Skip to content

Commit 6ce768e

Browse files
Copilotwata727
Copilot
and
wata727
authored
Add missing AWS S3 bucket naming restrictions (#976)
* Initial plan * Update regexRules to include latest AWS S3 bucket naming restrictions Co-authored-by: wata727 <[email protected]> --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: wata727 <[email protected]>
1 parent eb4a73a commit 6ce768e

File tree

2 files changed

+91
-3
lines changed

2 files changed

+91
-3
lines changed

rules/aws_s3_bucket_name.go

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -108,8 +108,8 @@ func (r *AwsS3BucketNameRule) Check(runner tflint.Runner) error {
108108
Description: "Bucket names must not start with the prefix 'xn--'.",
109109
},
110110
{
111-
Regexp: *regexp.MustCompile("^(sthree-|sthree-configurator)"),
112-
Description: "Bucket names must not start with the prefix 'sthree-' and the prefix 'sthree-configurator'.",
111+
Regexp: *regexp.MustCompile("^(sthree-|sthree-configurator|amzn-s3-demo-)"),
112+
Description: "Bucket names must not start with the prefix 'sthree-', 'sthree-configurator', or 'amzn-s3-demo-'.",
113113
},
114114
{
115115
Regexp: *regexp.MustCompile("-s3alias$"),
@@ -119,6 +119,18 @@ func (r *AwsS3BucketNameRule) Check(runner tflint.Runner) error {
119119
Regexp: *regexp.MustCompile("--ol-s3$"),
120120
Description: "Bucket names must not end with the suffix '--ol-s3'.",
121121
},
122+
{
123+
Regexp: *regexp.MustCompile("\\.mrap$"),
124+
Description: "Bucket names must not end with the suffix '.mrap'.",
125+
},
126+
{
127+
Regexp: *regexp.MustCompile("--x-s3$"),
128+
Description: "Bucket names must not end with the suffix '--x-s3'.",
129+
},
130+
{
131+
Regexp: *regexp.MustCompile("--table-s3$"),
132+
Description: "Bucket names must not end with the suffix '--table-s3'.",
133+
},
122134
}
123135

124136
for _, resource := range resources.Blocks {

rules/aws_s3_bucket_name_test.go

Lines changed: 77 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -267,7 +267,7 @@ resource "aws_s3_bucket" "invalid_prefix_sthree" {
267267
Expected: helper.Issues{
268268
{
269269
Rule: NewAwsS3BucketNameRule(),
270-
Message: `Bucket names must not start with the prefix 'sthree-' and the prefix 'sthree-configurator'. (name: "sthree-domain.com", regex: "^(sthree-|sthree-configurator)")`,
270+
Message: `Bucket names must not start with the prefix 'sthree-', 'sthree-configurator', or 'amzn-s3-demo-'. (name: "sthree-domain.com", regex: "^(sthree-|sthree-configurator|amzn-s3-demo-)")`,
271271
Range: hcl.Range{
272272
Filename: "resource.tf",
273273
Start: hcl.Pos{Line: 3, Column: 12},
@@ -314,6 +314,82 @@ resource "aws_s3_bucket" "invalid_suffix_ols3" {
314314
},
315315
},
316316
},
317+
{
318+
Name: "invalid_prefix_amzn_s3_demo",
319+
Content: `
320+
resource "aws_s3_bucket" "invalid_prefix_amzn_s3_demo" {
321+
bucket = "amzn-s3-demo-bucket"
322+
}
323+
`,
324+
Expected: helper.Issues{
325+
{
326+
Rule: NewAwsS3BucketNameRule(),
327+
Message: `Bucket names must not start with the prefix 'sthree-', 'sthree-configurator', or 'amzn-s3-demo-'. (name: "amzn-s3-demo-bucket", regex: "^(sthree-|sthree-configurator|amzn-s3-demo-)")`,
328+
Range: hcl.Range{
329+
Filename: "resource.tf",
330+
Start: hcl.Pos{Line: 3, Column: 12},
331+
End: hcl.Pos{Line: 3, Column: 33},
332+
},
333+
},
334+
},
335+
},
336+
{
337+
Name: "invalid_suffix_mrap",
338+
Content: `
339+
resource "aws_s3_bucket" "invalid_suffix_mrap" {
340+
bucket = "my-bucket.mrap"
341+
}
342+
`,
343+
Expected: helper.Issues{
344+
{
345+
Rule: NewAwsS3BucketNameRule(),
346+
Message: `Bucket names must not end with the suffix '.mrap'. (name: "my-bucket.mrap", regex: "\\.mrap$")`,
347+
Range: hcl.Range{
348+
Filename: "resource.tf",
349+
Start: hcl.Pos{Line: 3, Column: 12},
350+
End: hcl.Pos{Line: 3, Column: 28},
351+
},
352+
},
353+
},
354+
},
355+
{
356+
Name: "invalid_suffix_x_s3",
357+
Content: `
358+
resource "aws_s3_bucket" "invalid_suffix_x_s3" {
359+
bucket = "my-bucket--x-s3"
360+
}
361+
`,
362+
Expected: helper.Issues{
363+
{
364+
Rule: NewAwsS3BucketNameRule(),
365+
Message: `Bucket names must not end with the suffix '--x-s3'. (name: "my-bucket--x-s3", regex: "--x-s3$")`,
366+
Range: hcl.Range{
367+
Filename: "resource.tf",
368+
Start: hcl.Pos{Line: 3, Column: 12},
369+
End: hcl.Pos{Line: 3, Column: 29},
370+
},
371+
},
372+
},
373+
},
374+
{
375+
Name: "invalid_suffix_table_s3",
376+
Content: `
377+
resource "aws_s3_bucket" "invalid_suffix_table_s3" {
378+
bucket = "my-bucket--table-s3"
379+
}
380+
`,
381+
Expected: helper.Issues{
382+
{
383+
Rule: NewAwsS3BucketNameRule(),
384+
Message: `Bucket names must not end with the suffix '--table-s3'. (name: "my-bucket--table-s3", regex: "--table-s3$")`,
385+
Range: hcl.Range{
386+
Filename: "resource.tf",
387+
Start: hcl.Pos{Line: 3, Column: 12},
388+
End: hcl.Pos{Line: 3, Column: 33},
389+
},
390+
},
391+
},
392+
},
317393
}
318394

319395
rule := NewAwsS3BucketNameRule()

0 commit comments

Comments
 (0)