mapping s3control (#245)

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3control_access_point_policy
https://github.com/aws/aws-sdk-go/blob/main/models/apis/s3control/2018-08-20/api-2.json

Author: PatMyron

docs/rules/README.md

@@ -837,6 +837,17 @@ These rules enforce best practices and naming conventions:
 |aws_s3_bucket_object_invalid_acl|✔|
 |aws_s3_bucket_object_invalid_server_side_encryption|✔|
 |aws_s3_bucket_object_invalid_storage_class|✔|
+|aws_s3control_access_point_policy_invalid_access_point_arn|✔|
+|aws_s3control_bucket_invalid_bucket|✔|
+|aws_s3control_bucket_invalid_outpost_id|✔|
+|aws_s3control_bucket_lifecycle_configuration_invalid_bucket|✔|
+|aws_s3control_bucket_policy_invalid_bucket|✔|
+|aws_s3control_multi_region_access_point_invalid_account_id|✔|
+|aws_s3control_multi_region_access_point_policy_invalid_account_id|✔|
+|aws_s3control_object_lambda_access_point_invalid_account_id|✔|
+|aws_s3control_object_lambda_access_point_invalid_name|✔|
+|aws_s3control_object_lambda_access_point_policy_invalid_account_id|✔|
+|aws_s3control_object_lambda_access_point_policy_invalid_name|✔|
 |aws_sagemaker_app_invalid_app_name|✔|
 |aws_sagemaker_app_invalid_app_type|✔|
 |aws_sagemaker_app_invalid_domain_id|✔|

rules/models/aws_s3control_access_point_policy_invalid_access_point_arn.go

@@ -0,0 +1,76 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsS3controlAccessPointPolicyInvalidAccessPointArnRule checks the pattern is valid
+type AwsS3controlAccessPointPolicyInvalidAccessPointArnRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+}
+
+// NewAwsS3controlAccessPointPolicyInvalidAccessPointArnRule returns new rule with default attributes
+func NewAwsS3controlAccessPointPolicyInvalidAccessPointArnRule() *AwsS3controlAccessPointPolicyInvalidAccessPointArnRule {
+	return &AwsS3controlAccessPointPolicyInvalidAccessPointArnRule{
+		resourceType:  "aws_s3control_access_point_policy",
+		attributeName: "access_point_arn",
+		max:           128,
+		min:           4,
+	}
+}
+
+// Name returns the rule name
+func (r *AwsS3controlAccessPointPolicyInvalidAccessPointArnRule) Name() string {
+	return "aws_s3control_access_point_policy_invalid_access_point_arn"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsS3controlAccessPointPolicyInvalidAccessPointArnRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsS3controlAccessPointPolicyInvalidAccessPointArnRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsS3controlAccessPointPolicyInvalidAccessPointArnRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsS3controlAccessPointPolicyInvalidAccessPointArnRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"access_point_arn must be 128 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"access_point_arn must be 4 characters or higher",
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_s3control_bucket_invalid_bucket.go

@@ -0,0 +1,76 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsS3controlBucketInvalidBucketRule checks the pattern is valid
+type AwsS3controlBucketInvalidBucketRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+}
+
+// NewAwsS3controlBucketInvalidBucketRule returns new rule with default attributes
+func NewAwsS3controlBucketInvalidBucketRule() *AwsS3controlBucketInvalidBucketRule {
+	return &AwsS3controlBucketInvalidBucketRule{
+		resourceType:  "aws_s3control_bucket",
+		attributeName: "bucket",
+		max:           255,
+		min:           3,
+	}
+}
+
+// Name returns the rule name
+func (r *AwsS3controlBucketInvalidBucketRule) Name() string {
+	return "aws_s3control_bucket_invalid_bucket"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsS3controlBucketInvalidBucketRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsS3controlBucketInvalidBucketRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsS3controlBucketInvalidBucketRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsS3controlBucketInvalidBucketRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"bucket must be 255 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"bucket must be 3 characters or higher",
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_s3control_bucket_invalid_outpost_id.go

@@ -0,0 +1,76 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsS3controlBucketInvalidOutpostIDRule checks the pattern is valid
+type AwsS3controlBucketInvalidOutpostIDRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+}
+
+// NewAwsS3controlBucketInvalidOutpostIDRule returns new rule with default attributes
+func NewAwsS3controlBucketInvalidOutpostIDRule() *AwsS3controlBucketInvalidOutpostIDRule {
+	return &AwsS3controlBucketInvalidOutpostIDRule{
+		resourceType:  "aws_s3control_bucket",
+		attributeName: "outpost_id",
+		max:           64,
+		min:           1,
+	}
+}
+
+// Name returns the rule name
+func (r *AwsS3controlBucketInvalidOutpostIDRule) Name() string {
+	return "aws_s3control_bucket_invalid_outpost_id"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsS3controlBucketInvalidOutpostIDRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsS3controlBucketInvalidOutpostIDRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsS3controlBucketInvalidOutpostIDRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsS3controlBucketInvalidOutpostIDRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"outpost_id must be 64 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"outpost_id must be 1 characters or higher",
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_s3control_bucket_lifecycle_configuration_invalid_bucket.go

@@ -0,0 +1,76 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsS3controlBucketLifecycleConfigurationInvalidBucketRule checks the pattern is valid
+type AwsS3controlBucketLifecycleConfigurationInvalidBucketRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+}
+
+// NewAwsS3controlBucketLifecycleConfigurationInvalidBucketRule returns new rule with default attributes
+func NewAwsS3controlBucketLifecycleConfigurationInvalidBucketRule() *AwsS3controlBucketLifecycleConfigurationInvalidBucketRule {
+	return &AwsS3controlBucketLifecycleConfigurationInvalidBucketRule{
+		resourceType:  "aws_s3control_bucket_lifecycle_configuration",
+		attributeName: "bucket",
+		max:           255,
+		min:           3,
+	}
+}
+
+// Name returns the rule name
+func (r *AwsS3controlBucketLifecycleConfigurationInvalidBucketRule) Name() string {
+	return "aws_s3control_bucket_lifecycle_configuration_invalid_bucket"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsS3controlBucketLifecycleConfigurationInvalidBucketRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsS3controlBucketLifecycleConfigurationInvalidBucketRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsS3controlBucketLifecycleConfigurationInvalidBucketRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsS3controlBucketLifecycleConfigurationInvalidBucketRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"bucket must be 255 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"bucket must be 3 characters or higher",
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}