Reusable validation functions for Terraform, built with the latest Terraform Plugin Framework.
ValidateFX lets you write cleaner, more expressive validations using functions like email, uuid, base64, and more. Use the assert function to validate conditions with custom error messages.
Developer quickstart
- Format:
go fmt ./... - Lint:
golangci-lint run - Tests:
go test ./... - Coverage:
make coverage - Full local checks:
make validate - Pre-push:
make pre-push
terraform {
required_providers {
validatefx = {
source = "The-DevOps-Daily/validatefx"
version = "0.1.0"
}
}
}
provider "validatefx" {}
variable "email" {
type = string
}
locals {
# Validate email with custom error message
email_check = provider::validatefx::assert(
provider::validatefx::email(var.email),
"Invalid email address provided!"
)
# Or use in variable validation
age_validation = provider::validatefx::assert(
var.user_age >= 18,
"User must be at least 18 years old!"
)
}git clone https://github.com/The-DevOps-Daily/terraform-provider-validatefx.git
cd terraform-provider-validatefx
go mod tidy
make build
make install
make devExample usage in examples/basic/main.tf.
| Function | Description |
|---|---|
all_valid |
Return true when all provided validation checks evaluate to true. |
any_valid |
Return true when any provided validation check evaluates to true. |
arn |
Validate that a string is an AWS ARN. |
assert |
Assert a condition with a custom error message. |
aws_region |
Validate that a string is a valid AWS region code. |
azure_location |
Validate that a string is a valid Azure location. |
base32 |
Validate that a string is Base32 encoded. |
base64 |
Validate that a string is Base64 encoded. |
between |
Validate that a numeric string falls between inclusive minimum and maximum bounds. |
cidr |
Validate that a string is an IPv4 or IPv6 CIDR block. |
cidr_overlap |
Validate that provided CIDR blocks do not overlap. |
credit_card |
Validate that a string is a credit card number using the Luhn algorithm. |
credit_card_expiry |
Validate that a string is a valid credit card expiry date in MM/YY or MM/YYYY format and not in the past. |
datetime |
Validate that a string is an ISO 8601 / RFC 3339 datetime. |
dependent_value |
Validate a dependent relationship between two values. |
domain |
Validate that a string is a compliant domain name. |
email |
Validate that a string is an RFC 5322 compliant email address. |
exactly_one_valid |
Return true when exactly one validation check evaluates to true. |
fqdn |
Validate that a string is a fully qualified domain name (FQDN). |
gcp_region |
Validate that a string is a valid GCP region. |
gcp_zone |
Validate that a string is a valid GCP zone. |
has_prefix |
Validate that a string starts with one of the provided prefixes. |
has_suffix |
Validate that a string ends with one of the provided suffixes. |
hex |
Validate that a string contains only hexadecimal characters. |
hostname |
Validate that a string is a hostname compliant with RFC 1123. |
in_list |
Validate that a string matches one of the allowed values. |
integer |
Validate that a string represents a valid integer. |
ip |
Validate that a string is a valid IPv4 or IPv6 address. |
ip_range_size |
Validate that a CIDR's prefix length falls within an allowed inclusive range. |
json |
Validate that a string decodes to a JSON object. |
jwt |
Validate that a string is a well-formed JSON Web Token (JWT). |
k8s_annotation_value |
Validates Kubernetes annotation value format |
k8s_label_key |
Validates Kubernetes label key format |
k8s_label_value |
Validates Kubernetes label value format |
list_length_between |
Validate that a list has a length between minimum and maximum bounds. |
list_subset |
Validate that all elements of a list/set are contained in a reference list. |
list_unique |
Validate that all list elements are unique. |
mac_address |
Validate that a string is a MAC address in colon, dash, or compact format. |
map_keys_match |
Validate that map keys match allowed or required keys. |
matches_regex |
Validate that a string matches a provided regular expression. |
mime_type |
Validate that a string is a valid MIME type. |
mutually_exclusive |
Validate that exactly one value is set. |
non_empty_list |
Validate that a list is not empty. |
non_negative_number |
Validate that a string represents a non-negative number. |
not_in_list |
Validate that a string does not match any of the provided disallowed values. |
password_strength |
Checks if a password meets strength requirements |
phone |
Validate that a string is an E.164 compliant phone number. |
port_number |
Validate that a string is a valid TCP/UDP port number (1..65535). |
port_range |
Validate that a string is a valid port range (start-end). |
positive_number |
Validate that a string represents a positive number. |
private_ip |
Validate that an IP address is private (RFC1918 / IPv6 ULA). |
public_ip |
Validate that an IP address is public (not private). |
resource_name |
Validate that a string is a valid Terraform resource name. |
semver |
Validate that a string follows Semantic Versioning (SemVer 2.0.0). |
semver_range |
Validate that a string is a valid semantic version range expression. |
set_equals |
Validate that two string lists contain the same elements regardless of order. |
size_between |
Validate that a numeric string falls within an inclusive size range. |
slug |
Validate that a string is a valid slug. |
ssh_public_key |
Validate that a string is a valid SSH public key. |
string_contains |
Validate that a string contains at least one of the provided substrings. |
string_length |
Validate that a string length falls within optional minimum and maximum bounds. |
subnet |
Validate that a string is a subnet address (IP equals network) in CIDR notation. |
uri |
Validate that a string is a URI. |
url |
Validate that a string is an HTTP(S) URL. |
username |
Validate that a string is a valid username. |
uuid |
Validate that a string is an RFC 4122 UUID (versions 1-5). |
uuidv4_only |
Validate that a string is a UUID version 4. |
version |
Return the provider version string. |
We welcome contributions! Please review our Contributing Guide before submitting pull requests.
Browse our good first issues to get started.
MIT Β© 2025 DevOps Daily