diff --git a/aws/validators.go b/aws/validators.go index 31655a95813..8c44096e4ae 100644 --- a/aws/validators.go +++ b/aws/validators.go @@ -2393,15 +2393,18 @@ func validateRoute53ResolverName(v interface{}, k string) (ws []string, errors [ return } +//custom event bus names are still subject to this validation var validateCloudWatchEventCustomEventBusName = validation.All( validation.StringLenBetween(1, 256), validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9._\-]+$`), ""), validation.StringDoesNotMatch(regexp.MustCompile(`^default$`), "cannot be 'default'"), ) +//partner names or references to the bus name can be ARNs or include slashes in the name +//see https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutRule.html#API_PutRule_RequestSyntax var validateCloudWatchEventBusName = validation.All( validation.StringLenBetween(1, 256), - validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9._\-/]+$`), ""), + validation.StringMatch(regexp.MustCompile(`^(arn:aws[\w-]*:events:[a-z]{2}-[a-z]+-[\w-]+:[0-9]{12}:event-bus\/)?[/\.\-_A-Za-z0-9]+$`), ""), ) var validateCloudWatchEventArchiveName = validation.All( diff --git a/aws/validators_test.go b/aws/validators_test.go index cba58add7a4..fb63039403e 100644 --- a/aws/validators_test.go +++ b/aws/validators_test.go @@ -3219,6 +3219,53 @@ func TestCloudWatchEventCustomEventBusName(t *testing.T) { } } +func TestCloudWatchEventBusName(t *testing.T) { + cases := []struct { + Value string + IsValid bool + }{ + { + Value: "", + IsValid: false, + }, + { + Value: acctest.RandStringFromCharSet(256, acctest.CharSetAlpha), + IsValid: true, + }, + { + Value: acctest.RandStringFromCharSet(257, acctest.CharSetAlpha), + IsValid: false, + }, + { + Value: "aws.partner/test/test", + IsValid: true, + }, + { + //this seems like it would be wrong, but AWS documentation states this is allowed for partner busses + // see - https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutRule.html#API_PutRule_RequestSyntax + Value: "/test0._1-", + IsValid: true, + }, + { + Value: "test0._1-", + IsValid: true, + }, + { + Value: "arn:aws:events:us-east-1:123456789012:event-bus/something-custom/subpath", // lintignore:AWSAT003,AWSAT005 + IsValid: true, + }, + } + for _, tc := range cases { + _, errors := validateCloudWatchEventBusName(tc.Value, "aws_cloudwatch_event_bus") + isValid := len(errors) == 0 + if tc.IsValid && !isValid { + t.Errorf("expected %q to return valid, but did not", tc.Value) + } else if !tc.IsValid && isValid { + t.Errorf("expected %q to not return valid, but did", tc.Value) + } + } +} + func TestValidateServiceDiscoveryNamespaceName(t *testing.T) { validNames := []string{ "ValidName",