This function finds all resource instances of a specific type in the current plan that are being created, modified or read using the tfplan/v2 import. Resources with the "no-op" action are also included, but only if their change.after attribute is not null.
This function is contained in the tfplan-functions.sentinel module.
find_resources = func(type)
- type: the type of resource to find, given as a string.
None
This function returns a single flat map of resource instances indexed by the complete addresses of the instances. The map is actually a filtered sub-collection of the tfplan.resource_changes collection.
This function does not print anything.
Here are some examples of calling this function, assuming that the tfplan-functions.sentinel file that contains it has been imported with the alias plan:
allEC2Instances = plan.find_resources("aws_instance")
allAzureVMs = plan.find_resources("azurerm_virtual_machine")
allGCEInstances = plan.find_resources("google_compute_instance")
allVMs = plan.find_resources("vsphere_virtual_machine")
This function is used by many policies including restrict-ec2-instance-type.sentinel (AWS), restrict-vm-size..sentinel (Azure), restrict-gce-machine-type.sentinel (GCP), and restrict-vm-cpu-and-memory.sentinel (VMware).