diff --git a/docs/rules/README.md b/docs/rules/README.md index 633a8fae..3323f50b 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -93,6 +93,14 @@ These rules enforce best practices and naming conventions: |aws_api_gateway_method_response_invalid_status_code|✔| |aws_api_gateway_rest_api_invalid_api_key_source|✔| |aws_api_gateway_stage_invalid_cache_cluster_size|✔| +|aws_apigatewayv2_api_invalid_protocol_type|✔| +|aws_apigatewayv2_authorizer_invalid_authorizer_type|✔| +|aws_apigatewayv2_integration_invalid_connection_type|✔| +|aws_apigatewayv2_integration_invalid_content_handling_strategy|✔| +|aws_apigatewayv2_integration_invalid_integration_type|✔| +|aws_apigatewayv2_integration_invalid_passthrough_behavior|✔| +|aws_apigatewayv2_integration_response_invalid_content_handling_strategy|✔| +|aws_apigatewayv2_route_invalid_authorization_type|✔| |aws_appautoscaling_policy_invalid_policy_type|✔| |aws_appautoscaling_policy_invalid_scalable_dimension|✔| |aws_appautoscaling_policy_invalid_service_namespace|✔| diff --git a/rules/models/aws_apigatewayv2_api_invalid_protocol_type.go b/rules/models/aws_apigatewayv2_api_invalid_protocol_type.go new file mode 100644 index 00000000..5bdf49de --- /dev/null +++ b/rules/models/aws_apigatewayv2_api_invalid_protocol_type.go @@ -0,0 +1,77 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2APIInvalidProtocolTypeRule checks the pattern is valid +type AwsApigatewayv2APIInvalidProtocolTypeRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2APIInvalidProtocolTypeRule returns new rule with default attributes +func NewAwsApigatewayv2APIInvalidProtocolTypeRule() *AwsApigatewayv2APIInvalidProtocolTypeRule { + return &AwsApigatewayv2APIInvalidProtocolTypeRule{ + resourceType: "aws_apigatewayv2_api", + attributeName: "protocol_type", + enum: []string{ + "WEBSOCKET", + "HTTP", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2APIInvalidProtocolTypeRule) Name() string { + return "aws_apigatewayv2_api_invalid_protocol_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2APIInvalidProtocolTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2APIInvalidProtocolTypeRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2APIInvalidProtocolTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2APIInvalidProtocolTypeRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as protocol_type`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_apigatewayv2_authorizer_invalid_authorizer_type.go b/rules/models/aws_apigatewayv2_authorizer_invalid_authorizer_type.go new file mode 100644 index 00000000..a82acf1a --- /dev/null +++ b/rules/models/aws_apigatewayv2_authorizer_invalid_authorizer_type.go @@ -0,0 +1,77 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule checks the pattern is valid +type AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule returns new rule with default attributes +func NewAwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule() *AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule { + return &AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule{ + resourceType: "aws_apigatewayv2_authorizer", + attributeName: "authorizer_type", + enum: []string{ + "REQUEST", + "JWT", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule) Name() string { + return "aws_apigatewayv2_authorizer_invalid_authorizer_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as authorizer_type`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_apigatewayv2_integration_invalid_connection_type.go b/rules/models/aws_apigatewayv2_integration_invalid_connection_type.go new file mode 100644 index 00000000..58cd3acd --- /dev/null +++ b/rules/models/aws_apigatewayv2_integration_invalid_connection_type.go @@ -0,0 +1,77 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2IntegrationInvalidConnectionTypeRule checks the pattern is valid +type AwsApigatewayv2IntegrationInvalidConnectionTypeRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2IntegrationInvalidConnectionTypeRule returns new rule with default attributes +func NewAwsApigatewayv2IntegrationInvalidConnectionTypeRule() *AwsApigatewayv2IntegrationInvalidConnectionTypeRule { + return &AwsApigatewayv2IntegrationInvalidConnectionTypeRule{ + resourceType: "aws_apigatewayv2_integration", + attributeName: "connection_type", + enum: []string{ + "INTERNET", + "VPC_LINK", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2IntegrationInvalidConnectionTypeRule) Name() string { + return "aws_apigatewayv2_integration_invalid_connection_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2IntegrationInvalidConnectionTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2IntegrationInvalidConnectionTypeRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2IntegrationInvalidConnectionTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2IntegrationInvalidConnectionTypeRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as connection_type`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_apigatewayv2_integration_invalid_content_handling_strategy.go b/rules/models/aws_apigatewayv2_integration_invalid_content_handling_strategy.go new file mode 100644 index 00000000..f0bee3c4 --- /dev/null +++ b/rules/models/aws_apigatewayv2_integration_invalid_content_handling_strategy.go @@ -0,0 +1,77 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule checks the pattern is valid +type AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule returns new rule with default attributes +func NewAwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule() *AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule { + return &AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule{ + resourceType: "aws_apigatewayv2_integration", + attributeName: "content_handling_strategy", + enum: []string{ + "CONVERT_TO_BINARY", + "CONVERT_TO_TEXT", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule) Name() string { + return "aws_apigatewayv2_integration_invalid_content_handling_strategy" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as content_handling_strategy`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_apigatewayv2_integration_invalid_integration_type.go b/rules/models/aws_apigatewayv2_integration_invalid_integration_type.go new file mode 100644 index 00000000..e902101f --- /dev/null +++ b/rules/models/aws_apigatewayv2_integration_invalid_integration_type.go @@ -0,0 +1,80 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2IntegrationInvalidIntegrationTypeRule checks the pattern is valid +type AwsApigatewayv2IntegrationInvalidIntegrationTypeRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2IntegrationInvalidIntegrationTypeRule returns new rule with default attributes +func NewAwsApigatewayv2IntegrationInvalidIntegrationTypeRule() *AwsApigatewayv2IntegrationInvalidIntegrationTypeRule { + return &AwsApigatewayv2IntegrationInvalidIntegrationTypeRule{ + resourceType: "aws_apigatewayv2_integration", + attributeName: "integration_type", + enum: []string{ + "AWS", + "HTTP", + "MOCK", + "HTTP_PROXY", + "AWS_PROXY", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2IntegrationInvalidIntegrationTypeRule) Name() string { + return "aws_apigatewayv2_integration_invalid_integration_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2IntegrationInvalidIntegrationTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2IntegrationInvalidIntegrationTypeRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2IntegrationInvalidIntegrationTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2IntegrationInvalidIntegrationTypeRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as integration_type`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_apigatewayv2_integration_invalid_passthrough_behavior.go b/rules/models/aws_apigatewayv2_integration_invalid_passthrough_behavior.go new file mode 100644 index 00000000..5ef2558a --- /dev/null +++ b/rules/models/aws_apigatewayv2_integration_invalid_passthrough_behavior.go @@ -0,0 +1,78 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule checks the pattern is valid +type AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule returns new rule with default attributes +func NewAwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule() *AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule { + return &AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule{ + resourceType: "aws_apigatewayv2_integration", + attributeName: "passthrough_behavior", + enum: []string{ + "WHEN_NO_MATCH", + "NEVER", + "WHEN_NO_TEMPLATES", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule) Name() string { + return "aws_apigatewayv2_integration_invalid_passthrough_behavior" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as passthrough_behavior`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_apigatewayv2_integration_response_invalid_content_handling_strategy.go b/rules/models/aws_apigatewayv2_integration_response_invalid_content_handling_strategy.go new file mode 100644 index 00000000..cc0d4cac --- /dev/null +++ b/rules/models/aws_apigatewayv2_integration_response_invalid_content_handling_strategy.go @@ -0,0 +1,77 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule checks the pattern is valid +type AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule returns new rule with default attributes +func NewAwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule() *AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule { + return &AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule{ + resourceType: "aws_apigatewayv2_integration_response", + attributeName: "content_handling_strategy", + enum: []string{ + "CONVERT_TO_BINARY", + "CONVERT_TO_TEXT", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule) Name() string { + return "aws_apigatewayv2_integration_response_invalid_content_handling_strategy" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as content_handling_strategy`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_apigatewayv2_route_invalid_authorization_type.go b/rules/models/aws_apigatewayv2_route_invalid_authorization_type.go new file mode 100644 index 00000000..c4696324 --- /dev/null +++ b/rules/models/aws_apigatewayv2_route_invalid_authorization_type.go @@ -0,0 +1,79 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsApigatewayv2RouteInvalidAuthorizationTypeRule checks the pattern is valid +type AwsApigatewayv2RouteInvalidAuthorizationTypeRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsApigatewayv2RouteInvalidAuthorizationTypeRule returns new rule with default attributes +func NewAwsApigatewayv2RouteInvalidAuthorizationTypeRule() *AwsApigatewayv2RouteInvalidAuthorizationTypeRule { + return &AwsApigatewayv2RouteInvalidAuthorizationTypeRule{ + resourceType: "aws_apigatewayv2_route", + attributeName: "authorization_type", + enum: []string{ + "NONE", + "AWS_IAM", + "CUSTOM", + "JWT", + }, + } +} + +// Name returns the rule name +func (r *AwsApigatewayv2RouteInvalidAuthorizationTypeRule) Name() string { + return "aws_apigatewayv2_route_invalid_authorization_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsApigatewayv2RouteInvalidAuthorizationTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsApigatewayv2RouteInvalidAuthorizationTypeRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsApigatewayv2RouteInvalidAuthorizationTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsApigatewayv2RouteInvalidAuthorizationTypeRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as authorization_type`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/mappings/apigatewayv2.hcl b/rules/models/mappings/apigatewayv2.hcl new file mode 100644 index 00000000..bcf7229f --- /dev/null +++ b/rules/models/mappings/apigatewayv2.hcl @@ -0,0 +1,114 @@ +import = "aws-sdk-go/models/apis/apigatewayv2/2018-11-29/api-2.json" + +mapping "aws_apigatewayv2_api" { + name = StringWithLengthBetween1And128 + protocol_type = ProtocolType + api_key_selection_expression = SelectionExpression + cors_configuration = Cors + credentials_arn = Arn + description = StringWithLengthBetween0And1024 + route_key = SelectionKey + route_selection_expression = SelectionExpression + tags = Tags + target = UriWithLengthBetween1And2048 + version = StringWithLengthBetween1And64 +} + +mapping "aws_apigatewayv2_api_mapping" { + api_id = Id + stage = StringWithLengthBetween1And128 + api_mapping_key = SelectionKey +} + +mapping "aws_apigatewayv2_authorizer" { + authorizer_type = AuthorizerType + name = StringWithLengthBetween1And128 + authorizer_credentials_arn = Arn + authorizer_payload_format_version = StringWithLengthBetween1And64 + authorizer_result_ttl_in_seconds = IntegerWithLengthBetween0And3600 + authorizer_uri = UriWithLengthBetween1And2048 + identity_sources = IdentitySourceList + jwt_configuration = JWTConfiguration +} + +mapping "aws_apigatewayv2_deployment" { + description = StringWithLengthBetween0And1024 +} + +mapping "aws_apigatewayv2_domain_name" { + domain_name = StringWithLengthBetween1And512 + mutual_tls_authentication = MutualTlsAuthenticationInput + tags = Tags +} + +mapping "aws_apigatewayv2_integration" { + integration_type = IntegrationType + connection_id = StringWithLengthBetween1And1024 + connection_type = ConnectionType + content_handling_strategy = ContentHandlingStrategy + credentials_arn = Arn + description = StringWithLengthBetween0And1024 + integration_method = StringWithLengthBetween1And64 + integration_subtype = StringWithLengthBetween1And128 + integration_uri = UriWithLengthBetween1And2048 + passthrough_behavior = PassthroughBehavior + payload_format_version = StringWithLengthBetween1And64 + request_parameters = IntegrationParameters + request_templates = TemplateMap + response_parameters = ResponseParameters + template_selection_expression = SelectionExpression + timeout_milliseconds = IntegerWithLengthBetween50And30000 + tls_config = TlsConfigInput +} + +mapping "aws_apigatewayv2_integration_response" { + integration_response_key = SelectionKey + content_handling_strategy = ContentHandlingStrategy + response_templates = TemplateMap + template_selection_expression = SelectionExpression +} + +mapping "aws_apigatewayv2_model" { + content_type = StringWithLengthBetween1And256 + name = StringWithLengthBetween1And128 + schema = StringWithLengthBetween0And32K + description = StringWithLengthBetween0And1024 +} + +mapping "aws_apigatewayv2_route" { + route_key = SelectionKey + authorization_scopes = AuthorizationScopes + authorization_type = AuthorizationType + authorizer_id = Id + model_selection_expression = SelectionExpression + operation_name = StringWithLengthBetween1And64 + request_models = RouteModels + request_parameter = RouteParameters + route_response_selection_expression = SelectionExpression + target = StringWithLengthBetween1And128 +} + +mapping "aws_apigatewayv2_route_response" { + route_response_key = SelectionKey + model_selection_expression = SelectionExpression + response_models = RouteModels +} + +mapping "aws_apigatewayv2_stage" { + name = StringWithLengthBetween1And128 + access_log_settings = AccessLogSettings + client_certificate_id = Id + default_route_settings = RouteSettings + deployment_id = Id + description = StringWithLengthBetween0And1024 + route_settings = RouteSettingsMap + stage_variables = StageVariablesMap + tags = Tags +} + +mapping "aws_apigatewayv2_vpc_link" { + name = StringWithLengthBetween1And128 + security_group_ids = SecurityGroupIdList + subnet_ids = SubnetIdList + tags = Tags +} \ No newline at end of file diff --git a/rules/models/provider.go b/rules/models/provider.go index 07ea2d92..c85bb78a 100644 --- a/rules/models/provider.go +++ b/rules/models/provider.go @@ -31,6 +31,14 @@ var Rules = []tflint.Rule{ NewAwsAPIGatewayMethodResponseInvalidStatusCodeRule(), NewAwsAPIGatewayRestAPIInvalidAPIKeySourceRule(), NewAwsAPIGatewayStageInvalidCacheClusterSizeRule(), + NewAwsApigatewayv2APIInvalidProtocolTypeRule(), + NewAwsApigatewayv2AuthorizerInvalidAuthorizerTypeRule(), + NewAwsApigatewayv2IntegrationInvalidConnectionTypeRule(), + NewAwsApigatewayv2IntegrationInvalidContentHandlingStrategyRule(), + NewAwsApigatewayv2IntegrationInvalidIntegrationTypeRule(), + NewAwsApigatewayv2IntegrationInvalidPassthroughBehaviorRule(), + NewAwsApigatewayv2IntegrationResponseInvalidContentHandlingStrategyRule(), + NewAwsApigatewayv2RouteInvalidAuthorizationTypeRule(), NewAwsAppautoscalingPolicyInvalidPolicyTypeRule(), NewAwsAppautoscalingPolicyInvalidScalableDimensionRule(), NewAwsAppautoscalingPolicyInvalidServiceNamespaceRule(),