TFLint is an open-source Terraform linter<\/strong> (static analysis tool) that checks Terraform configurations for errors, potential bugs, and stylistic or best-practice violations. It helps developers identify issues that Terraform’s built-in validation ( TFLint is available for macOS, Linux, and Windows. You can install it using package managers or download the binary.<\/p>\n\n\n\n Alternatively, install it via Snap:<\/p>\n\n\n TFLint is straightforward to use. Navigate to your Terraform project directory and run:<\/p>\n\n\n If using provider-specific rules, initialize plugins first:<\/p>\n\n\n Here is the normal table<\/strong> representation of the This table provides a clean and structured reference<\/strong> for TFLint<\/strong> command-line options. \ud83d\ude80 Let me know if you need any modifications!<\/p>\n\n\n\n TFLint can be customized using a TFLint has built-in Terraform language rules and provider-specific plugins.<\/p>\n\n\n\n Run:<\/p>\n\n\n TFLint should be incorporated into CI\/CD pipelines to enforce Terraform quality standards.<\/p>\n\n\n\n TFLint is an essential tool for ensuring Terraform code quality, catching errors early, enforcing best practices, and integrating seamlessly into CI\/CD workflows. Implement it in your Terraform projects to maintain consistent and error-free infrastructure as code.<\/p>\n\n\n\n Here’s a comprehensive tutorial for using TFLint, a powerful linter for Terraform code:<\/p>\n\n\n\nterraform validate<\/code>) might not catch, especially provider-specific problems like invalid AWS instance types or missing required Terraform versions.<\/p>\n\n\n\nKey Benefits of TFLint:<\/h3>\n\n\n\n
\n
Installation<\/h2>\n\n\n\n
macOS (Homebrew):<\/h3>\n\n\n
brew install tflint\n<\/code><\/span><\/pre>\n\n\nLinux:<\/h3>\n\n\n
curl -s https:\/\/raw.githubusercontent.com\/terraform-linters\/tflint\/master\/install_linux.sh | bash<\/span>\n<\/code><\/span>Code language:<\/span> JavaScript<\/span> (<\/span>javascript<\/span>)<\/span><\/small><\/pre>\n\n\nsudo snap install tflint\n<\/code><\/span><\/pre>\n\n\nWindows (Chocolatey):<\/h3>\n\n\n
choco install tflint\n<\/code><\/span><\/pre>\n\n\nDocker (Alternative):<\/h3>\n\n\n
docker run --rm -v $(pwd):\/data -t ghcr.io\/<\/span>terraform-linters\/tflint\n<\/code><\/span>Code language:<\/span> JavaScript<\/span> (<\/span>javascript<\/span>)<\/span><\/small><\/pre>\n\n\nVerify Installation:<\/h3>\n\n\n
tflint --version\n<\/code><\/span><\/pre>\n\n\nBasic Usage<\/h2>\n\n\n\n
tflint\n<\/code><\/span><\/pre>\n\n\ntflint --init\n<\/code><\/span><\/pre>\n\n\nExample Output:<\/h3>\n\n\n
1<\/span> issue(s) found:\nWarning: terraform \"required_version\"<\/span> attribute is required.\n\n\n<\/code><\/span>Code language:<\/span> JavaScript<\/span> (<\/span>javascript<\/span>)<\/span><\/small><\/pre>\n\n\ntflint --help<\/code> options:<\/p>\n\n\n\nOption<\/strong><\/th> Description<\/strong><\/th><\/tr><\/thead> -v, --version<\/code><\/td>Print TFLint version<\/td><\/tr> --init<\/code><\/td>Install plugins<\/td><\/tr> --langserver<\/code><\/td>Start language server<\/td><\/tr> `-f, –format=[default<\/td> json<\/td><\/tr> -c, --config=FILE<\/code><\/td>Config file name (default: .tflint.hcl)<\/td><\/tr> --ignore-module=SOURCE<\/code><\/td>Ignore module sources<\/td><\/tr> --enable-rule=RULE_NAME<\/code><\/td>Enable rules from the command line<\/td><\/tr> --disable-rule=RULE_NAME<\/code><\/td>Disable rules from the command line<\/td><\/tr> --only=RULE_NAME<\/code><\/td>Enable only this rule, disabling all others (can be specified multiple times)<\/td><\/tr> --enable-plugin=PLUGIN_NAME<\/code><\/td>Enable plugins from the command line<\/td><\/tr> --var-file=FILE<\/code><\/td>Terraform variable file name<\/td><\/tr> --var='foo=bar'<\/code><\/td>Set a Terraform variable<\/td><\/tr> `–call-module-type=[all<\/td> local<\/td><\/tr> --chdir=DIR<\/code><\/td>Switch to a different working directory before executing the command<\/td><\/tr> --recursive<\/code><\/td>Run command in each directory recursively<\/td><\/tr> --filter=FILE<\/code><\/td>Filter issues by file names or globs<\/td><\/tr> --force<\/code><\/td>Return zero exit status even if issues are found<\/td><\/tr> `–minimum-failure-severity=[error<\/td> warning<\/td><\/tr> --color<\/code><\/td>Enable colorized output<\/td><\/tr> --no-color<\/code><\/td>Disable colorized output<\/td><\/tr> --fix<\/code><\/td>Fix issues automatically<\/td><\/tr> --no-parallel-runners<\/code><\/td>Disable per-runner parallelism<\/td><\/tr> --max-workers=N<\/code><\/td>Set maximum number of workers in recursive inspection (default: number of CPUs)<\/td><\/tr> -h, --help<\/code><\/td>Show this help message<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n Configuration<\/h2>\n\n\n\n
.tflint.hcl<\/code> configuration file.<\/p>\n\n\n\nExample
.tflint.hcl<\/code> Configuration:<\/h3>\n\n\ntflint {\n required_version = \">= 0.50\"<\/span>\n}\n\nconfig {\n format = \"compact\"<\/span>\n plugin_dir = \"~\/.tflint.d\/plugins\"<\/span>\n call_module_type = \"local\"<\/span>\n}\n\nplugin \"aws\"<\/span> {\n enabled = true<\/span>\n version = \"0.4.0\"<\/span>\n source = \"github.com\/terraform-linters\/tflint-ruleset-aws\"<\/span>\n}\n\nrule \"terraform_required_version\"<\/span> {\n enabled = false<\/span>\n}\n<\/code><\/span>Code language:<\/span> JavaScript<\/span> (<\/span>javascript<\/span>)<\/span><\/small><\/pre>\n\n\nRules and Plugins<\/h2>\n\n\n\n
Built-in Rules:<\/h3>\n\n\n\n
\n
required_version<\/code> is defined.<\/li>\n\n\n\nProvider Plugins:<\/h3>\n\n\n\n
\n
Enabling a Plugin:<\/h3>\n\n\n
plugin \"aws\"<\/span> {\n enabled = true<\/span>\n version = \"0.24.1\"<\/span>\n source = \"github.com\/terraform-linters\/tflint-ruleset-aws\"<\/span>\n}\n<\/code><\/span>Code language:<\/span> JavaScript<\/span> (<\/span>javascript<\/span>)<\/span><\/small><\/pre>\n\n\ntflint --init\n<\/code><\/span><\/pre>\n\n\nCI\/CD Integration<\/h2>\n\n\n\n
GitHub Actions Example:<\/h3>\n\n\n
jobs:\n lint:\n runs-on: ubuntu-latest\n steps:\n - uses: actions\/checkout@v4\n - run: tflint --init\n - run: tflint\n<\/code><\/span><\/pre>\n\n\nGitLab CI Example:<\/h3>\n\n\n
lint:terraform:\n image: terraform-linters\/tflint:latest\n script:\n - tflint --init\n - tflint\n<\/code><\/span><\/pre>\n\n\nBest Practices<\/h2>\n\n\n\n
\n
.tflint.hcl<\/code> based on project needs.<\/li>\n\n\n\n# tflint-ignore: rule_name<\/code> for exceptions.<\/li>\n\n\n\nterraform fmt<\/code>, terraform validate<\/code>, and security scanners like tfsec<\/code>.<\/li>\n<\/ol>\n\n\n\nConclusion<\/h2>\n\n\n\n
Installation<\/h2>\n\n\n\n
\n
\n
brew install tflint<\/code><\/li>\n\n\n\nchoco install tflint<\/code><\/li>\n\n\n\ncurl -s https:\/\/raw.githubusercontent.com\/terraform-linters\/tflint\/master\/install_linux.sh | bash<\/code>1<\/a>3<\/a><\/li>\n<\/ul>\n\n\n\n\n
tflint --version<\/code><\/li>\n<\/ol>\n\n\n\nSetup and Configuration<\/h2>\n\n\n\n
\n
.tflint.hcl<\/code> configuration file in your project root: textplugin \"terraform\" { enabled = true preset = \"recommended\" }<\/code><\/li>\n\n\n\n