[BUG] Submodule unable to resolve object reference #395
Description
Describe the bug
Submodule is unable to resolve a object reference to a variable value defined in the tfvars of the root module.
How you're running Regula
Please include versions of all relevant tools.
- Regula v2.9.3
- OPA v0.43.1
- Terraform v1.0.4
- AWS v4.54.0
Operating System
Macbook
Steps to reproduce
Below is the IaC terraform configuration to reproduce
./main.tf
variable "cloudwatch_metric_alarm" {
type = object({
enable = bool,
actions = list(string)
})
}
variable "cloudwatch_metric_alarm_actions" {
type = list(string)
}
module "cw_alarm" {
source = "./modules/cloudwatch"
cloudwatch_metric_alarm = var.cloudwatch_metric_alarm
cloudwatch_metric_alarm_actions = var.cloudwatch_metric_alarm_actions
}./terraform.tfvars
cloudwatch_metric_alarm = {
enable = true
actions = ["arn:aws:sns:us-east-1:123456789012:example-sns-topic-name"]
}
cloudwatch_metric_alarm_actions = ["arn:aws:sns:us-east-1:123456789012:example-sns-topic-name"]./modules/cloudwatch/main.tf
variable "cloudwatch_metric_alarm" {
type = object({
enable = bool,
actions = list(string)
})
}
variable "cloudwatch_metric_alarm_actions" {
type = list(string)
}
resource "aws_cloudwatch_metric_alarm" "this" {
alarm_name = "my-test-alarm"
comparison_operator = "GreaterThanOrEqualToThreshold"
evaluation_periods = "2"
alarm_description = "Alarm when query volume near upper limit"
alarm_actions = var.cloudwatch_metric_alarm.actions # error reported due to object reference
# alarm_actions = var.cloudwatch_metric_alarm_actions
}Run the following command from the root module:
regula run --var-file=terraform.tfvars
You will notice FG_R00240 being flagged complaining how an alarm action is not defined even though it is defined. Now, comment out the alarm_actions attribute line that has object reference and uncomment the alarm_actions attribute line that uses list(string) reference and run the above regula command again. The error reported for rule FG_R00240 disappears.