diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index ceb4644..2537f2f 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -15,9 +15,10 @@
# Cloud Posse must review any changes to standard context definition,
# but some changes can be rubber-stamped.
-**/context.tf @cloudposse/engineering @cloudposse/approvers
-README.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
-docs/*.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+**/*.tf @cloudposse/engineering @cloudposse/approvers
+README.yaml @cloudposse/engineering @cloudposse/approvers
+README.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+docs/*.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
# Cloud Posse Admins must review all changes to CODEOWNERS or the mergify configuration
.github/mergify.yml @cloudposse/admins
diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml
deleted file mode 100644
index 990abed..0000000
--- a/.github/workflows/auto-format.yml
+++ /dev/null
@@ -1,86 +0,0 @@
-name: Auto Format
-on:
- pull_request_target:
- types: [opened, synchronize]
-
-jobs:
- auto-format:
- runs-on: ubuntu-latest
- container: cloudposse/build-harness:slim-latest
- steps:
- # Checkout the pull request branch
- # "An action in a workflow run can’t trigger a new workflow run. For example, if an action pushes code using
- # the repository’s GITHUB_TOKEN, a new workflow will not run even when the repository contains
- # a workflow configured to run when push events occur."
- # However, using a personal access token will cause events to be triggered.
- # We need that to ensure a status gets posted after the auto-format commit.
- # We also want to trigger tests if the auto-format made no changes.
- - uses: actions/checkout@v2
- if: github.event.pull_request.state == 'open'
- name: Privileged Checkout
- with:
- token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
- repository: ${{ github.event.pull_request.head.repo.full_name }}
- # Check out the PR commit, not the merge commit
- # Use `ref` instead of `sha` to enable pushing back to `ref`
- ref: ${{ github.event.pull_request.head.ref }}
-
- # Do all the formatting stuff
- - name: Auto Format
- if: github.event.pull_request.state == 'open'
- shell: bash
- run: make BUILD_HARNESS_PATH=/build-harness PACKAGES_PREFER_HOST=true -f /build-harness/templates/Makefile.build-harness pr/auto-format/host
-
- # Commit changes (if any) to the PR branch
- - name: Commit changes to the PR branch
- if: github.event.pull_request.state == 'open'
- shell: bash
- id: commit
- env:
- SENDER: ${{ github.event.sender.login }}
- run: |
- set -x
- output=$(git diff --name-only)
-
- if [ -n "$output" ]; then
- echo "Changes detected. Pushing to the PR branch"
- git config --global user.name 'cloudpossebot'
- git config --global user.email '11232728+cloudpossebot@users.noreply.github.com'
- git add -A
- git commit -m "Auto Format"
- # Prevent looping by not pushing changes in response to changes from cloudpossebot
- [[ $SENDER == "cloudpossebot" ]] || git push
- # Set status to fail, because the push should trigger another status check,
- # and we use success to indicate the checks are finished.
- printf "::set-output name=%s::%s\n" "changed" "true"
- exit 1
- else
- printf "::set-output name=%s::%s\n" "changed" "false"
- echo "No changes detected"
- fi
-
- - name: Auto Test
- uses: cloudposse/actions/github/repository-dispatch@0.22.0
- # match users by ID because logins (user names) are inconsistent,
- # for example in the REST API Renovate Bot is `renovate[bot]` but
- # in GraphQL it is just `renovate`, plus there is a non-bot
- # user `renovate` with ID 1832810.
