mapping aws_eks (#258)

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon
https://github.com/aws/aws-sdk-go/blob/main/models/apis/eks/2017-11-01/api-2.json

Author: PatMyron

docs/rules/README.md

@@ -523,7 +523,12 @@ These rules enforce best practices and naming conventions:
 |aws_efs_mount_target_invalid_file_system_id|✔|
 |aws_efs_mount_target_invalid_ip_address|✔|
 |aws_efs_mount_target_invalid_subnet_id|✔|
+|aws_eks_addon_invalid_cluster_name|✔|
+|aws_eks_addon_invalid_resolve_conflicts|✔|
+|aws_eks_addon_invalid_service_account_role_arn|✔|
 |aws_eks_cluster_invalid_name|✔|
+|aws_eks_node_group_invalid_ami_type|✔|
+|aws_eks_node_group_invalid_capacity_type|✔|
 |aws_elastic_beanstalk_application_invalid_description|✔|
 |aws_elastic_beanstalk_application_invalid_name|✔|
 |aws_elastic_beanstalk_application_version_invalid_application|✔|

rules/models/aws_ecs_account_setting_default_invalid_name.go

@@ -0,0 +1,80 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsEcsAccountSettingDefaultInvalidNameRule checks the pattern is valid
+type AwsEcsAccountSettingDefaultInvalidNameRule struct {
+	resourceType  string
+	attributeName string
+	enum          []string
+}
+
+// NewAwsEcsAccountSettingDefaultInvalidNameRule returns new rule with default attributes
+func NewAwsEcsAccountSettingDefaultInvalidNameRule() *AwsEcsAccountSettingDefaultInvalidNameRule {
+	return &AwsEcsAccountSettingDefaultInvalidNameRule{
+		resourceType:  "aws_ecs_account_setting_default",
+		attributeName: "name",
+		enum: []string{
+			"serviceLongArnFormat",
+			"taskLongArnFormat",
+			"containerInstanceLongArnFormat",
+			"awsvpcTrunking",
+			"containerInsights",
+		},
+	}
+}
+
+// Name returns the rule name
+func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Name() string {
+	return "aws_ecs_account_setting_default_invalid_name"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsEcsAccountSettingDefaultInvalidNameRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			found := false
+			for _, item := range r.enum {
+				if item == val {
+					found = true
+				}
+			}
+			if !found {
+				runner.EmitIssueOnExpr(
+					r,
+					fmt.Sprintf(`"%s" is an invalid value as name`, truncateLongMessage(val)),
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_eks_addon_invalid_cluster_name.go

@@ -0,0 +1,87 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"log"
+	"regexp"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsEksAddonInvalidClusterNameRule checks the pattern is valid
+type AwsEksAddonInvalidClusterNameRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+	pattern       *regexp.Regexp
+}
+
+// NewAwsEksAddonInvalidClusterNameRule returns new rule with default attributes
+func NewAwsEksAddonInvalidClusterNameRule() *AwsEksAddonInvalidClusterNameRule {
+	return &AwsEksAddonInvalidClusterNameRule{
+		resourceType:  "aws_eks_addon",
+		attributeName: "cluster_name",
+		max:           100,
+		min:           1,
+		pattern:       regexp.MustCompile(`^[0-9A-Za-z][A-Za-z0-9\-_]*`),
+	}
+}
+
+// Name returns the rule name
+func (r *AwsEksAddonInvalidClusterNameRule) Name() string {
+	return "aws_eks_addon_invalid_cluster_name"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsEksAddonInvalidClusterNameRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsEksAddonInvalidClusterNameRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsEksAddonInvalidClusterNameRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsEksAddonInvalidClusterNameRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"cluster_name must be 100 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"cluster_name must be 1 characters or higher",
+					attribute.Expr,
+				)
+			}
+			if !r.pattern.MatchString(val) {
+				runner.EmitIssueOnExpr(
+					r,
+					fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9A-Za-z][A-Za-z0-9\-_]*`),
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_eks_addon_invalid_resolve_conflicts.go

@@ -0,0 +1,77 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsEksAddonInvalidResolveConflictsRule checks the pattern is valid
+type AwsEksAddonInvalidResolveConflictsRule struct {
+	resourceType  string
+	attributeName string
+	enum          []string
+}
+
+// NewAwsEksAddonInvalidResolveConflictsRule returns new rule with default attributes
+func NewAwsEksAddonInvalidResolveConflictsRule() *AwsEksAddonInvalidResolveConflictsRule {
+	return &AwsEksAddonInvalidResolveConflictsRule{
+		resourceType:  "aws_eks_addon",
+		attributeName: "resolve_conflicts",
+		enum: []string{
+			"OVERWRITE",
+			"NONE",
+		},
+	}
+}
+
+// Name returns the rule name
+func (r *AwsEksAddonInvalidResolveConflictsRule) Name() string {
+	return "aws_eks_addon_invalid_resolve_conflicts"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsEksAddonInvalidResolveConflictsRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsEksAddonInvalidResolveConflictsRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsEksAddonInvalidResolveConflictsRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsEksAddonInvalidResolveConflictsRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			found := false
+			for _, item := range r.enum {
+				if item == val {
+					found = true
+				}
+			}
+			if !found {
+				runner.EmitIssueOnExpr(
+					r,
+					fmt.Sprintf(`"%s" is an invalid value as resolve_conflicts`, truncateLongMessage(val)),
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}

rules/models/aws_eks_addon_invalid_service_account_role_arn.go

@@ -0,0 +1,76 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"log"
+
+	hcl "github.com/hashicorp/hcl/v2"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsEksAddonInvalidServiceAccountRoleArnRule checks the pattern is valid
+type AwsEksAddonInvalidServiceAccountRoleArnRule struct {
+	resourceType  string
+	attributeName string
+	max           int
+	min           int
+}
+
+// NewAwsEksAddonInvalidServiceAccountRoleArnRule returns new rule with default attributes
+func NewAwsEksAddonInvalidServiceAccountRoleArnRule() *AwsEksAddonInvalidServiceAccountRoleArnRule {
+	return &AwsEksAddonInvalidServiceAccountRoleArnRule{
+		resourceType:  "aws_eks_addon",
+		attributeName: "service_account_role_arn",
+		max:           255,
+		min:           1,
+	}
+}
+
+// Name returns the rule name
+func (r *AwsEksAddonInvalidServiceAccountRoleArnRule) Name() string {
+	return "aws_eks_addon_invalid_service_account_role_arn"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsEksAddonInvalidServiceAccountRoleArnRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsEksAddonInvalidServiceAccountRoleArnRule) Severity() string {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsEksAddonInvalidServiceAccountRoleArnRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsEksAddonInvalidServiceAccountRoleArnRule) Check(runner tflint.Runner) error {
+	log.Printf("[TRACE] Check `%s` rule", r.Name())
+
+	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
+		var val string
+		err := runner.EvaluateExpr(attribute.Expr, &val, nil)
+
+		return runner.EnsureNoError(err, func() error {
+			if len(val) > r.max {
+				runner.EmitIssueOnExpr(
+					r,
+					"service_account_role_arn must be 255 characters or less",
+					attribute.Expr,
+				)
+			}
+			if len(val) < r.min {
+				runner.EmitIssueOnExpr(
+					r,
+					"service_account_role_arn must be 1 characters or higher",
+					attribute.Expr,
+				)
+			}
+			return nil
+		})
+	})
+}