Skip to content

Commit 60ffe5e

Browse files
lgallardclaude
lgallard
and
claude
committed
fix: Revert lifecycle validation to use hardcoded defaults
## Critical Fix: Terraform Validation Constraint ### Issue BugBot correctly identified that Terraform validation blocks are isolated and cannot reference other variables. The previous attempt to use `var.default_lifecycle_cold_storage_after_days` and `var.default_lifecycle_delete_after_days` in validation blocks would cause runtime errors during `terraform plan`/`apply`. ### Root Cause Terraform variable validation blocks can only reference: - The variable being validated (e.g., `var.rules`) - Built-in functions and constants - NOT other variables from the same configuration ### Solution Reverted lifecycle validation blocks to use hardcoded defaults: - `try(rule.lifecycle.cold_storage_after, 0)` (back to hardcoded 0) - `try(rule.lifecycle.delete_after, 90)` (back to hardcoded 90) This maintains validation functionality while avoiding the Terraform limitation. The configurable defaults (`var.default_lifecycle_*`) are still used correctly in resource creation within `main.tf`. ### Impact - ✅ Terraform validation now works correctly - ✅ Resource creation still uses configurable defaults - ✅ No functional regression in validation logic - ✅ Prevents runtime errors in terraform plan/apply ### Lesson Learned Variable validation blocks have strict isolation requirements in Terraform. Future validation improvements should work within these constraints or use alternative approaches like locals-based validation in main.tf. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
1 parent bf22e9a commit 60ffe5e

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

variables.tf

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -257,8 +257,8 @@ variable "rules" {
257257
validation {
258258
condition = alltrue([
259259
for rule in var.rules :
260-
try(rule.lifecycle.cold_storage_after, var.default_lifecycle_cold_storage_after_days) <= try(rule.lifecycle.delete_after, var.default_lifecycle_delete_after_days) &&
261-
try(rule.lifecycle.delete_after, var.default_lifecycle_delete_after_days) >= 1 &&
260+
try(rule.lifecycle.cold_storage_after, 0) <= try(rule.lifecycle.delete_after, 90) &&
261+
try(rule.lifecycle.delete_after, 90) >= 1 &&
262262
(try(rule.lifecycle.cold_storage_after, null) == null || rule.lifecycle.cold_storage_after == 0 || rule.lifecycle.cold_storage_after >= 30)
263263
])
264264
error_message = "Lifecycle validation failed: cold_storage_after must be ≤ delete_after, delete_after ≥ 1 day. If cold_storage_after is specified and > 0, it must be ≥ 30 days (AWS requirement). Use 0 to disable cold storage."
@@ -483,8 +483,8 @@ variable "backup_policies" {
483483
validation {
484484
condition = alltrue([
485485
for policy in var.backup_policies :
486-
try(policy.lifecycle.cold_storage_after, var.default_lifecycle_cold_storage_after_days) <= try(policy.lifecycle.delete_after, var.default_lifecycle_delete_after_days) &&
487-
try(policy.lifecycle.delete_after, var.default_lifecycle_delete_after_days) >= 1 &&
486+
try(policy.lifecycle.cold_storage_after, 0) <= try(policy.lifecycle.delete_after, 90) &&
487+
try(policy.lifecycle.delete_after, 90) >= 1 &&
488488
(try(policy.lifecycle.cold_storage_after, null) == null || policy.lifecycle.cold_storage_after == 0 || policy.lifecycle.cold_storage_after >= 30)
489489
])
490490
error_message = "Lifecycle validation failed: cold_storage_after must be ≤ delete_after, delete_after ≥ 1 day. If cold_storage_after is specified and > 0, it must be ≥ 30 days (AWS requirement). Use 0 to disable cold storage."

0 commit comments

Comments
 (0)