From 28ae9b8b9e926a08c3a25cb0b6cb4075ab9669ee Mon Sep 17 00:00:00 2001
From: velotioaastha <aastha.gupta@velotio.com>
Date: Wed, 28 Feb 2024 18:59:38 +0530
Subject: [PATCH] added changes to update validation block.

---
 variables.tf | 21 ++++++++-------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/variables.tf b/variables.tf
index 27fc9fe17..c84c65f1e 100644
--- a/variables.tf
+++ b/variables.tf
@@ -4,7 +4,7 @@
 variable "namespace" {
   type        = string
   description = "String used for prefix resources."
-  default = ""
+  default = "test"
 }
 
 variable "deletion_protection" {
@@ -77,7 +77,7 @@ variable "database_innodb_lru_scan_depth" {
 }
 
 variable "database_performance_insights_kms_key_arn" {
-  default     = null
+  default     = ""
   description = "Specifies an existing KMS key ARN to encrypt the performance insights data if performance_insights_enabled is was enabled out of band"
   nullable    = true
   type        = string
@@ -358,14 +358,11 @@ variable "bucket_name" {
   type    = string
   default = ""
 }
-
 variable "bucket_kms_key_arn" {
-  type        = string
-  description = "The Amazon Resource Name of the KMS key with which S3 storage bucket objects will be encrypted."
-  default     = null
+  type    = string
+  default = ""
   validation {
-    # regex(...) fails if it cannot find a match
-    condition     = can(regex("^arn:aws:kms:*:*"))
+    condition = can(regex("^arn:aws:kms:[a-z0-9-]+:[0-9]+:key/[a-zA-Z0-9-_]+$",var.bucket_kms_key_arn)) || var.bucket_kms_key_arn == ""
     error_message = "Invalid value for bucket kms ARN"
   }
 }
@@ -402,13 +399,11 @@ variable "other_wandb_env" {
 ##########################################
 # New Vars for Encryption                #
 ##########################################
-
 variable "db_kms_key_arn" {
   type    = string
-  default = null
+  default = ""
   validation {
-    # regex(...) fails if it cannot find a match
-    condition     = can(regex("^arn:aws:kms:*:*"))
-    error_message = "Invalid value for db kms ARN"
+    condition = can(regex("^arn:aws:kms:[a-z0-9-]+:[0-9]+:[a-zA-Z0-9-_]+:[a-zA-Z0-9-_]+", var.db_kms_key_arn)) || var.db_kms_key_arn == ""
+    error_message = "Invalid value for bucket kms ARN"
   }
 }
\ No newline at end of file