- # Mergify bot: 37929162
- # Renovate bot: 29139614
- # Cloudpossebot: 11232728
- # Need to use space separators to prevent "21" from matching "112144"
- if: >
- contains(' 37929162 29139614 11232728 ', format(' {0} ', github.event.pull_request.user.id))
- && steps.commit.outputs.changed == 'false' && github.event.pull_request.state == 'open'
- with:
- token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
- repository: cloudposse/actions
- event-type: test-command
- client-payload: |-
- { "slash_command":{"args": {"unnamed": {"all": "all", "arg1": "all"}}},
- "pull_request": ${{ toJSON(github.event.pull_request) }},
- "github":{"payload":{"repository": ${{ toJSON(github.event.repository) }},
- "comment": {"id": ""}
- }
- }
- }
diff --git a/README.md b/README.md
index e81f4ac..e780f69 100644
--- a/README.md
+++ b/README.md
@@ -61,6 +61,25 @@ We literally have [*hundreds of terraform modules*][terraform_modules] that are
+## Security & Compliance [
](https://bridgecrew.io/)
+
+Security scanning is graciously provided by Bridgecrew. Bridgecrew is the leading fully hosted, cloud-native solution providing continuous Terraform security and compliance.
+
+| Benchmark | Description |
+|--------|---------------|
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=INFRASTRUCTURE+SECURITY) | Infrastructure Security Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=CIS+KUBERNETES+V1.5) | Center for Internet Security, KUBERNETES Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=CIS+AWS+V1.2) | Center for Internet Security, AWS Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=CIS+AZURE+V1.1) | Center for Internet Security, AZURE Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=PCI-DSS+V3.2) | Payment Card Industry Data Security Standards Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=NIST-800-53) | National Institute of Standards and Technology Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=ISO27001) | Information Security Management System, ISO/IEC 27001 Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=SOC2)| Service Organization Control 2 Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=CIS+GCP+V1.1) | Center for Internet Security, GCP Compliance |
+| [](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=cloudposse%2Fterraform-aws-emr-cluster&benchmark=HIPAA) | Health Insurance Portability and Accountability Compliance |
+
+
+
## Usage
@@ -191,7 +210,7 @@ Available targets:
| Name | Version |
|------|---------|
-| terraform | >= 0.12.26 |
+| terraform | >= 0.13.0 |
| aws | >= 2.0 |
| local | >= 1.3 |
| null | >= 2.0 |
@@ -215,7 +234,7 @@ Available targets:
| attributes | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
| bootstrap\_action | List of bootstrap actions that will be run before Hadoop is started on the cluster nodes | list(object({
path = string
name = string
args = list(string)
})) | `[]` | no |
| configurations\_json | A JSON string for supplying list of configurations for the EMR cluster. See https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html for more details | `string` | `""` | no |
-| context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | object({
enabled = bool
namespace = string
environment = string
stage = string
name = string
delimiter = string
attributes = list(string)
tags = map(string)
additional_tag_map = map(string)
regex_replace_chars = string
label_order = list(string)
id_length_limit = number
}) | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_order": [],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
+| context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
| core\_instance\_group\_autoscaling\_policy | String containing the EMR Auto Scaling Policy JSON for the Core instance group | `string` | `null` | no |
| core\_instance\_group\_bid\_price | Bid price for each EC2 instance in the Core instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances | `string` | `null` | no |
| core\_instance\_group\_ebs\_iops | The number of I/O operations per second (IOPS) that the Core volume supports | `number` | `null` | no |
@@ -231,7 +250,7 @@ Available targets:
| ebs\_root\_volume\_size | Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later | `number` | `10` | no |
| enabled | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
| environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |
-| id\_length\_limit | Limit `id` to this many characters.
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no |
+| id\_length\_limit | Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no |
| keep\_job\_flow\_alive\_when\_no\_steps | Switch on/off run cluster with no steps or when all steps are complete | `bool` | `true` | no |
| kerberos\_ad\_domain\_join\_password | The Active Directory password for ad\_domain\_join\_user. Terraform cannot perform drift detection of this configuration. | `string` | `null` | no |
| kerberos\_ad\_domain\_join\_user | Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain. Terraform cannot perform drift detection of this configuration. | `string` | `null` | no |
@@ -240,7 +259,9 @@ Available targets:
| kerberos\_kdc\_admin\_password | The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster. Terraform cannot perform drift detection of this configuration. | `string` | `null` | no |
| kerberos\_realm | The name of the Kerberos realm to which all nodes in a cluster belong. For example, EC2.INTERNAL | `string` | `"EC2.INTERNAL"` | no |
| key\_name | Amazon EC2 key pair that can be used to ssh to the master node as the user called `hadoop` | `string` | `null` | no |
+| label\_key\_case | The letter case of label keys (`tag` names) (i.e. `name`, `namespace`, `environment`, `stage`, `attributes`) to use in `tags`.
