This custom ruleset checks that resource names are uniquely namespaced by workspaces. It's useful if you're using terraform workspaces to deploy multiple instances of the same configuration.
- TFLint v0.24+
- Go v1.15
Download the plugin and place it in ~/.tflint.d/plugins/tflint-ruleset-workspaces (or ./.tflint.d/plugins/tflint-ruleset-workspaces). When using the plugin, configure as follows in .tflint.hcl:
plugin "workspaces" {
enabled = true
}Unlike most tflint plugins, this one takes all of its config in the plugin block.
This allows each project to configure which resources should be namespaced by ${terraform.workspace}. This entirely depends on how the project is using workspaces.
plugin "workspaces" {
enabled = true
resource "aws_s3_bucket" {
attribute = "bucket"
}
resource "aws_security_group" {
attribute = "name"
}
}One rule will be created for each configured resource.
attribute specifies the attribute which needs to include the workspace - e.g. for S3 buckets this should be "bucket", for security groups it should be "name" (assuming you have multiple workspaces in the same VPC, otherwise namespacing your security groups is not needed). Defaults to name.
To test a non-default workspace, set the TF_WORKSPACE
environment variable when running tflint. This is useful if you treat the default workspace as a special case (e.g. with name = terrafrom.workspace == "default" ? "blah" : "${terraform.workspace}_blah")
Clone the repository locally and run the following command:
$ make
You can easily install the built plugin with the following:
$ make install