terraform.aws.best-practice.missing-aws-autoscaling-tags.missing-aws-autoscaling-tags
semgrep
Author
unknown
Download Count*
License
The AWS Autoscaling Group is not tagged.
Run Locally
Run in CI
Defintion
rules:
- id: missing-aws-autoscaling-tags
patterns:
- pattern: |
resource "aws_autoscaling_group" $ANYTHING {
...
}
- pattern-not-inside: |
resource "aws_autoscaling_group" $ANYTHING {
...
tag {
...
}
...
}
- pattern-not-inside: |
resource "aws_autoscaling_group" $ANYTHING {
...
tags = concat(
...
)
...
}
message: The AWS Autoscaling Group is not tagged.
languages:
- hcl
severity: WARNING
metadata:
category: best-practice
technology:
- terraform
- aws
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
Examples
missing-aws-autoscaling-tags.tf
resource "aws_autoscaling_group" "passtag" {
name = "foobar3-terraform-test"
max_size = 5
min_size = 2
health_check_grace_period = 300
health_check_type = "ELB"
desired_capacity = 4
force_delete = true
placement_group = aws_placement_group.test.id
launch_configuration = aws_launch_configuration.foobar.name
vpc_zone_identifier = [aws_subnet.example1.id, aws_subnet.example2.id]
tag {
key = "foo"
value = "bar"
propagate_at_launch = true
}
tag {
key = "lorem"
value = "ipsum"
propagate_at_launch = false
}
}
resource "aws_autoscaling_group" "passtags" {
name = "foobar3-terraform-test"
max_size = 5
min_size = 2
launch_configuration = aws_launch_configuration.foobar.name
vpc_zone_identifier = [aws_subnet.example1.id, aws_subnet.example2.id]
tags = concat(
[
{
"key" = "interpolation1"
"value" = "value3"
"propagate_at_launch" = true
},
{
"key" = "interpolation2"
"value" = "value4"
"propagate_at_launch" = true
},
],
var.extra_tags,
)
}
# ruleid: missing-aws-autoscaling-tags
resource "aws_autoscaling_group" "fail" {
name = "foobar3-terraform-test"
max_size = 5
min_size = 2
launch_configuration = aws_launch_configuration.foobar.name
vpc_zone_identifier = [aws_subnet.example1.id, aws_subnet.example2.id]
}
Short Link: https://sg.run/EyGw