config: iam create aws check zone contains availability zone (#1913)

* init * make zone flag mandatory again * add info about zone update + refactor * add comment in docs about zone update * Update cli/internal/cmd/iamcreate_test.go Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * thomas feedback * add format check to config validation * remove TODO * Update docs/docs/workflows/config.md Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * thomas nit --------- Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2025-08-10 16:00:19 -04:00 · 2023-07-04 13:55:52 +02:00 · 2023-07-04 13:55:52 +02:00 · e72ec60d13
commit e72ec60d13
parent 25a038dfad
6 changed files with 274 additions and 36 deletions
--- a/internal/config/validation.go
+++ b/internal/config/validation.go
@ -11,6 +11,7 @@ import (
 	"errors"
 	"fmt"
 	"os"
+	"regexp"
 	"sort"
 	"strconv"
 	"strings"
@ -113,6 +114,26 @@ func validateGCPInstanceType(fl validator.FieldLevel) bool {
 	return validInstanceTypeForProvider(fl.Field().String(), false, cloudprovider.GCP)
 }

+func validateAWSRegionField(fl validator.FieldLevel) bool {
+	return ValidateAWSRegion(fl.Field().String())
+}
+
+func validateAWSZoneField(fl validator.FieldLevel) bool {
+	return ValidateAWSZone(fl.Field().String())
+}
+
+// ValidateAWSZone validates that the zone is in the correct format.
+func ValidateAWSZone(zone string) bool {
+	awsZoneRegex := regexp.MustCompile(`^\w+-\w+-[1-9][abc]$`)
+	return awsZoneRegex.MatchString(zone)
+}
+
+// ValidateAWSRegion validates that the region is in the correct format.
+func ValidateAWSRegion(region string) bool {
+	awsRegionRegex := regexp.MustCompile(`^\w+-\w+-[1-9]$`)
+	return awsRegionRegex.MatchString(region)
+}
+
 // validateProvider checks if zero or more than one providers are defined in the config.
 func validateProvider(sl validator.StructLevel) {
 	provider := sl.Current().Interface().(ProviderConfig)
@ -181,6 +202,26 @@ func registerNoAttestationError(ut ut.Translator) error {
 	return ut.Add("no_attestation", "{0}: No attestation has been defined (requires either awsSEVSNP, awsNitroTPM, azureSEVSNP, azureTrustedLaunch, gcpSEVES, or qemuVTPM)", true)
 }

+func registerAWSRegionError(ut ut.Translator) error {
+	return ut.Add("aws_region", "{0}: has invalid format: {1}", true)
+}
+
+func translateAWSRegionError(ut ut.Translator, fe validator.FieldError) string {
+	t, _ := ut.T("aws_region", fe.Field(), "field must be of format eu-central-1")
+
+	return t
+}
+
+func translateAWSZoneError(ut ut.Translator, fe validator.FieldError) string {
+	t, _ := ut.T("aws_zone", fe.Field(), "field must be of format eu-central-1a")
+
+	return t
+}
+
+func registerAWSZoneError(ut ut.Translator) error {
+	return ut.Add("aws_zone", "{0}: has invalid format: {1}", true)
+}
+
 func registerMoreThanOneAttestationError(ut ut.Translator) error {
 	return ut.Add("more_than_one_attestation", "{0}: Only one attestation can be defined ({1} are defined)", true)
 }