mapping aws_lambda (#262)

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_code_signing_config
https://github.com/aws/aws-sdk-go/blob/main/models/apis/lambda/2015-03-31/api-2.json

Author: PatMyron

docs/rules/README.md

@@ -778,9 +778,12 @@ These rules enforce best practices and naming conventions:
 |aws_lambda_alias_invalid_description|✔|
 |aws_lambda_alias_invalid_function_name|✔|
 |aws_lambda_alias_invalid_function_version|✔|
+|aws_lambda_code_signing_config_invalid_description|✔|
 |aws_lambda_event_source_mapping_invalid_event_source_arn|✔|
 |aws_lambda_event_source_mapping_invalid_function_name|✔|
 |aws_lambda_event_source_mapping_invalid_starting_position|✔|
+|aws_lambda_function_event_invoke_config_invalid_function_name|✔|
+|aws_lambda_function_event_invoke_config_invalid_qualifier|✔|
 |aws_lambda_function_invalid_description|✔|
 |aws_lambda_function_invalid_function_name|✔|
 |aws_lambda_function_invalid_handler|✔|
@@ -794,6 +797,11 @@ These rules enforce best practices and naming conventions:
 |aws_lambda_layer_version_invalid_license_info|✔|
 |aws_lambda_layer_version_invalid_s3_key|✔|
 |aws_lambda_layer_version_invalid_s3_object_version|✔|
+|aws_lambda_layer_version_permission_invalid_action|✔|
+|aws_lambda_layer_version_permission_invalid_layer_name|✔|
+|aws_lambda_layer_version_permission_invalid_organization_id|✔|
+|aws_lambda_layer_version_permission_invalid_principal|✔|
+|aws_lambda_layer_version_permission_invalid_statement_id|✔|
 |aws_lambda_permission_invalid_action|✔|
 |aws_lambda_permission_invalid_event_source_token|✔|
 |aws_lambda_permission_invalid_function_name|✔|
@@ -802,6 +810,8 @@ These rules enforce best practices and naming conventions:
 |aws_lambda_permission_invalid_source_account|✔|
 |aws_lambda_permission_invalid_source_arn|✔|
 |aws_lambda_permission_invalid_statement_id|✔|
+|aws_lambda_provisioned_concurrency_config_invalid_function_name|✔|
+|aws_lambda_provisioned_concurrency_config_invalid_qualifier|✔|
 |aws_launch_configuration_invalid_spot_price|✔|
 |aws_launch_configuration_invalid_type|✔|
 |aws_launch_template_invalid_description|✔|

rules/models/aws_lambda_code_signing_config_invalid_description.go

@@ -0,0 +1,67 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsLambdaCodeSigningConfigInvalidDescriptionRule checks the pattern is valid
+type AwsLambdaCodeSigningConfigInvalidDescriptionRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+}
+
+// NewAwsLambdaCodeSigningConfigInvalidDescriptionRule returns new rule with default attributes
+func NewAwsLambdaCodeSigningConfigInvalidDescriptionRule() *AwsLambdaCodeSigningConfigInvalidDescriptionRule {
+	return &AwsLambdaCodeSigningConfigInvalidDescriptionRule{
+		resourceType:  "aws_lambda_code_signing_config",
+		attributeName: "description",
+		max:           256,
+	}
+}
+
+// Name returns the rule name
+func (r *AwsLambdaCodeSigningConfigInvalidDescriptionRule) Name() string {
+	return "aws_lambda_code_signing_config_invalid_description"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsLambdaCodeSigningConfigInvalidDescriptionRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsLambdaCodeSigningConfigInvalidDescriptionRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsLambdaCodeSigningConfigInvalidDescriptionRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsLambdaCodeSigningConfigInvalidDescriptionRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"description must be 256 characters or less",
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_lambda_function_event_invoke_config_invalid_function_name.go

@@ -0,0 +1,87 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"log"
+	"regexp"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule checks the pattern is valid
+type AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+	pattern       *regexp.Regexp
+}
+
+// NewAwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule returns new rule with default attributes
+func NewAwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule() *AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule {
+	return &AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule{
+		resourceType:  "aws_lambda_function_event_invoke_config",
+		attributeName: "function_name",
+		max:           140,
+		min:           1,
+		pattern:       regexp.MustCompile(`^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`),
+	}
+}
+
+// Name returns the rule name
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule) Name() string {
+	return "aws_lambda_function_event_invoke_config_invalid_function_name"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidFunctionNameRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"function_name must be 140 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"function_name must be 1 characters or higher",
+					attribute.Expr,
+				)
+			}
+			if !r.pattern.MatchString(val) {
+				runner.EmitIssueOnExpr(
+					r,
+					fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`),
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_lambda_function_event_invoke_config_invalid_qualifier.go

@@ -0,0 +1,87 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"log"
+	"regexp"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule checks the pattern is valid
+type AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+	pattern       *regexp.Regexp
+}
+
+// NewAwsLambdaFunctionEventInvokeConfigInvalidQualifierRule returns new rule with default attributes
+func NewAwsLambdaFunctionEventInvokeConfigInvalidQualifierRule() *AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule {
+	return &AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule{
+		resourceType:  "aws_lambda_function_event_invoke_config",
+		attributeName: "qualifier",
+		max:           128,
+		min:           1,
+		pattern:       regexp.MustCompile(`^(|[a-zA-Z0-9$_-]+)$`),
+	}
+}
+
+// Name returns the rule name
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule) Name() string {
+	return "aws_lambda_function_event_invoke_config_invalid_qualifier"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsLambdaFunctionEventInvokeConfigInvalidQualifierRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"qualifier must be 128 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"qualifier must be 1 characters or higher",
+					attribute.Expr,
+				)
+			}
+			if !r.pattern.MatchString(val) {
+				runner.EmitIssueOnExpr(
+					r,
+					fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^(|[a-zA-Z0-9$_-]+)$`),
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_lambda_layer_version_permission_invalid_action.go

@@ -0,0 +1,78 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"log"
+	"regexp"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsLambdaLayerVersionPermissionInvalidActionRule checks the pattern is valid
+type AwsLambdaLayerVersionPermissionInvalidActionRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	pattern       *regexp.Regexp
+}
+
+// NewAwsLambdaLayerVersionPermissionInvalidActionRule returns new rule with default attributes
+func NewAwsLambdaLayerVersionPermissionInvalidActionRule() *AwsLambdaLayerVersionPermissionInvalidActionRule {
+	return &AwsLambdaLayerVersionPermissionInvalidActionRule{
+		resourceType:  "aws_lambda_layer_version_permission",
+		attributeName: "action",
+		max:           22,
+		pattern:       regexp.MustCompile(`^lambda:GetLayerVersion$`),
+	}
+}
+
+// Name returns the rule name
+func (r *AwsLambdaLayerVersionPermissionInvalidActionRule) Name() string {
+	return "aws_lambda_layer_version_permission_invalid_action"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsLambdaLayerVersionPermissionInvalidActionRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsLambdaLayerVersionPermissionInvalidActionRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsLambdaLayerVersionPermissionInvalidActionRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsLambdaLayerVersionPermissionInvalidActionRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"action must be 22 characters or less",
+					attribute.Expr,
+				)
+			}
+			if !r.pattern.MatchString(val) {
+				runner.EmitIssueOnExpr(
+					r,
+					fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^lambda:GetLayerVersion$`),
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}