diff --git a/.changelog/33371.txt b/.changelog/33371.txt new file mode 100644 index 00000000000..70fcdf37b85 --- /dev/null +++ b/.changelog/33371.txt @@ -0,0 +1,3 @@ +```release-note:bug +resource/aws_service_discovery_instance: Fix validation error "expected to match regular expression" +``` \ No newline at end of file diff --git a/internal/service/athena/workgroup.go b/internal/service/athena/workgroup.go index 5340d4994da..9195313edd9 100644 --- a/internal/service/athena/workgroup.go +++ b/internal/service/athena/workgroup.go @@ -157,7 +157,7 @@ func ResourceWorkGroup() *schema.Resource { ForceNew: true, ValidateFunc: validation.All( validation.StringLenBetween(1, 128), - validation.StringMatch(regexache.MustCompile(`^[0-9A-Za-z._-]+$`), "must contain only alphanumeric characters, periods, underscores, and hyphens"), + validation.StringMatch(regexache.MustCompile(`^[0-9A-Za-z_.-]+$`), "must contain only alphanumeric characters, periods, underscores, and hyphens"), ), }, "state": { diff --git a/internal/service/datasync/task.go b/internal/service/datasync/task.go index a4d920cd972..a68f55c416d 100644 --- a/internal/service/datasync/task.go +++ b/internal/service/datasync/task.go @@ -207,7 +207,7 @@ func ResourceTask() *schema.Resource { Required: true, ValidateFunc: validation.All( validation.StringLenBetween(1, 256), - validation.StringMatch(regexache.MustCompile(`^[0-9A-Za-z_ *?,|^\/#\s()+-]*$`), + validation.StringMatch(regexache.MustCompile(`^[0-9A-Za-z_\s #()*+,/?^|-]*$`), "Schedule expressions must have the following syntax: rate(\\\\s?(minutes?|hours?|days?)), cron() or at(yyyy-MM-dd'T'HH:mm:ss)."), ), }, diff --git a/internal/service/ec2/ec2_spot_fleet_request_test.go b/internal/service/ec2/ec2_spot_fleet_request_test.go index 3d956825fb9..c62331b665e 100644 --- a/internal/service/ec2/ec2_spot_fleet_request_test.go +++ b/internal/service/ec2/ec2_spot_fleet_request_test.go @@ -1911,7 +1911,7 @@ func testAccCheckSpotFleetRequest_IAMInstanceProfileARN(sfr *ec2.SpotFleetReques return fmt.Errorf("Expected IamInstanceProfile to be set, got nil") } //Validate the string whether it is ARN - re := regexache.MustCompile(fmt.Sprintf(`arn:%s:iam::\d{12}:instance-profile/?[0-9A-Za-z_+=,.@-].*`, acctest.Partition())) + re := regexache.MustCompile(fmt.Sprintf(`arn:%s:iam::\d{12}:instance-profile/?[0-9A-Za-z@-_+=,.].*`, acctest.Partition())) // regex seems suspicious, @-_ is a range if !re.MatchString(*profile.Arn) { return fmt.Errorf("Expected IamInstanceProfile input as ARN, got %s", *profile.Arn) } diff --git a/internal/service/ec2/ipam_pool_cidr_allocation_test.go b/internal/service/ec2/ipam_pool_cidr_allocation_test.go index 55fdab7e34e..adbd3e264d5 100644 --- a/internal/service/ec2/ipam_pool_cidr_allocation_test.go +++ b/internal/service/ec2/ipam_pool_cidr_allocation_test.go @@ -155,12 +155,12 @@ func TestAccIPAMPoolCIDRAllocation_multiple(t *testing.T) { testAccCheckIPAMPoolCIDRAllocationExists(ctx, resourceName, &allocation1), testAccCheckIPAMPoolCIDRAllocationExists(ctx, resourceName2, &allocation2), resource.TestCheckResourceAttr(resourceName, "cidr", cidr1), - resource.TestMatchResourceAttr(resourceName, "id", regexache.MustCompile(`^ipam-pool-alloc-[a-f\d]+_ipam-pool(-[a-f\d]+)$`)), - resource.TestMatchResourceAttr(resourceName, "ipam_pool_allocation_id", regexache.MustCompile(`^ipam-pool-alloc-[a-f\d]+$`)), + resource.TestMatchResourceAttr(resourceName, "id", regexache.MustCompile(`^ipam-pool-alloc-[0-9a-f]+_ipam-pool(-[0-9a-f]+)$`)), + resource.TestMatchResourceAttr(resourceName, "ipam_pool_allocation_id", regexache.MustCompile(`^ipam-pool-alloc-[0-9a-f]+$`)), resource.TestCheckResourceAttrPair(resourceName, "ipam_pool_id", "aws_vpc_ipam_pool.test", "id"), resource.TestCheckResourceAttr(resourceName2, "cidr", cidr2), - resource.TestMatchResourceAttr(resourceName2, "id", regexache.MustCompile(`^ipam-pool-alloc-[a-f\d]+_ipam-pool(-[a-f\d]+)$`)), - resource.TestMatchResourceAttr(resourceName2, "ipam_pool_allocation_id", regexache.MustCompile(`^ipam-pool-alloc-[a-f\d]+$`)), + resource.TestMatchResourceAttr(resourceName2, "id", regexache.MustCompile(`^ipam-pool-alloc-[0-9a-f]+_ipam-pool(-[0-9a-f]+)$`)), + resource.TestMatchResourceAttr(resourceName2, "ipam_pool_allocation_id", regexache.MustCompile(`^ipam-pool-alloc-[0-9a-f]+$`)), resource.TestCheckResourceAttrPair(resourceName2, "ipam_pool_id", "aws_vpc_ipam_pool.test", "id"), ), }, @@ -199,8 +199,8 @@ func TestAccIPAMPoolCIDRAllocation_differentRegion(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckIPAMPoolCIDRAllocationExistsWithProvider(ctx, resourceName, &allocation, acctest.RegionProviderFunc(acctest.AlternateRegion(), &providers)), resource.TestCheckResourceAttr(resourceName, "cidr", cidr), - resource.TestMatchResourceAttr(resourceName, "id", regexache.MustCompile(`^ipam-pool-alloc-[a-f\d]+_ipam-pool(-[a-f\d]+)$`)), - resource.TestMatchResourceAttr(resourceName, "ipam_pool_allocation_id", regexache.MustCompile(`^ipam-pool-alloc-[a-f\d]+$`)), + resource.TestMatchResourceAttr(resourceName, "id", regexache.MustCompile(`^ipam-pool-alloc-[0-9a-f]+_ipam-pool(-[0-9a-f]+)$`)), + resource.TestMatchResourceAttr(resourceName, "ipam_pool_allocation_id", regexache.MustCompile(`^ipam-pool-alloc-[0-9a-f]+$`)), resource.TestCheckResourceAttrPair(resourceName, "ipam_pool_id", "aws_vpc_ipam_pool.test", "id"), ), }, diff --git a/internal/service/elbv2/listener_rule.go b/internal/service/elbv2/listener_rule.go index 8b553cc30ce..b0e8369d6bd 100644 --- a/internal/service/elbv2/listener_rule.go +++ b/internal/service/elbv2/listener_rule.go @@ -385,7 +385,7 @@ func ResourceListenerRule() *schema.Resource { "http_header_name": { Type: schema.TypeString, Required: true, - ValidateFunc: validation.StringMatch(regexache.MustCompile("^[0-9A-Za-z_!#$%&'*+.^`|~-]{1,40}$"), ""), + ValidateFunc: validation.StringMatch(regexache.MustCompile("^[0-9A-Za-z_!#$%&'*+,.^`|~-]{1,40}$"), ""), // was "," meant to be included? +-. creates a range including: +,-. }, "values": { Type: schema.TypeSet, diff --git a/internal/service/events/target.go b/internal/service/events/target.go index 1a90ad6e927..9bb1c282eeb 100644 --- a/internal/service/events/target.go +++ b/internal/service/events/target.go @@ -247,7 +247,7 @@ func ResourceTarget() *schema.Resource { Optional: true, ValidateDiagFunc: allDiagFunc( validation.MapKeyLenBetween(0, 512), - validation.MapKeyMatch(regexache.MustCompile(`^[0-9A-Za-z_!#$%&'*+.^|~-]+$`), ""), + validation.MapKeyMatch(regexache.MustCompile(`^[0-9A-Za-z_!