finish docs

kayman-mk · kayman-mk · commit 64a1b3550dc3 · 2024-12-14T20:13:54.000+01:00
diff --git a/docs/rules/aws_security_group_rule_deprecated.md b/docs/rules/aws_security_group_rule_deprecated.md
@@ -5,22 +5,26 @@
 ## Example
 
 ```hcl
-resource "null_resource" "foo" {
-  // TODO: Write the example Terraform code which violates the rule
+resource "aws_security_group_rule" "foo" {
+  security_group_id = "sg-12345678"
 }
 ```
 
-```
-$ tflint
+```sh
+❯ tflint
+1 issue(s) found:
 
-// TODO: Write the output when inspects the above code
+Warning: Consider using aws_vpc_security_group_egress_rule or aws_vpc_security_group_ingress_rule instead.
 
+  on test.tf line 5:
+   4:   resource "aws_security_group_rule" "foo" {
+   5:     security_group_id = "sg-12345678"
+   6:   }
 ```
-
 ## Why
 
-// TODO: Write why you should follow the rule. This section is also a place to explain the value of the rule
+Avoid using the `aws_security_group_rule` resource, as it struggles with managing multiple CIDR blocks, and, due to the historical lack of unique IDs, tags and descriptions.
 
 ## How To Fix
 
-// TODO: Write how to fix it to avoid the problem
+Depending on `foo.type`, you can fix the issue by using either `aws_vpc_security_group_egress_rule` or `aws_vpc_security_group_ingress_rule`:
diff --git a/rules/aws_security_group_rule_deprecated.go b/rules/aws_security_group_rule_deprecated.go
@@ -54,15 +54,10 @@ func (r *AwsSecurityGroupRuleDeprecatedRule) Check(runner tflint.Runner) error {
 	}
 
 	for _, resource := range resources.Blocks {
-		attribute, exists := resource.Body.Attributes[r.attributeName]
-		if !exists {
-			continue
-		}
-
 		runner.EmitIssue(
 			r,
 			"Consider using aws_vpc_security_group_egress_rule or aws_vpc_security_group_ingress_rule instead.",
-			attribute.Expr.Range(),
+			resource.DefRange,
 		)
 	}
 
diff --git a/rules/aws_security_group_rule_deprecated_test.go b/rules/aws_security_group_rule_deprecated_test.go
@@ -26,8 +26,8 @@ resource "aws_security_group_rule" "test" {
 					Message: "Consider using aws_vpc_security_group_egress_rule or aws_vpc_security_group_ingress_rule instead.",
 					Range: hcl.Range{
 						Filename: "resource.tf",
-						Start:    hcl.Pos{Line: 3, Column: 22},
-						End:      hcl.Pos{Line: 3, Column: 35},
+						Start:    hcl.Pos{Line: 2, Column: 1},
+						End:      hcl.Pos{Line: 2, Column: 42},
 					},
 				},
 			},

Original file line number	Diff line number	Diff line change
`@@ -54,15 +54,10 @@ func (r *AwsSecurityGroupRuleDeprecatedRule) Check(runner tflint.Runner) error {`
`54`	`54`	`}`
`55`	`55`
`56`	`56`	`for _, resource := range resources.Blocks {`
`57`		`- attribute, exists := resource.Body.Attributes[r.attributeName]`
`58`		`- if !exists {`
`59`		`- continue`
`60`		`- }`
`61`		`-`
`62`	`57`	`runner.EmitIssue(`
`63`	`58`	`r,`
`64`	`59`	`"Consider using aws_vpc_security_group_egress_rule or aws_vpc_security_group_ingress_rule instead.",`
`65`		`- attribute.Expr.Range(),`
	`60`	`+ resource.DefRange,`
`66`	`61`	`)`
`67`	`62`	`}`
`68`	`63`