We have a terraform module that people can use to create s3 buckets in aws. We provide this module to ensure adherence to certain rules that we define for ur s3 buckets.
The desired name for the bucket is passed to the module via a variable
variable "s3_bucket_name" {
description = "S3 bucket name"
type = string
}
Recently we also defined a naming convention for our buckets that can be declared using a regular expression. I could use the regular expression like so:
locals {
s3_bucket_naming_convention_regex = "<some regex>"
}
variable "s3_bucket_name" {
description = "S3 bucket name"
type = string
validation {
condition = regex(local.s3_bucket_naming_convention_regex, var.image_id)
error_message = "s3_bucket_name does not match naming convention"
}
}
however I don’t want to do that because we have existing buckets using the module that don’t conform to the naming convention and we don’t want to cause a failure in future plans/applies.
For that reason I thought I’d use a terraform check like so:
check "s3_bucket_name" {
assert {
condition = regex(local.s3_bucket_naming_convention_regex, var.s3_bucket_name)
error_message = "s3_bucket_name does not match naming convention."
}
}
The regular expression is quite complicated so I would now like to use terraform test to verify that the check fails when a non-conforming bucket name is specified. How do I do that? Is it possible to write a test that verifies that a check fails when some value is passed to var.s3_bucket_name?