[Enhancement]: Skip ARN validation in provider

[juallaix]

Description

The Terraform provider is too restrictive regarding ARN validation. It forbids the use of custom ARN for third-party tools. A property like skip_arn_validation in the provider would solve the problem.

provider "aws" {
  alias = "s5"

  skip_requesting_account_id  = true
  skip_region_validation = true

  assume_role_with_web_identity {
    role_arn                = "arn:custom:iam::29065fb9-1b2e-403a-8682-463837e168a7:root"
    session_name            = "rootSession"
    web_identity_token = data.external.root_account_auto_token.result.access_token
  }

  endpoints {
    sts = "https://${var.customer}.sts.astran.io"
    iam = "https://${var.customer}.iam.astran.io"
  }
}

The following errors occur:

Error: "assume_role_with_web_identity.0.role_arn" (arn:custom:iam::29065fb9-1b2e-403a-8682-463837e168a7:root) is an invalid ARN: invalid partition value (expecting to match regular expression: ^aws(-[a-z]+)*$)

Error: "assume_role_with_web_identity.0.role_arn" (arn:custom:iam::29065fb9-1b2e-403a-8682-463837e168a7:root) is an invalid ARN: invalid account ID value (expecting to match regular expression: ^(aws|aws-managed|third-party|\d{12}|cw.{10})$)

Affected Resource(s) and/or Data Source(s)

• provider

Potential Terraform Configuration

provider "aws" {
  alias = "s5"

  skip_requesting_account_id  = true
  skip_region_validation = true
  #skip_arn_validation = true

  assume_role_with_web_identity {
    role_arn                = "arn:custom:iam::29065fb9-1b2e-403a-8682-463837e168a7:root"
    session_name            = "rootSession"
    web_identity_token = data.external.root_account_auto_token.result.access_token
  }

  endpoints {
    sts = "https://${var.customer}.sts.astran.io"
    iam = "https://${var.customer}.iam.astran.io"
  }
}

References

No response

Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.