Created
April 29, 2025 17:24
-
-
Save RoseSecurity/9b65fdb960bed18ed61f28e8309f6209 to your computer and use it in GitHub Desktop.
A comprehensive tflint configuration for linting AWS-specific Terraform configurations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tflint { | |
| required_version = ">= 0.50" | |
| } | |
| config { | |
| format = "compact" | |
| call_module_type = "local" | |
| force = false | |
| disabled_by_default = false | |
| } | |
| # Required `tflint --init` | |
| plugin "aws" { | |
| enabled = true | |
| version = "0.39.0" | |
| source = "github.com/terraform-linters/tflint-ruleset-aws" | |
| deep_check = false | |
| assume_role { role_arn = "" } | |
| } | |
| rule "terraform_comment_syntax" { | |
| # Disallow `//` comments in favor of `#` | |
| enabled = true | |
| } | |
| rule "terraform_deprecated_index" { | |
| # Disallow legacy dot index syntax | |
| enabled = true | |
| } | |
| rule "terraform_deprecated_interpolation" { | |
| # Disallow deprecated (0.11-style) interpolation | |
| # Enabled by default | |
| enabled = true | |
| } | |
| rule "terraform_documented_outputs" { | |
| # Disallow output declarations without description | |
| enabled = true | |
| } | |
| rule "terraform_documented_variables" { | |
| # Disallow variable declarations without description | |
| enabled = true | |
| } | |
| rule "terraform_module_pinned_source" { | |
| # Disallow specifying a git or mercurial repository as a module source without pinning to a version | |
| # Enabled by default | |
| enabled = true | |
| } | |
| rule "terraform_module_version" { | |
| # Checks that Terraform modules sourced from a registry specify a version | |
| # Enabled by default | |
| enabled = true | |
| } | |
| rule "terraform_naming_convention" { | |
| # Enforces naming conventions for resources, data sources, etc | |
| enabled = true | |
| } | |
| rule "terraform_required_providers" { | |
| # Require that all providers have version constraints through required_providers | |
| enabled = true | |
| } | |
| rule "terraform_required_version" { | |
| # Disallow terraform declarations without require_version | |
| enabled = true | |
| } | |
| rule "terraform_standard_module_structure" { | |
| # Ensure that a module complies with the Terraform Standard Module Structure | |
| # See https://developer.hashicorp.com/terraform/language/modules/develop/structure | |
| enabled = false | |
| } | |
| rule "terraform_typed_variables" { | |
| # Disallow variable declarations without type | |
| enabled = true | |
| } | |
| rule "terraform_unused_declarations" { | |
| # Disallow variables, data sources, and locals that are declared but never used | |
| enabled = true | |
| } | |
| rule "terraform_unused_required_providers" { | |
| # Check that all required_providers are used in the module | |
| enabled = true | |
| } | |
| rule "terraform_workspace_remote" { | |
| # terraform.workspace should not be used with a "remote" backend with remote execution. | |
| # Enabled by default | |
| enabled = true | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment