waf

Documentation

Overview

Package waf contains the rules for Well Architected Alignment. To add a new rule, create a new file and add a new function that returns a new rule. Then add the rule to the Rules slice.

Index

• func GetRules() []tflint.Rule
• type WafRules
  • func (wf WafRules) AzurermApplicationGatewaySku() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermApplicationGatewayZones() *attrvalue.SetRule[int]
  • func (wf WafRules) AzurermCosmosDbAccountBackupMode() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermKubernetesClusterZones() *attrvalue.SetRule[int]
  • func (wf WafRules) AzurermLbSku() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermLegacyVirtualMachineNotAllowed() *attrvalue.UnknownValueRule
  • func (wf WafRules) AzurermLinuxVirtualMachineOSDiskDefaultSSD() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermManagedDiskStorageAccountType() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermMySqlFlexibleServerCustomMaintenanceSchedule() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermMySqlFlexibleServerZoneRedundancy() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermPostgreSqlFlexibleServerCustomMaintenanceSchedule() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermPostgreSqlFlexibleServerZoneRedundancy() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermPublicIpSku() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermPublicIpZones() *attrvalue.SetRule[int]
  • func (wf WafRules) AzurermServicePlanZoneBalancingEnabled() *attrvalue.SimpleRule[bool]
  • func (wf WafRules) AzurermStorageAccountAccountReplicationType() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermVirtualMachineZoneUnknown() *attrvalue.UnknownValueRule
  • func (wf WafRules) AzurermVirtualMachineZonesUnknown() *attrvalue.UnknownValueRule
  • func (wf WafRules) AzurermVirtualNetworkGatewaySku() *attrvalue.SimpleRule[string]
  • func (wf WafRules) AzurermVirtualNetworkGatewayVpnActiveActive() *attrvalue.SimpleRule[bool]
  • func (wf WafRules) AzurermWindowsVirtualMachineOSDiskDefaultSSD() *attrvalue.SimpleRule[string]

Functions

func GetRules

func GetRules() []tflint.Rule

GetRules uses reflection to iterate over all the methods of the WafRules struct and add them to a slice of Rules to be included in the ruleset. See `GetRules()` implementation for more detail.

Types

type WafRules

type WafRules struct{}

WafRules is a helper struct. Methods are created on this type that generate the rules for the WAF package. We then use reflection to automatically generate a slice of the rules to add the the ruleset.

func (WafRules) AzurermApplicationGatewaySku

func (wf WafRules) AzurermApplicationGatewaySku() *attrvalue.SimpleRule[string]

func (WafRules) AzurermApplicationGatewayZones

func (wf WafRules) AzurermApplicationGatewayZones() *attrvalue.SetRule[int]

func (WafRules) AzurermCosmosDbAccountBackupMode

func (wf WafRules) AzurermCosmosDbAccountBackupMode() *attrvalue.SimpleRule[string]

func (WafRules) AzurermKubernetesClusterZones

func (wf WafRules) AzurermKubernetesClusterZones() *attrvalue.SetRule[int]

func (WafRules) AzurermLbSku

func (wf WafRules) AzurermLbSku() *attrvalue.SimpleRule[string]

func (WafRules) AzurermLegacyVirtualMachineNotAllowed

func (wf WafRules) AzurermLegacyVirtualMachineNotAllowed() *attrvalue.UnknownValueRule

This test checks for the use of resource type azurerm_virtual_machine since the azurerm_windows_virtual_machine and azurerm_linux_virtual_machine resources don't support unmanaged disks Since a test doesn't exist for checking the use of disallowed resource types, this uses an unknown value check on a required variable (name) to flag use of this resource.

func (WafRules) AzurermLinuxVirtualMachineOSDiskDefaultSSD

func (wf WafRules) AzurermLinuxVirtualMachineOSDiskDefaultSSD() *attrvalue.SimpleRule[string]

This test checks to see if a linux virtual machine's OS disk is one of the premium sku's

func (WafRules) AzurermManagedDiskStorageAccountType

func (wf WafRules) AzurermManagedDiskStorageAccountType() *attrvalue.SimpleRule[string]

This test validates where managed disk resource types are either premium or ultra. TODO: Ensure that this doesn't conflict with other module outcomes.

func (WafRules) AzurermMySqlFlexibleServerCustomMaintenanceSchedule

func (wf WafRules) AzurermMySqlFlexibleServerCustomMaintenanceSchedule() *attrvalue.SimpleRule[string]

func (WafRules) AzurermMySqlFlexibleServerZoneRedundancy

func (wf WafRules) AzurermMySqlFlexibleServerZoneRedundancy() *attrvalue.SimpleRule[string]

func (WafRules) AzurermPostgreSqlFlexibleServerCustomMaintenanceSchedule

func (wf WafRules) AzurermPostgreSqlFlexibleServerCustomMaintenanceSchedule() *attrvalue.SimpleRule[string]

func (WafRules) AzurermPostgreSqlFlexibleServerZoneRedundancy

func (wf WafRules) AzurermPostgreSqlFlexibleServerZoneRedundancy() *attrvalue.SimpleRule[string]

func (WafRules) AzurermPublicIpSku

func (wf WafRules) AzurermPublicIpSku() *attrvalue.SimpleRule[string]

func (WafRules) AzurermPublicIpZones

func (wf WafRules) AzurermPublicIpZones() *attrvalue.SetRule[int]

func (WafRules) AzurermServicePlanZoneBalancingEnabled

func (wf WafRules) AzurermServicePlanZoneBalancingEnabled() *attrvalue.SimpleRule[bool]

func (WafRules) AzurermStorageAccountAccountReplicationType

func (wf WafRules) AzurermStorageAccountAccountReplicationType() *attrvalue.SimpleRule[string]

func (WafRules) AzurermVirtualMachineZoneUnknown

func (wf WafRules) AzurermVirtualMachineZoneUnknown() *attrvalue.UnknownValueRule

func (WafRules) AzurermVirtualMachineZonesUnknown

func (wf WafRules) AzurermVirtualMachineZonesUnknown() *attrvalue.UnknownValueRule

func (WafRules) AzurermVirtualNetworkGatewaySku

func (wf WafRules) AzurermVirtualNetworkGatewaySku() *attrvalue.SimpleRule[string]

func (WafRules) AzurermVirtualNetworkGatewayVpnActiveActive

func (wf WafRules) AzurermVirtualNetworkGatewayVpnActiveActive() *attrvalue.SimpleRule[bool]

func (WafRules) AzurermWindowsVirtualMachineOSDiskDefaultSSD

func (wf WafRules) AzurermWindowsVirtualMachineOSDiskDefaultSSD() *attrvalue.SimpleRule[string]

This test checks to see if a windows virtual machine's OS disk is one of the premium sku's