#$%&'*+,.^|~-]+$`), ""), // was "," meant to be included? +-. creates a range including: +,-. validation.MapValueLenBetween(0, 512), validation.MapValueMatch(regexache.MustCompile(`^[ \t]*[\x20-\x7E]+([ \t]+[\x20-\x7E]+)*[ \t]*$`), ""), ), diff --git a/internal/service/evidently/feature.go b/internal/service/evidently/feature.go index 2038dff0d93..29f39c8b31a 100644 --- a/internal/service/evidently/feature.go +++ b/internal/service/evidently/feature.go @@ -120,7 +120,7 @@ func ResourceFeature() *schema.Resource { ForceNew: true, ValidateFunc: validation.All( validation.StringLenBetween(0, 2048), - validation.StringMatch(regexache.MustCompile(`(^[0-9A-Za-z_.-]*$)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[0-9A-Za-z._-]*)`), "name or arn of the project"), + validation.StringMatch(regexache.MustCompile(`(^[0-9A-Za-z_.-]*$)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[0-9A-Za-z_.-]*)`), "name or arn of the project"), ), DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { // case 1: User-defined string (old) is a name and is the suffix of API-returned string (new). Check non-empty old in resoure creation scenario diff --git a/internal/service/evidently/launch.go b/internal/service/evidently/launch.go index 5b141fd3c35..32893a286f6 100644 --- a/internal/service/evidently/launch.go +++ b/internal/service/evidently/launch.go @@ -185,7 +185,7 @@ func ResourceLaunch() *schema.Resource { ForceNew: true, ValidateFunc: validation.All( validation.StringLenBetween(0, 2048), - validation.StringMatch(regexache.MustCompile(`(^[0-9A-Za-z_.-]*$)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[0-9A-Za-z._-]*)`), "name or arn of the project"), + validation.StringMatch(regexache.MustCompile(`(^[0-9A-Za-z_.-]*$)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[0-9A-Za-z_.-]*)`), "name or arn of the project"), ), DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { // case 1: User-defined string (old) is a name and is the suffix of API-returned string (new). Check non-empty old in resoure creation scenario diff --git a/internal/service/imagebuilder/image_pipeline.go b/internal/service/imagebuilder/image_pipeline.go index 38dc9a2383a..ca1084d66e3 100644 --- a/internal/service/imagebuilder/image_pipeline.go +++ b/internal/service/imagebuilder/image_pipeline.go @@ -71,7 +71,7 @@ func ResourceImagePipeline() *schema.Resource { "distribution_configuration_arn": { Type: schema.TypeString, Optional: true, - ValidateFunc: validation.StringMatch(regexache.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:\d{12}|aws):distribution-configuration/[0-9a-z-_]+$`), "valid distribution configuration ARN must be provided"), + ValidateFunc: validation.StringMatch(regexache.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:\d{12}|aws):distribution-configuration/[0-9a-z_-]+$`), "valid distribution configuration ARN must be provided"), }, "enhanced_image_metadata_enabled": { Type: schema.TypeBool, @@ -82,7 +82,7 @@ func ResourceImagePipeline() *schema.Resource { Type: schema.TypeString, Optional: true, ForceNew: true, - ValidateFunc: validation.StringMatch(regexache.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:\d{12}|aws):image-recipe/[0-9a-z-_]+/\d+\.\d+\.