. * Test creating a scalable target for a splot fleet request. * Test creating a scaling policy for a splot fleet request. * Update resource docs to support scaling an Amazon EC2 Spot fleet. - aws_appautoscaling_policy - aws_appautoscaling_target * Remove arn attribute from aws_appautoscaling_target - No arn is generated or returned for this resource. * Remove optional name attribute from aws_appautoscaling_target - ScalableTargets do not have a name - I think this was copied from aws_appautoscaling_policy * AWS Application Autoscaling resource documentation tweaks - include a target resource in the policy example - sort attributes by alpha - fixup markdown - add spaces to test config
2017-02-02 10:39:22 +01:00
provider/aws: Add AWS DMS (data migration service) resources (#11122) * Add aws dms vendoring * Add aws dms endpoint resource * Add aws dms replication instance resource * Add aws dms replication subnet group resource * Add aws dms replication task resource * Fix aws dms resource go vet errors * Review fixes: Add id validators for all resources. Add validator for endpoint engine_name. * Add aws dms resources to importability list * Review fixes: Add aws dms iam role dependencies to test cases * Review fixes: Adjustments for handling input values * Add aws dms replication subnet group tagging * Fix aws dms subnet group doesn't use standard error for resource not found * Missed update of aws dms vendored version * Add aws dms certificate resource * Update aws dms resources to force new for immutable attributes * Fix tests failing on subnet deletion by adding explicit dependencies. Combine import tests with basic tests to cut down runtime.
2017-02-02 11:30:05 +01:00
func validateDmsCertificateId(v interface{}, k string) (ws []string, es []error) {
val := v.(string)
if len(val) > 255 {
es = append(es, fmt.Errorf("%q must not be longer than 255 characters", k))
}
if !regexp.MustCompile("^[a-zA-Z][a-zA-Z0-9-]+$").MatchString(val) {
es = append(es, fmt.Errorf("%q must start with a letter, only contain alphanumeric characters and hyphens", k))
}
if strings.Contains(val, "--") {
es = append(es, fmt.Errorf("%q must not contain consecutive hyphens", k))
}
if strings.HasSuffix(val, "-") {
es = append(es, fmt.Errorf("%q must not end in a hyphen", k))
}
return
}
func validateDmsEndpointId(v interface{}, k string) (ws []string, es []error) {
val := v.(string)
if len(val) > 255 {
es = append(es, fmt.Errorf("%q must not be longer than 255 characters", k))
}
if !regexp.MustCompile("^[a-zA-Z][a-zA-Z0-9-]+$").MatchString(val) {
es = append(es, fmt.Errorf("%q must start with a letter, only contain alphanumeric characters and hyphens", k))
}
if strings.Contains(val, "--") {
es = append(es, fmt.Errorf("%q must not contain consecutive hyphens", k))
}
if strings.HasSuffix(val, "-") {
es = append(es, fmt.Errorf("%q must not end in a hyphen", k))
}
return
}
func validateDmsReplicationInstanceId(v interface{}, k string) (ws []string, es []error) {
val := v.(string)
if len(val) > 63 {
es = append(es, fmt.Errorf("%q must not be longer than 63 characters", k))
}
if !regexp.MustCompile("^[a-zA-Z][a-zA-Z0-9-]+$").MatchString(val) {
es = append(es, fmt.Errorf("%q must start with a letter, only contain alphanumeric characters and hyphens", k))
}
if strings.Contains(val, "--") {
es = append(es, fmt.Errorf("%q must not contain consecutive hyphens", k))
}
if strings.HasSuffix(val, "-") {
es = append(es, fmt.Errorf("%q must not end in a hyphen", k))
}
return
}
func validateDmsReplicationSubnetGroupId(v interface{}, k string) (ws []string, es []error) {
val := v.(string)
if val == "default" {
es = append(es, fmt.Errorf("%q must not be default", k))
}
if len(val) > 255 {
es = append(es, fmt.Errorf("%q must not be longer than 255 characters", k))
}
if !regexp.MustCompile(`^[a-zA-Z0-9. _-]+$`).MatchString(val) {
es = append(es, fmt.Errorf("%q must only contain alphanumeric characters, periods, spaces, underscores and hyphens", k))
}
return
}
func validateDmsReplicationTaskId(v interface{}, k string) (ws []string, es []error) {
val := v.(string)
if len(val) > 255 {
es = append(es, fmt.Errorf("%q must not be longer than 255 characters", k))
}
if !regexp.MustCompile("^[a-zA-Z][a-zA-Z0-9-]+$").MatchString(val) {
es = append(es, fmt.Errorf("%q must start with a letter, only contain alphanumeric characters and hyphens", k))
}
if strings.Contains(val, "--") {
es = append(es, fmt.Errorf("%q must not contain consecutive hyphens", k))
}
if strings.HasSuffix(val, "-") {
es = append(es, fmt.Errorf("%q must not end in a hyphen", k))
}
provider/aws: Fixing a merge conflict issue in validators.go
2017-02-02 11:30:41 +01:00
return
}
Update Application Auto Scaling to support scaling an Amazon EC2 Spot fleet. (#8697) * provider/aws: Update Application Auto Scaling service model - Add support for automatically scaling an Amazon EC2 Spot fleet. * Remove duplicate policy_type check. * Test creating a scalable target for a splot fleet request. * Test creating a scaling policy for a splot fleet request. * Update resource docs to support scaling an Amazon EC2 Spot fleet. - aws_appautoscaling_policy - aws_appautoscaling_target * Remove arn attribute from aws_appautoscaling_target - No arn is generated or returned for this resource. * Remove optional name attribute from aws_appautoscaling_target - ScalableTargets do not have a name - I think this was copied from aws_appautoscaling_policy * AWS Application Autoscaling resource documentation tweaks - include a target resource in the policy example - sort attributes by alpha - fixup markdown - add spaces to test config
2017-02-02 10:39:22 +01:00
func validateAppautoscalingScalableDimension(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
dimensions := map[string]bool{
"ecs:service:DesiredCount": true,
"ec2:spot-fleet-request:TargetCapacity": true,
}
if !dimensions[value] {
errors = append(errors, fmt.Errorf("%q must be a valid scalable dimension value: %q", k, value))
}
return
}
func validateAppautoscalingServiceNamespace(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
namespaces := map[string]bool{
"ecs": true,
"ec2": true,
}
if !namespaces[value] {
errors = append(errors, fmt.Errorf("%q must be a valid service namespace value: %q", k, value))
}
return
}