I have the following response from an API and I need to get the resourceName
if it consists the keywords -ecs-cloudwatch-policy
. How can this be achieved in rego?
{
'resourceId': 'ABCDEF12345',
'resourceName': 'IAM-ctf-109-ecs-cloudwatch-policy',
'resourceType': 'AWS: :IAM: :Policy',
'name': 'Is attached to Policy'
},
{ 'resourceId': 'ABCDEF54321',
'resourceName': 'IAM-KMS-Policy-115',
'resourceType': 'AWS: :IAM: :Policy',
'name': 'Is attached to CustomerPolicy'
}
Assuming the input data is an array provided as the global
input
variable, you could do something like this to traverse all the values in search for matches:Given your input data, the
cloudwatch_policy_resource_names
rule would evaluate to: