Update AWS provider/module and generated content (#454)

github-actions[bot] · wata727 · web-flow · commit 19bfd5aa0dfd · 2023-03-18T18:13:24.000+09:00
Co-authored-by: wata727 &lt;wata727@users.noreply.github.com&gt;
diff --git a/aws/mock/ecs.go b/aws/mock/ecs.go
diff --git a/go.mod b/go.mod
@@ -4,7 +4,7 @@ go 1.19
 
 require (
 	github.com/agext/levenshtein v1.2.2 // indirect
-	github.com/aws/aws-sdk-go v1.44.204
+	github.com/aws/aws-sdk-go v1.44.224
 	github.com/dave/dst v0.27.2
 	github.com/fatih/color v1.13.0 // indirect
 	github.com/golang/mock v1.6.0
diff --git a/go.sum b/go.sum
@@ -5,8 +5,8 @@ github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki
 github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw=
 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
 github.com/aws/aws-sdk-go v1.31.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
-github.com/aws/aws-sdk-go v1.44.204 h1:7/tPUXfNOHB390A63t6fJIwmlwVQAkAwcbzKsU2/6OQ=
-github.com/aws/aws-sdk-go v1.44.204/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
+github.com/aws/aws-sdk-go v1.44.224 h1:09CiaaF35nRmxrzWZ2uRq5v6Ghg/d2RiPjZnSgtt+RQ=
+github.com/aws/aws-sdk-go v1.44.224/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
diff --git a/rules/models/aws-sdk-go b/rules/models/aws-sdk-go
@@ -1 +1 @@
-Subproject commit ad756cba2a3211efac8fba19afc28c0f359201d2
+Subproject commit cf6d104c9d69fbab925d65849626f910ec099389
diff --git a/rules/models/aws_account_alternate_contact_invalid_email_address.go b/rules/models/aws_account_alternate_contact_invalid_email_address.go
@@ -27,9 +27,9 @@ func NewAwsAccountAlternateContactInvalidEmailAddressRule() *AwsAccountAlternate
 	return &AwsAccountAlternateContactInvalidEmailAddressRule{
 		resourceType:  "aws_account_alternate_contact",
 		attributeName: "email_address",
-		max:           64,
+		max:           254,
 		min:           1,
-		pattern:       regexp.MustCompile(`^[\s]*[\w+=.#!&-]+@[\w.-]+\.[\w]+[\s]*$`),
+		pattern:       regexp.MustCompile(`^[\s]*[\w+=.#|!&-]+@[\w.-]+\.[\w]+[\s]*$`),
 	}
 }
 
@@ -79,7 +79,7 @@ func (r *AwsAccountAlternateContactInvalidEmailAddressRule) Check(runner tflint.
 			if len(val) > r.max {
 				runner.EmitIssue(
 					r,
-					"email_address must be 64 characters or less",
+					"email_address must be 254 characters or less",
 					attribute.Expr.Range(),
 				)
 			}
@@ -93,7 +93,7 @@ func (r *AwsAccountAlternateContactInvalidEmailAddressRule) Check(runner tflint.
 			if !r.pattern.MatchString(val) {
 				runner.EmitIssue(
 					r,
-					fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[\s]*[\w+=.#!&-]+@[\w.-]+\.[\w]+[\s]*$`),
+					fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[\s]*[\w+=.#|!&-]+@[\w.-]+\.[\w]+[\s]*$`),
 					attribute.Expr.Range(),
 				)
 			}
diff --git a/rules/models/aws_instance_invalid_type.go b/rules/models/aws_instance_invalid_type.go
@@ -644,6 +644,25 @@ func NewAwsInstanceInvalidTypeRule() *AwsInstanceInvalidTypeRule {
 			"r6idn.16xlarge",
 			"r6idn.24xlarge",
 			"r6idn.32xlarge",
+			"c7g.metal",
+			"m7g.medium",
+			"m7g.large",
+			"m7g.xlarge",
+			"m7g.2xlarge",
+			"m7g.4xlarge",
+			"m7g.8xlarge",
+			"m7g.12xlarge",
+			"m7g.16xlarge",
+			"m7g.metal",
+			"r7g.medium",
+			"r7g.large",
+			"r7g.xlarge",
+			"r7g.2xlarge",
+			"r7g.4xlarge",
+			"r7g.8xlarge",
+			"r7g.12xlarge",
+			"r7g.16xlarge",
+			"r7g.metal",
 		},
 	}
 }
diff --git a/rules/models/aws_launch_configuration_invalid_type.go b/rules/models/aws_launch_configuration_invalid_type.go
@@ -644,6 +644,25 @@ func NewAwsLaunchConfigurationInvalidTypeRule() *AwsLaunchConfigurationInvalidTy
 			"r6idn.16xlarge",
 			"r6idn.24xlarge",
 			"r6idn.32xlarge",
+			"c7g.metal",
+			"m7g.medium",
+			"m7g.large",
+			"m7g.xlarge",
+			"m7g.2xlarge",
+			"m7g.4xlarge",
+			"m7g.8xlarge",
+			"m7g.12xlarge",
+			"m7g.16xlarge",
+			"m7g.metal",
+			"r7g.medium",
+			"r7g.large",
+			"r7g.xlarge",
+			"r7g.2xlarge",
+			"r7g.4xlarge",
+			"r7g.8xlarge",
+			"r7g.12xlarge",
+			"r7g.16xlarge",
+			"r7g.metal",
 		},
 	}
 }
diff --git a/rules/models/aws_launch_template_invalid_instance_type.go b/rules/models/aws_launch_template_invalid_instance_type.go
@@ -644,6 +644,25 @@ func NewAwsLaunchTemplateInvalidInstanceTypeRule() *AwsLaunchTemplateInvalidInst
 			"r6idn.16xlarge",
 			"r6idn.24xlarge",
 			"r6idn.32xlarge",
+			"c7g.metal",
+			"m7g.medium",
+			"m7g.large",
+			"m7g.xlarge",
+			"m7g.2xlarge",
+			"m7g.4xlarge",
+			"m7g.8xlarge",
+			"m7g.12xlarge",
+			"m7g.16xlarge",
+			"m7g.metal",
+			"r7g.medium",
+			"r7g.large",
+			"r7g.xlarge",
+			"r7g.2xlarge",
+			"r7g.4xlarge",
+			"r7g.8xlarge",
+			"r7g.12xlarge",
+			"r7g.16xlarge",
+			"r7g.metal",
 		},
 	}
 }
diff --git a/rules/models/aws_route53_resolver_firewall_config_invalid_firewall_fail_open.go b/rules/models/aws_route53_resolver_firewall_config_invalid_firewall_fail_open.go
@@ -27,6 +27,7 @@ func NewAwsRoute53ResolverFirewallConfigInvalidFirewallFailOpenRule() *AwsRoute5
 		enum: []string{
 			"ENABLED",
 			"DISABLED",
+			"USE_LOCAL_RESOURCE_SETTING",
 		},
 	}
 }
diff --git a/rules/models/aws_secretsmanager_secret_version_invalid_secret_string.go b/rules/models/aws_secretsmanager_secret_version_invalid_secret_string.go
@@ -15,6 +15,7 @@ type AwsSecretsmanagerSecretVersionInvalidSecretStringRule struct {
 	resourceType  string
 	attributeName string
 	max           int
+	min           int
 }
 
 // NewAwsSecretsmanagerSecretVersionInvalidSecretStringRule returns new rule with default attributes
@@ -23,6 +24,7 @@ func NewAwsSecretsmanagerSecretVersionInvalidSecretStringRule() *AwsSecretsmanag
 		resourceType:  "aws_secretsmanager_secret_version",
 		attributeName: "secret_string",
 		max:           65536,
+		min:           1,
 	}
 }
 
@@ -76,6 +78,13 @@ func (r *AwsSecretsmanagerSecretVersionInvalidSecretStringRule) Check(runner tfl
 					attribute.Expr.Range(),
 				)
 			}
+			if len(val) < r.min {
+				runner.EmitIssue(
+					r,
+					"secret_string must be 1 characters or higher",
+					attribute.Expr.Range(),
+				)
+			}
 			return nil
 		})
 		if err != nil {
diff --git a/rules/tags/resources.go b/rules/tags/resources.go
diff --git a/tools/provider-schema/.terraform.lock.hcl b/tools/provider-schema/.terraform.lock.hcl
diff --git a/tools/provider-schema/schema.json b/tools/provider-schema/schema.json

Original file line number	Diff line number	Diff line change
`@@ -27,9 +27,9 @@ func NewAwsAccountAlternateContactInvalidEmailAddressRule() *AwsAccountAlternate`
`27`	`27`	`return &AwsAccountAlternateContactInvalidEmailAddressRule{`
`28`	`28`	`resourceType: "aws_account_alternate_contact",`
`29`	`29`	`attributeName: "email_address",`
`30`		`- max: 64,`
	`30`	`+ max: 254,`
`31`	`31`	`min: 1,`
`32`		- pattern: regexp.MustCompile(`^[\s][\w+=.#!&-]+@[\w.-]+\.[\w]+[\s]$`),
	`32`	+ pattern: regexp.MustCompile(`^[\s][\w+=.#\|!&-]+@[\w.-]+\.[\w]+[\s]$`),
`33`	`33`	`}`
`34`	`34`	`}`
`35`	`35`
`@@ -79,7 +79,7 @@ func (r *AwsAccountAlternateContactInvalidEmailAddressRule) Check(runner tflint.`
`79`	`79`	`if len(val) > r.max {`
`80`	`80`	`runner.EmitIssue(`
`81`	`81`	`r,`
`82`		`- "email_address must be 64 characters or less",`
	`82`	`+ "email_address must be 254 characters or less",`
`83`	`83`	`attribute.Expr.Range(),`
`84`	`84`	`)`
`85`	`85`	`}`
`@@ -93,7 +93,7 @@ func (r *AwsAccountAlternateContactInvalidEmailAddressRule) Check(runner tflint.`
`93`	`93`	`if !r.pattern.MatchString(val) {`
`94`	`94`	`runner.EmitIssue(`
`95`	`95`	`r,`
`96`		- fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[\s][\w+=.#!&-]+@[\w.-]+\.[\w]+[\s]$`),
	`96`	+ fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[\s][\w+=.#\|!&-]+@[\w.-]+\.[\w]+[\s]$`),
`97`	`97`	`attribute.Expr.Range(),`
`98`	`98`	`)`
`99`	`99`	`}`
Original file line number	Diff line number	Diff line change
`@@ -27,6 +27,7 @@ func NewAwsRoute53ResolverFirewallConfigInvalidFirewallFailOpenRule() *AwsRoute5`
`27`	`27`	`enum: []string{`
`28`	`28`	`"ENABLED",`
`29`	`29`	`"DISABLED",`
	`30`	`+ "USE_LOCAL_RESOURCE_SETTING",`
`30`	`31`	`},`
`31`	`32`	`}`
`32`	`33`	`}`
Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,7 @@ type AwsSecretsmanagerSecretVersionInvalidSecretStringRule struct {`
`15`	`15`	`resourceType string`
`16`	`16`	`attributeName string`
`17`	`17`	`max int`
	`18`	`+ min int`
`18`	`19`	`}`
`19`	`20`
`20`	`21`	`// NewAwsSecretsmanagerSecretVersionInvalidSecretStringRule returns new rule with default attributes`
`@@ -23,6 +24,7 @@ func NewAwsSecretsmanagerSecretVersionInvalidSecretStringRule() *AwsSecretsmanag`
`23`	`24`	`resourceType: "aws_secretsmanager_secret_version",`
`24`	`25`	`attributeName: "secret_string",`
`25`	`26`	`max: 65536,`
	`27`	`+ min: 1,`
`26`	`28`	`}`
`27`	`29`	`}`
`28`	`30`
`@@ -76,6 +78,13 @@ func (r *AwsSecretsmanagerSecretVersionInvalidSecretStringRule) Check(runner tfl`
`76`	`78`	`attribute.Expr.Range(),`
`77`	`79`	`)`
`78`	`80`	`}`
	`81`	`+ if len(val) < r.min {`
	`82`	`+ runner.EmitIssue(`
	`83`	`+ r,`
	`84`	`+ "secret_string must be 1 characters or higher",`
	`85`	`+ attribute.Expr.Range(),`
	`86`	`+ )`
	`87`	`+ }`
`79`	`88`	`return nil`
`80`	`89`	`})`
`81`	`90`	`if err != nil {`