Possible values: `lower`, `title`, `upper`.
Default value: `title`. | `string` | `null` | no |
| label\_order | The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no |
+| label\_value\_case | The letter case of output label values (also used in `tags` and `id`).
Possible values: `lower`, `title`, `upper` and `none` (no transformation).
Default value: `lower`. | `string` | `null` | no |
| log\_uri | The path to the Amazon S3 location where logs for this cluster are stored | `string` | `null` | no |
| managed\_master\_security\_group | The name of the existing managed security group that will be used for EMR master node. If empty, a new security group will be created | `string` | `""` | no |
| managed\_slave\_security\_group | The name of the existing managed security group that will be used for EMR core & task nodes. If empty, a new security group will be created | `string` | `""` | no |
diff --git a/context.tf b/context.tf
index f5f2797..81f99b4 100644
--- a/context.tf
+++ b/context.tf
@@ -20,7 +20,7 @@
module "this" {
source = "cloudposse/label/null"
- version = "0.22.1" // requires Terraform >= 0.12.26
+ version = "0.24.1" # requires Terraform >= 0.13.0
enabled = var.enabled
namespace = var.namespace
@@ -34,6 +34,8 @@ module "this" {
label_order = var.label_order
regex_replace_chars = var.regex_replace_chars
id_length_limit = var.id_length_limit
+ label_key_case = var.label_key_case
+ label_value_case = var.label_value_case
context = var.context
}
@@ -41,20 +43,7 @@ module "this" {
# Copy contents of cloudposse/terraform-null-label/variables.tf here
variable "context" {
- type = object({
- enabled = bool
- namespace = string
- environment = string
- stage = string
- name = string
- delimiter = string
- attributes = list(string)
- tags = map(string)
- additional_tag_map = map(string)
- regex_replace_chars = string
- label_order = list(string)
- id_length_limit = number
- })
+ type = any
default = {
enabled = true
namespace = null
@@ -68,6 +57,8 @@ variable "context" {
regex_replace_chars = null
label_order = []
id_length_limit = null
+ label_key_case = null
+ label_value_case = null
}
description = <<-EOT
Single object for setting entire context at once.
@@ -76,6 +67,16 @@ variable "context" {
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional_tag_map, which are merged.
EOT
+
+ validation {
+ condition = lookup(var.context, "label_key_case", null) == null ? true : contains(["lower", "title", "upper"], var.context["label_key_case"])
+ error_message = "Allowed values: `lower`, `title`, `upper`."
+ }
+
+ validation {
+ condition = lookup(var.context, "label_value_case", null) == null ? true : contains(["lower", "title", "upper", "none"], var.context["label_value_case"])
+ error_message = "Allowed values: `lower`, `title`, `upper`, `none`."
+ }
}
variable "enabled" {
@@ -158,11 +159,44 @@ variable "id_length_limit" {
type = number
default = null
description = <<-EOT
- Limit `id` to this many characters.
+ Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`.
EOT
+ validation {
+ condition = var.id_length_limit == null ? true : var.id_length_limit >= 6 || var.id_length_limit == 0
+ error_message = "The id_length_limit must be >= 6 if supplied (not null), or 0 for unlimited length."
+ }
+}
+
+variable "label_key_case" {
+ type = string
+ default = null
+ description = <<-EOT
+ The letter case of label keys (`tag` names) (i.e. `name`, `namespace`, `environment`, `stage`, `attributes`) to use in `tags`.
+ Possible values: `lower`, `title`, `upper`.
+ Default value: `title`.
+ EOT
+
+ validation {
+ condition = var.label_key_case == null ? true : contains(["lower", "title", "upper"], var.label_key_case)
+ error_message = "Allowed values: `lower`, `title`, `upper`."
+ }
}
+variable "label_value_case" {
+ type = string
+ default = null
+ description = <<-EOT
+ The letter case of output label values (also used in `tags` and `id`).
