Initially this is supposed to do one thing :
You'll need to install this by copying a release onto your path :
Create a .tflint.json
file in the root of your project.
This should have a single object in it, with one item, tags
.
The subkeys of tags
should be regex patterns that match resource types. Note that only AWS resource types that Terraform can apply tags to will be matched at all.
The subkeys of each pattern should have a value that is a regex that matches the values you consider acceptable for those tags. Non-string values in tags will be converted to strings before matching.
NB backslash is an escape char in Javascript as well as regex so you'll have to escape it to use it - JSON doesn't permit literal regex values
e.g. here we have a config where :
Name
tag that's allowed to contain anythingaws_ami
resources should get a version
tag composed solely of digitsaws_db
resources should get a securityClassification
tag that's one of
official
secret
topsecret
{"tags": {".*": {"Name": "^.*$"},"aws_ami": {"version": "^\\d+$"},"aws_db_.*": {"securityClassification": "^(official|secret|topsecret)$"}}}
You can get the list of taggable resources that Terraform supports by looking in the source for items that put it in their schema
# In the builtin/providers/aws folder of Terraform sources
grep -R '"tags".*tagsSchema\b' -l | egrep -o 'aws_[^\.]+' | sort
Good catch. Let us know what about this package looks wrong to you, and we'll investigate right away.