TerraformのVariable Validation

変数に対してValidationを設定できるっぽい。

variable "hoge" {
  type        = list(string)
  description = "(Optional) List of IAM members to roles/run.invoker"
  default     = []

  validation {
    condition = can([
      for member in var.hoge : regex("serviceAccount:.*.iam.gserviceaccount.com", member)
    ])
    error_message = "hoge must be serviceAccount:.*.iam.gserviceaccount.com"
  }
}

参考: (can Function)[https://developer.hashicorp.com/terraform/language/expressions/custom-conditions#can-function]