Open alexandresavicki opened 4 years ago
Hello, would it be possible to use a resource in a condition? For example:
Write a rule that validates resource aws_s3_bucket_public_access_block.block_public_acls = true only if's aws_s3_bucket.acl = private
aws_s3_bucket_public_access_block.block_public_acls = true
aws_s3_bucket.acl = private
An example of this rule would be something like this:
- id: BLOCK_CREATE_S3 message: Can't create S3 with public access if it's a private bucket. categorys: - resource recources: - aws_s3_bucket_public_access_block conditions: - key: aws_s3_bucket.acl op: eq value: private assertions: - key: block_public_acls op: eq value: "true"
Hello, would it be possible to use a resource in a condition? For example:
Write a rule that validates resource
aws_s3_bucket_public_access_block.block_public_acls = trueonly if'saws_s3_bucket.acl = privateAn example of this rule would be something like this: