aws

package
v0.42.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 7, 2025 License: MPL-2.0 Imports: 19 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AwsProviderAssumeRoleBlockShema = &hclext.BodySchema{
	Attributes: []hclext.AttributeSchema{
		{Name: "role_arn", Required: true},
		{Name: "session_name"},
		{Name: "external_id"},
		{Name: "policy"},
	},
}

AwsProviderAssumeRoleBlockShema is a schema of `assume_role` block

View Source 
var AwsProviderBlockSchema = &hclext.BodySchema{
	Attributes: []hclext.AttributeSchema{
		{Name: "access_key"},
		{Name: "secret_key"},
		{Name: "profile"},
		{Name: "shared_credentials_file"},
		{Name: "region"},
		{Name: "alias"},
	},
	Blocks: []hclext.BlockSchema{
		{
			Type: "assume_role",
			Body: AwsProviderAssumeRoleBlockShema,
		},
	},
}

AwsProviderBlockSchema is a schema of `aws` provider block

Functions

func GetCredentialsFromProvider 

func GetCredentialsFromProvider(runner tflint.Runner) (map[string]Credentials, error)

GetCredentialsFromProvider retrieves credentials from the "provider" block in the Terraform configuration

func IsProviderPartNormalized added in v0.14.0 

func IsProviderPartNormalized(str string) (bool, error)

original code: https://github.com/hashicorp/terraform/blob/3fbedf25430ead97eb42575d344427db3c32d524/internal/addrs/provider.go#L454-L464 IsProviderPartNormalized compares a given string to the result of ParseProviderPart(string)

func ParseProviderPart added in v0.14.0 

func ParseProviderPart(given string) (string, error)

original code: https://github.com/hashicorp/terraform/blob/3fbedf25430ead97eb42575d344427db3c32d524/internal/addrs/provider.go#L385-L442 ParseProviderPart processes an addrs.Provider namespace or type string provided by an end-user, producing a normalized version if possible or an error if the string contains invalid characters.

A provider part is processed in the same way as an individual label in a DNS domain name: it is transformed to lowercase per the usual DNS case mapping and normalization rules and may contain only letters, digits, and dashes. Additionally, dashes may not appear at the start or end of the string.

These restrictions are intended to allow these names to appear in fussy contexts such as directory/file names on case-insensitive filesystems, repository names on GitHub, etc. We're using the DNS rules in particular, rather than some similar rules defined locally, because the hostname part of an addrs.Provider is already a hostname and it's ideal to use exactly the same case folding and normalization rules for all of the parts.

In practice a provider type string conventionally does not contain dashes either. Such names are permitted, but providers with such type names will be hard to use because their resource type names will not be able to contain the provider type name and thus each resource will need an explicit provider address specified. (A real-world example of such a provider is the "google-beta" variant of the GCP provider, which has resource types that start with the "google_" prefix instead.)

It's valid to pass the result of this function as the argument to a subsequent call, in which case the result will be identical.

Types

type AssumeRole added in v0.21.0 

type AssumeRole struct {
	RoleARN     string `hclext:"role_arn,optional"`
	ExternalID  string `hclext:"external_id,optional"`
	Policy      string `hclext:"policy,optional"`
	SessionName string `hclext:"session_name,optional"`
}

type AwsClient added in v0.33.0 

type AwsClient struct {
	IAM         *iam.Client
	EC2         *ec2.Client
	RDS         *rds.Client
	ElastiCache *elasticache.Client
	ELB         *elasticloadbalancing.Client
	ELBV2       *elasticloadbalancingv2.Client
	ECS         *ecs.Client
}

AwsClient is a wrapper of the AWS SDK client. This is the real implementation that satisfies the interface.

func (*AwsClient) DescribeCacheParameterGroups added in v0.33.0 

func (c *AwsClient) DescribeCacheParameterGroups() (map[string]bool, error)

DescribeCacheParameterGroups is a wrapper of DescribeCacheParameterGroups

func (*AwsClient) DescribeCacheSubnetGroups added in v0.33.0 

func (c *AwsClient) DescribeCacheSubnetGroups() (map[string]bool, error)

DescribeCacheSubnetGroups is a wrapper of DescribeCacheSubnetGroups

func (*AwsClient) DescribeDBParameterGroups added in v0.33.0 

func (c *AwsClient) DescribeDBParameterGroups() (map[string]bool, error)

DescribeDBParameterGroups is a wrapper of DescribeDBParameterGroups

func (*AwsClient) DescribeDBSubnetGroups added in v0.33.0 

func (c *AwsClient) DescribeDBSubnetGroups() (map[string]bool, error)

DescribeDBSubnetGroups is a wrapper of DescribeDBSubnetGroups

func (*AwsClient) DescribeEgressOnlyInternetGateways added in v0.33.0 

func (c *AwsClient) DescribeEgressOnlyInternetGateways() (map[string]bool, error)

DescribeEgressOnlyInternetGateways is wrapper of DescribeEgressOnlyInternetGateways

func (*AwsClient) DescribeImages added in v0.33.0 

func (c *AwsClient) DescribeImages(in *ec2.DescribeImagesInput) (map[string]bool, error)

DescribeImages is a wrapper of DescribeImages

func (*AwsClient) DescribeInstances added in v0.33.0 

func (c *AwsClient) DescribeInstances() (map[string]bool, error)

DescribeInstances is a wrapper of DescribeInstances

func (*AwsClient) DescribeInternetGateways added in v0.33.0 

func (c *AwsClient) DescribeInternetGateways() (map[string]bool, error)

DescribeInternetGateways is a wrapper of DescribeInternetGateways

func (*AwsClient) DescribeKeyPairs added in v0.33.0 

func (c *AwsClient) DescribeKeyPairs() (map[string]bool, error)

DescribeKeyPairs is a wrapper of DescribeKeyPairs

func (*AwsClient) DescribeNatGateways added in v0.33.0 

func (c *AwsClient) DescribeNatGateways() (map[string]bool, error)

DescribeNatGateways is a wrapper of DescribeNatGateways

func (*AwsClient) DescribeNetworkInterfaces added in v0.33.0 

func (c *AwsClient) DescribeNetworkInterfaces() (map[string]bool, error)

DescribeNetworkInterfaces is a wrapper of DescribeNetworkInterfaces

func (*AwsClient) DescribeOptionGroups added in v0.33.0 

func (c *AwsClient) DescribeOptionGroups() (map[string]bool, error)

DescribeOptionGroups is a wrapper of DescribeOptionGroups

func (*AwsClient) DescribeRouteTables added in v0.33.0 

func (c *AwsClient) DescribeRouteTables() (map[string]bool, error)

DescribeRouteTables is a wrapper of DescribeRouteTables

func (*AwsClient) DescribeSecurityGroups added in v0.33.0 

func (c *AwsClient) DescribeSecurityGroups() (map[string]bool, error)

DescribeSecurityGroups is a wrapper of DescribeSecurityGroups

func (*AwsClient) DescribeSubnets added in v0.33.0 

func (c *AwsClient) DescribeSubnets() (map[string]bool, error)

DescribeSubnets is a wrapper of DescribeSubnets

func (*AwsClient) DescribeVpcPeeringConnections added in v0.33.0 

func (c *AwsClient) DescribeVpcPeeringConnections() (map[string]bool, error)

DescribeVpcPeeringConnections is a wrapper of DescribeVpcPeeringConnections

func (*AwsClient) ListInstanceProfiles added in v0.33.0 

func (c *AwsClient) ListInstanceProfiles() (map[string]bool, error)

