squareops
diff --git a/‎.gitignore
+32 b/‎.gitignore
+32
diff --git a/‎.pre-commit-config.yaml
+29 b/‎.pre-commit-config.yaml
+29
diff --git a/‎.tflint.hcl
+112 b/‎.tflint.hcl
+112
@@ -0,0 +1,32 @@
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+*.out
+*.lock
+*.tfvars
+*.pem
+*.txt
+
+# Local .terraform directories
+**/.terraform/*
+.terraform*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
@@ -0,0 +1,29 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.1.0
+    hooks:
+      - id: trailing-whitespace
+        args: ['--markdown-linebreak-ext=md']
+      - id: end-of-file-fixer
+      - id: check-merge-conflict
+      - id: detect-private-key
+      - id: detect-aws-credentials
+        args: ['--allow-missing-credentials']
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.77.0
+    hooks:
+      - id: terraform_fmt
+      - id: terraform_docs
+        args:
+          - '--args=--lockfile=false'
+          - --hook-config=--add-to-existing-file=true
+          - --hook-config=--create-file-if-not-exist=true
+
+      - id: terraform_tflint
+        args:
+          - --args=--config=.tflint.hcl
+      - id: terraform_tfsec
+        files: ^examples/ # only scan `examples/*` which are the implementation
+        args:
+          - --args=--config-file=__GIT_WORKING_DIR__/tfsec.yaml
+          - --args=--concise-output
@@ -0,0 +1,112 @@
+plugin "aws" {
+    enabled = true
+    version = "0.14.0"
+    source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
+
+config {
+#Enables module inspection
+module = false
+force = false
+}
+
+# Required that all AWS resources have specified tags.
+rule "aws_resource_missing_tags" {
+  enabled = true
+  tags = [
+    "Name",
+    "Environment",
+  ]
+}
+
+# Disallow deprecated (0.11-style) interpolation
+rule "terraform_deprecated_interpolation" {
+enabled = true
+}
+
+# Disallow legacy dot index syntax.
+rule "terraform_deprecated_index" {
+enabled = true
+}
+
+# Disallow variables, data sources, and locals that are declared but never used.
+rule "terraform_unused_declarations" {
+enabled = true
+}
+
+# Disallow // comments in favor of #.
+rule "terraform_comment_syntax" {
+enabled = false
+}
+
+# Disallow output declarations without description.
+rule "terraform_documented_outputs" {
+enabled = true
+}
+
+# Disallow variable declarations without description.
+rule "terraform_documented_variables" {
+enabled = true
+}
+
+# Disallow variable declarations without type.
+rule "terraform_typed_variables" {
+enabled = true
+}
+
+# Disallow specifying a git or mercurial repository as a module source without pinning to a version.
+rule "terraform_module_pinned_source" {
+enabled = true
+}
+
+# Enforces naming conventions
+rule "terraform_naming_convention" {
+enabled = true
+
+#Require specific naming structure
+variable {
+format = "snake_case"
+}
+
+locals {
+format = "snake_case"
+}
+
+output {
+format = "snake_case"
+}
+
+#Allow any format
+resource {
+format = "none"
+}
+
+module {
+format = "none"
+}
+
+data {
+format = "none"
+}
+
+}
+
+# Disallow terraform declarations without require_version.
+rule "terraform_required_version" {
+enabled = true
+}
+
+# Require that all providers have version constraints through required_providers.
+rule "terraform_required_providers" {
+enabled = true
+}
+
+# Ensure that a module complies with the Terraform Standard Module Structure
+rule "terraform_standard_module_structure" {
+enabled = true
+}
+
+# terraform.workspace should not be used with a "remote" backend with remote execution.
+rule "terraform_workspace_remote" {
+enabled = true
+}