Unexpected regex issue


I’m trying to validate some user input so that it allows lowercase characters. I updated the regex below to contain [a-zA-Z] instead of [A-Z], also tried [[:alpha:]] but for some reason it still doesnt allow lower case chars, only uppercase. I checked with online regex validators and the regex looks correct so I’m not sure what the issue is… maybe I’m missing something elementary?

  validation {
    condition     = length(flatten([for ns_name, ns in var.namespaces : [for u in coalesce(ns.users, []) : u if can(regex("^Type:subject:[a-zA-Z]{1}\\d+$", u))]])) == length(flatten([for ns_name, ns in var.namespaces : [for u in coalesce(ns.users, []) : u]]))
    error_message = "Invalid value for user. "

this fails validation but I think it should pass. If I use R123456 then it works. I’m on tf 0.14.6.

  namespaces = {
    ns1 = {
      users    = ["Type:subject:r123456"]


Hi @sid,

I tried your regex function call in isolation in terraform console to see what it would do:

> regex("^Type:subject:[a-zA-Z]{1}\\d+$", "Type:subject:r123456")

It seems like this matched, so I think the problem you are seeing must be with another part of this expression, rather than the regular expression match. I’d suggest following a similar strategy as I did here of trying the different parts separately until you find the part that isn’t behaving as expected.

I’d also note that you’re allowed to wrap Terraform expressions over multiple lines as long as you do so inside parentheses, brackets, and braces, and so it might help to split your expression across multiple lines and intent it to better show the nesting, and then it’ll be easier to see what is feeding into what.