+ Possible values: `lower`, `title`, `upper` and `none` (no transformation).
+ Default value: `lower`.
+ EOT
+
+ validation {
+ condition = var.label_value_case == null ? true : contains(["lower", "title", "upper", "none"], var.label_value_case)
+ error_message = "Allowed values: `lower`, `title`, `upper`, `none`."
+ }
+}
#### End of copy of cloudposse/terraform-null-label/variables.tf
diff --git a/docs/terraform.md b/docs/terraform.md
index 1051fff..254bd22 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -3,7 +3,7 @@
| Name | Version |
|------|---------|
-| terraform | >= 0.12.26 |
+| terraform | >= 0.13.0 |
| aws | >= 2.0 |
| local | >= 1.3 |
| null | >= 2.0 |
@@ -27,7 +27,7 @@
| attributes | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
| bootstrap\_action | List of bootstrap actions that will be run before Hadoop is started on the cluster nodes | list(object({
path = string
name = string
args = list(string)
})) | `[]` | no |
| configurations\_json | A JSON string for supplying list of configurations for the EMR cluster. See https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html for more details | `string` | `""` | no |
-| context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | object({
enabled = bool
namespace = string
environment = string
stage = string
name = string
delimiter = string
attributes = list(string)
tags = map(string)
additional_tag_map = map(string)
regex_replace_chars = string
label_order = list(string)
id_length_limit = number
}) | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_order": [],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
+| context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
| core\_instance\_group\_autoscaling\_policy | String containing the EMR Auto Scaling Policy JSON for the Core instance group | `string` | `null` | no |
| core\_instance\_group\_bid\_price | Bid price for each EC2 instance in the Core instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances | `string` | `null` | no |
| core\_instance\_group\_ebs\_iops | The number of I/O operations per second (IOPS) that the Core volume supports | `number` | `null` | no |
@@ -43,7 +43,7 @@
| ebs\_root\_volume\_size | Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later | `number` | `10` | no |
| enabled | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
| environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |
-| id\_length\_limit | Limit `id` to this many characters.
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no |
+| id\_length\_limit | Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no |
| keep\_job\_flow\_alive\_when\_no\_steps | Switch on/off run cluster with no steps or when all steps are complete | `bool` | `true` | no |
| kerberos\_ad\_domain\_join\_password | The Active Directory password for ad\_domain\_join\_user. Terraform cannot perform drift detection of this configuration. | `string` | `null` | no |
| kerberos\_ad\_domain\_join\_user | Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain. Terraform cannot perform drift detection of this configuration. | `string` | `null` | no |
@@ -52,7 +52,9 @@
| kerberos\_kdc\_admin\_password | The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster. Terraform cannot perform drift detection of this configuration. | `string` | `null` | no |
| kerberos\_realm | The name of the Kerberos realm to which all nodes in a cluster belong. For example, EC2.INTERNAL | `string` | `"EC2.INTERNAL"` | no |
| key\_name | Amazon EC2 key pair that can be used to ssh to the master node as the user called `hadoop` | `string` | `null` | no |
+| label\_key\_case | The letter case of label keys (`tag` names) (i.e. `name`, `namespace`, `environment`, `stage`, `attributes`) to use in `tags`.
Possible values: `lower`, `title`, `upper`.
Default value: `title`. | `string` | `null` | no |
| label\_order | The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no |
+| label\_value\_case | The letter case of output label values (also used in `tags` and `id`).
Possible values: `lower`, `title`, `upper` and `none` (no transformation).
