I have the following response from an API and I need to get the resourceName if it consists the keywords -ecs-cloudwatch-policy. How can this be achieved in rego?
{
'resourceId': 'ABCDEF12345',
'resourceName': 'IAM-ctf-109-ecs-cloudwatch-policy',
'resourceType': 'AWS: :IAM: :Policy',
'name': 'Is attached to Policy'
},
{ 'resourceId': 'ABCDEF54321',
'resourceName': 'IAM-KMS-Policy-115',
'resourceType': 'AWS: :IAM: :Policy',
'name': 'Is attached to CustomerPolicy'
}
Assuming the input data is an array provided as the global input variable, you could do something like this to traverse all the values in search for matches:
package policy
import future.keywords
cloudwatch_policy_resource_names contains resource.resourceName if {
some resource in input
contains(resource.resourceName, "ecs-cloudwatch-policy")
}
Given your input data, the cloudwatch_policy_resource_names rule would evaluate to:
[
"IAM-ctf-109-ecs-cloudwatch-policy"
]