I am looking for some advice on creating a complex policy which involves cross-referencing two fields of the same resource, each field being an array. A practical example I have in mind is checking if an Azure App Gateway has any public IP address that is tied to an HTTP Listener. This means we have to compare "properties.frontendIPConfigurations" with "properties.httpListeners" and the bond between the two is "properties.frontendIPConfigurations.id" -> "properties.httpListeners.properties.frontendIPConfiguration.id".
I was able to create a similar policy with Rego in Wiz, which compares two lists of frontendIPConfiguration IDs, one from "properties.frontendIPConfigurations" and the other from "properties.httpListeners". Any overlap between these two sets indicates an exposure on the public internet.
Hi,
I am looking for some advice on creating a complex policy which involves cross-referencing two fields of the same resource, each field being an array. A practical example I have in mind is checking if an Azure App Gateway has any public IP address that is tied to an HTTP Listener. This means we have to compare "properties.frontendIPConfigurations" with "properties.httpListeners" and the bond between the two is "properties.frontendIPConfigurations.id" -> "properties.httpListeners.properties.frontendIPConfiguration.id".
I was able to create a similar policy with Rego in Wiz, which compares two lists of frontendIPConfiguration IDs, one from "properties.frontendIPConfigurations" and the other from "properties.httpListeners". Any overlap between these two sets indicates an exposure on the public internet.
I hope the above makes sense. Thank you.