ListInstanceProfiles is a wrapper of ListInstanceProfiles

type Client 

type Client interface {
	DescribeSecurityGroups() (map[string]bool, error)
	DescribeSubnets() (map[string]bool, error)
	DescribeDBSubnetGroups() (map[string]bool, error)
	DescribeOptionGroups() (map[string]bool, error)
	DescribeDBParameterGroups() (map[string]bool, error)
	DescribeCacheParameterGroups() (map[string]bool, error)
	DescribeCacheSubnetGroups() (map[string]bool, error)
	DescribeInstances() (map[string]bool, error)
	DescribeImages(*ec2.DescribeImagesInput) (map[string]bool, error)
	ListInstanceProfiles() (map[string]bool, error)
	DescribeKeyPairs() (map[string]bool, error)
	DescribeEgressOnlyInternetGateways() (map[string]bool, error)
	DescribeInternetGateways() (map[string]bool, error)
	DescribeNatGateways() (map[string]bool, error)
	DescribeNetworkInterfaces() (map[string]bool, error)
	DescribeRouteTables() (map[string]bool, error)
	DescribeVpcPeeringConnections() (map[string]bool, error)
}

Client is an interface for API client. This is primarily used for mock clients.

func NewClient 

func NewClient(creds Credentials) (Client, error)

NewClient returns a new Client with configured session

type Config 

type Config struct {
	DeepCheck             bool        `hclext:"deep_check,optional"`
	AccessKey             string      `hclext:"access_key,optional"`
	SecretKey             string      `hclext:"secret_key,optional"`
	Region                string      `hclext:"region,optional"`
	Profile               string      `hclext:"profile,optional"`
	SharedCredentialsFile string      `hclext:"shared_credentials_file,optional"`
	AssumeRole            *AssumeRole `hclext:"assume_role,block"`
}

Config is the configuration for the ruleset.

type Credentials 

type Credentials struct {
	AccessKey             string
	SecretKey             string
	Profile               string
	CredsFile             string
	AssumeRoleARN         string
	AssumeRoleExternalID  string
	AssumeRolePolicy      string
	AssumeRoleSessionName string
	Region                string
}

Credentials is credentials for AWS used in deep check mode

func (Credentials) Merge 

func (c Credentials) Merge(other Credentials) Credentials

Merge returns a merged credentials

type ProviderConfigRef added in v0.14.0 

type ProviderConfigRef struct {
	Name       string
	NameRange  hcl.Range
	Alias      string
	AliasRange *hcl.Range // nil if alias not set

}

original code: https://github.com/hashicorp/terraform/blob/3fbedf25430ead97eb42575d344427db3c32d524/internal/configs/resource.go#L484-L496

func DecodeProviderConfigRef added in v0.24.0 

func DecodeProviderConfigRef(expr hcl.Expression, argName string) (*ProviderConfigRef, hcl.Diagnostics)

original code: https://github.com/hashicorp/terraform/blob/3fbedf25430ead97eb42575d344427db3c32d524/internal/configs/resource.go#L498-L569

type RuleSet 

type RuleSet struct {
	tflint.BuiltinRuleSet
	// contains filtered or unexported fields
}

RuleSet is the custom ruleset for the AWS provider plugin.

func (*RuleSet) ApplyConfig 

func (r *RuleSet) ApplyConfig(body *hclext.BodyContent) error

ApplyConfig reflects the plugin configuration to the ruleset.

func (*RuleSet) ConfigSchema added in v0.13.0 

func (r *RuleSet) ConfigSchema() *hclext.BodySchema

func (*RuleSet) NewRunner added in v0.23.0 

func (r *RuleSet) NewRunner(runner tflint.Runner) (tflint.Runner, error)

NewRunner injects a custom AWS runner

type Runner 

type Runner struct {
	tflint.Runner
	PluginConfig *Config
	AwsClients   map[string]Client
}

Runner is a wrapper of RPC client for inserting custom actions for AWS provider.

func NewRunner 

func NewRunner(runner tflint.Runner, config *Config) (*Runner, error)

NewRunner returns a custom AWS runner.

func (*Runner) AwsClient 

func (r *Runner) AwsClient(attributes hclext.Attributes) (Client, error)

func (*Runner) EachStringSliceExprs 

func (r *Runner) EachStringSliceExprs(expr hcl.Expression, proc func(val string, expr hcl.Expression)) error

EachStringSliceExprs iterates an evaluated value and the corresponding expression If the given expression is a static list, get an expression for each value If not, the given expression is used as it is

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.