Merge pull request #18 from Ontotext-AD/TES-236-Introduce-Validations

Add Variable Validations - final.

modules/backup/variables.tf

@@ -1,6 +1,11 @@
 variable "resource_name_prefix" {
   description = "Resource name prefix used for tagging and naming AWS resources"
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9-]+$", var.resource_name_prefix)) && !can(regex("^-", var.resource_name_prefix))
+    error_message = "Resource name prefix cannot start with a hyphen and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "iam_role_id" {

modules/config/variables.tf

@@ -3,6 +3,11 @@
 variable "resource_name_prefix" {
   description = "Resource name prefix used for tagging and naming AWS resources."
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9-]+$", var.resource_name_prefix)) && !can(regex("^-", var.resource_name_prefix))
+    error_message = "Resource name prefix cannot start with a hyphen and can only contain letters, numbers, and hyphens."
+  }
 }
 
 # OPTIONAL parameters
@@ -11,6 +16,11 @@ variable "graphdb_admin_password" {
   description = "Password for the 'admin' user in GraphDB."
   type        = string
   default     = "s3cret"
+
+  validation {
+    condition     = length(var.graphdb_admin_password) >= 5 && can(regex("[0-9]", var.graphdb_admin_password))
+    error_message = "Password must be at least 5 characters long and contain at least one number."
+  }
 }
 
 variable "graphdb_cluster_token" {

modules/dns/variables.tf

@@ -1,11 +1,21 @@
 variable "vpc_id" {
   description = "VPC ID where GraphDB will be deployed"
   type        = string
+
+  validation {
+    condition     = can(regex("^vpc-[a-zA-Z0-9-]+$", var.vpc_id))
+    error_message = "VPC ID must start with 'vpc-' and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "resource_name_prefix" {
   description = "Resource name prefix used for tagging and naming AWS resources"
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9-]+$", var.resource_name_prefix)) && !can(regex("^-", var.resource_name_prefix))
+    error_message = "Resource name prefix cannot start with a hyphen and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "zone_dns_name" {

modules/iam/variables.tf

@@ -1,6 +1,11 @@
 variable "resource_name_prefix" {
   description = "Resource name prefix used for tagging and naming AWS resources"
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9-]+$", var.resource_name_prefix)) && !can(regex("^-", var.resource_name_prefix))
+    error_message = "Resource name prefix cannot start with a hyphen and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "permissions_boundary" {

modules/load_balancer/variables.tf

@@ -1,11 +1,22 @@
 variable "vpc_id" {
-  description = "Identifier of the VPC where GraphDB will be deployed."
+  description = "VPC ID where GraphDB will be deployed"
   type        = string
+
+  validation {
+    condition     = can(regex("^vpc-[a-zA-Z0-9-]+$", var.vpc_id))
+    error_message = "VPC ID must start with 'vpc-' and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "resource_name_prefix" {
   description = "Resource name prefix used for tagging and naming AWS resources."
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9-]+$", var.resource_name_prefix)) && !can(regex("^-", var.resource_name_prefix))
+    error_message = "Resource name prefix cannot start with a hyphen and can only contain letters, numbers, and hyphens."
+  }
+
 }
 
 variable "lb_subnets" {
@@ -27,7 +38,7 @@ variable "lb_internal" {
 
 variable "lb_deregistration_delay" {
   description = "(Optional) Amount time, in seconds, for GraphDB LB target group to wait before changing the state of a deregistering target from draining to unused. Defaults to 300."
-  type        = string
+  type        = number
   default     = 300
 }
 

modules/user_data/variables.tf

@@ -8,6 +8,11 @@ variable "aws_region" {
 variable "resource_name_prefix" {
   description = "Resource name prefix used for tagging and naming AWS resources"
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9-]+$", var.resource_name_prefix)) && !can(regex("^-", var.resource_name_prefix))
+    error_message = "Resource name prefix cannot start with a hyphen and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "device_name" {
@@ -23,6 +28,11 @@ variable "backup_schedule" {
 variable "backup_bucket_name" {
   description = "Name of the S3 bucket for storing GraphDB backups"
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-z0-9_-]+$", var.backup_bucket_name))
+    error_message = "Bucket name can only contain lowercase letters, numbers, hyphens, and underscores."
+  }
 }
 
 variable "ebs_volume_type" {

modules/vm/variables.tf

@@ -3,11 +3,21 @@
 variable "vpc_id" {
   description = "VPC ID where GraphDB will be deployed"
   type        = string
+
+  validation {
+    condition     = can(regex("^vpc-[a-zA-Z0-9-]+$", var.vpc_id))
+    error_message = "VPC ID must start with 'vpc-' and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "resource_name_prefix" {
   description = "Resource name prefix used for tagging and naming AWS resources"
   type        = string
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9-]+$", var.resource_name_prefix)) && !can(regex("^-", var.resource_name_prefix))
+    error_message = "Resource name prefix cannot start with a hyphen and can only contain letters, numbers, and hyphens."
+  }
 }
 
 variable "iam_instance_profile" {
@@ -80,4 +90,9 @@ variable "node_count" {
   description = "Number of GraphDB nodes to deploy in ASG"
   type        = number
   default     = 3
+
+  validation {
+    condition     = var.node_count % 2 == 1 && var.node_count > 1
+    error_message = "Node count must be an odd number. Suggested to be 3, 5 or 7"
+  }
 }

variables.tf

@@ -194,4 +194,9 @@ variable "zone_dns_name" {
   description = "DNS name for the private hosted zone in Route 53"
   type        = string
   default     = "graphdb.cluster"
+
+  validation {
+    condition     = !can(regex(".*\\.local$", var.zone_dns_name))
+    error_message = "The DNS name cannot end with '.local'."
+  }
 }