Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat => v2:aws_resource_missing_tags errors when tags are provided via default_tags mechanism #192

Closed
evairmarinho opened this issue Oct 25, 2021 · 6 comments · Fixed by #489
Closed

Feat => v2:aws_resource_missing_tags errors when tags are provided via default_tags mechanism #192

evairmarinho opened this issue Oct 25, 2021 · 6 comments · Fixed by #489
Labels
enhancement New feature or request

Comments

@evairmarinho
Copy link

I have the same needs reported in the issue #117.

In CI/CD scenario i need this tag rule to be followed anyway.

The provider block grants me the tags on all resources, but the risk of having those tags changed is medium/high.

Thanks!
@wata727
Copy link
Member

wata727 commented Oct 31, 2021

I have a question about this need.

This rule was originally added because it was necessary to ensure that it declare tags for each resource. At that time, there was no way to declare tags uniformly for all resources, so this was a valid request.

After that, terraform-provider-aws added a way to declare tags in the provider block, so I'm wondering about the need for this rule. What do you think?

@evairmarinho
Copy link
Author

So I would like the default tags not to be changed. Mandatory tags would be defined in .tflint.hcl. I think tflint could have this feature so that people can't get around the necessary tagging rule. If someone wants to change the tag rule, they'll have to change the .tflint.hcl, making it easy to authorize or deny that change.

@evairmarinho
Copy link
Author

Possible code

providers.tf

provider "aws" {
region = "us-east-1"
default_tags {
    tags = var.default_mandatory_tags
}
}

dev.auto.tfvars

default_mandatory_tags = { Environment = "Test" , CostCenter = "HR"}

.tflint.hcl

rule "aws_resource_missing_tags" {
  enabled = true
  tags = ["Environment", "CostCenter"]
}

@evairmarinho
Copy link
Author

@wata727, if you think that what I need would be another rule, that's fine! I can open a new issue, explaining better.

@wata727
Copy link
Member

wata727 commented Nov 2, 2021

Ah, okay. It makes sense.
I thought that if the default_tags were declared statically, it would duplicate the declaration in .tflint.hcl, but I understand that why you want if it's declared with complex evaluation.

@wata727 wata727 added the enhancement New feature or request label Nov 2, 2021
@wata727 wata727 mentioned this issue Jan 28, 2022
Closed
@glenthomas
Copy link

I would like this too. I think it would be good to create a new rule aws_provider_missing_default_tags

@JorgeReus JorgeReus mentioned this issue May 6, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Added default tags functionality JorgeReus/tflint-ruleset-aws
3 participants
@wata727 @glenthomas @evairmarinho