\d+$`), "valid image recipe ARN must be provided"), + ValidateFunc: validation.StringMatch(regexache.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:\d{12}|aws):image-recipe/[0-9a-z_-]+/\d+\.\d+\.\d+$`), "valid image recipe ARN must be provided"), ExactlyOneOf: []string{"container_recipe_arn", "image_recipe_arn"}, }, "image_scanning_configuration": { @@ -145,13 +145,13 @@ func ResourceImagePipeline() *schema.Resource { "infrastructure_configuration_arn": { Type: schema.TypeString, Required: true, - ValidateFunc: validation.StringMatch(regexache.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:\d{12}|aws):infrastructure-configuration/[0-9a-z-_]+$`), "valid infrastructure configuration ARN must be provided"), + ValidateFunc: validation.StringMatch(regexache.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:\d{12}|aws):infrastructure-configuration/[0-9a-z_-]+$`), "valid infrastructure configuration ARN must be provided"), }, "name": { Type: schema.TypeString, Required: true, ForceNew: true, - ValidateFunc: validation.StringMatch(regexache.MustCompile("^[0-9A-Za-z-_-][0-9A-Za-z-_ ]{1,126}[0-9A-Za-z-_-]$"), "valid name must be provided"), + ValidateFunc: validation.StringMatch(regexache.MustCompile("^[0-9A-Za-z_-][0-9A-Za-z_ -]{1,126}[0-9A-Za-z_-]$"), "valid name must be provided"), }, "platform": { Type: schema.TypeString, @@ -180,7 +180,7 @@ func ResourceImagePipeline() *schema.Resource { Computed: true, ValidateFunc: validation.All( validation.StringLenBetween(3, 100), - validation.StringMatch(regexache.MustCompile(`^[0-9A-Za-z]{2,}(?:\/[0-9a-zA-z-_+]+)*`), "")), + validation.StringMatch(regexache.MustCompile(`^[0-9A-Za-z]{2,}(?:\/[0-9a-zA-z_+-]+)*`), "")), }, }, }, diff --git a/internal/service/servicediscovery/instance.go b/internal/service/servicediscovery/instance.go index c15efd98084..598f66034fa 100644 --- a/internal/service/servicediscovery/instance.go +++ b/internal/service/servicediscovery/instance.go @@ -40,9 +40,9 @@ func ResourceInstance() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, ValidateDiagFunc: validation.AllDiag( validation.MapKeyLenBetween(1, 255), - validation.MapKeyMatch(regexache.MustCompile(`^[0-9A-Za-z!~-]+$`), ""), + validation.MapKeyMatch(regexache.MustCompile(`^[0-9A-Za-z!-~]+$`), ""), validation.MapValueLenBetween(0, 1024), - validation.MapValueMatch(regexache.MustCompile(`^([0-9A-Za-z!~-][0-9A-Za-z \t!~-]*){0,1}[0-9A-Za-z!~-]{0,1}$`), ""), + validation.MapValueMatch(regexache.MustCompile(`^([0-9A-Za-z!-~][0-9A-Za-z \t!-~]*){0,1}[0-9A-Za-z!-~]{0,1}$`), ""), ), }, "instance_id": { diff --git a/internal/service/shield/drt_access_role_arn_association.go b/internal/service/shield/drt_access_role_arn_association.go index e9c4f039878..9a4ab4b02f5 100644 --- a/internal/service/shield/drt_access_role_arn_association.go +++ b/internal/service/shield/drt_access_role_arn_association.go @@ -68,7 +68,7 @@ func (r *resourceDRTAccessRoleARNAssociation) Schema(ctx context.Context, req re Validators: []validator.String{ stringvalidator.LengthBetween(1, 2048), stringvalidator.RegexMatches( - regexache.MustCompile(`^arn:?[A-Za-z-]+:iam::\d{12}:role/?[0-9A-Za-z_+=,.@_/-]+`), + regexache.MustCompile(`^arn:?[A-Za-z-]+:iam::\d{12}:role/?[0-9A-Za-z_+,./=@-]+`), "must match arn pattern", ), },