Default value: `lower`. | `string` | `null` | no |
| log\_uri | The path to the Amazon S3 location where logs for this cluster are stored | `string` | `null` | no |
| managed\_master\_security\_group | The name of the existing managed security group that will be used for EMR master node. If empty, a new security group will be created | `string` | `""` | no |
| managed\_slave\_security\_group | The name of the existing managed security group that will be used for EMR core & task nodes. If empty, a new security group will be created | `string` | `""` | no |
diff --git a/examples/complete/context.tf b/examples/complete/context.tf
index f5f2797..81f99b4 100644
--- a/examples/complete/context.tf
+++ b/examples/complete/context.tf
@@ -20,7 +20,7 @@
module "this" {
source = "cloudposse/label/null"
- version = "0.22.1" // requires Terraform >= 0.12.26
+ version = "0.24.1" # requires Terraform >= 0.13.0
enabled = var.enabled
namespace = var.namespace
@@ -34,6 +34,8 @@ module "this" {
label_order = var.label_order
regex_replace_chars = var.regex_replace_chars
id_length_limit = var.id_length_limit
+ label_key_case = var.label_key_case
+ label_value_case = var.label_value_case
context = var.context
}
@@ -41,20 +43,7 @@ module "this" {
# Copy contents of cloudposse/terraform-null-label/variables.tf here
variable "context" {
- type = object({
- enabled = bool
- namespace = string
- environment = string
- stage = string
- name = string
- delimiter = string
- attributes = list(string)
- tags = map(string)
- additional_tag_map = map(string)
- regex_replace_chars = string
- label_order = list(string)
- id_length_limit = number
- })
+ type = any
default = {
enabled = true
namespace = null
@@ -68,6 +57,8 @@ variable "context" {
regex_replace_chars = null
label_order = []
id_length_limit = null
+ label_key_case = null
+ label_value_case = null
}
description = <<-EOT
Single object for setting entire context at once.
@@ -76,6 +67,16 @@ variable "context" {
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional_tag_map, which are merged.
EOT
+
+ validation {
+ condition = lookup(var.context, "label_key_case", null) == null ? true : contains(["lower", "title", "upper"], var.context["label_key_case"])
+ error_message = "Allowed values: `lower`, `title`, `upper`."
+ }
+
+ validation {
+ condition = lookup(var.context, "label_value_case", null) == null ? true : contains(["lower", "title", "upper", "none"], var.context["label_value_case"])
+ error_message = "Allowed values: `lower`, `title`, `upper`, `none`."
+ }
}
variable "enabled" {
@@ -158,11 +159,44 @@ variable "id_length_limit" {
type = number
default = null
description = <<-EOT
- Limit `id` to this many characters.
+ Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`.
EOT
+ validation {
+ condition = var.id_length_limit == null ? true : var.id_length_limit >= 6 || var.id_length_limit == 0
+ error_message = "The id_length_limit must be >= 6 if supplied (not null), or 0 for unlimited length."
+ }
+}
+
+variable "label_key_case" {
+ type = string
+ default = null
+ description = <<-EOT
+ The letter case of label keys (`tag` names) (i.e. `name`, `namespace`, `environment`, `stage`, `attributes`) to use in `tags`.
+ Possible values: `lower`, `title`, `upper`.
+ Default value: `title`.
+ EOT
+
+ validation {
+ condition = var.label_key_case == null ? true : contains(["lower", "title", "upper"], var.label_key_case)
+ error_message = "Allowed values: `lower`, `title`, `upper`."
+ }
}
+variable "label_value_case" {
+ type = string
+ default = null
+ description = <<-EOT
+ The letter case of output label values (also used in `tags` and `id`).
+ Possible values: `lower`, `title`, `upper` and `none` (no transformation).
+ Default value: `lower`.
+ EOT
+
+ validation {
+ condition = var.label_value_case == null ? true : contains(["lower", "title", "upper", "none"], var.label_value_case)
+ error_message = "Allowed values: `lower`, `title`, `upper`, `none`."
+ }
+}
#### End of copy of cloudposse/terraform-null-label/variables.tf
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index 8845d44..0e98402 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -1,5 +1,5 @@
terraform {
- required_version = ">= 0.12.26"
+ required_version = ">= 0.13.0"
required_providers {
aws = {
diff --git a/versions.tf b/versions.tf
index 8845d44..0e98402 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,5 +1,5 @@
terraform {
- required_version = ">= 0.12.26"
+ required_version = ">= 0.13.0"
required_providers {
aws = {