Support nested conditions in custom rule #86
Description
Problem
It's not possible to have composite rule within custom rule due to Terraform SDK limitation (nested datastructure as a schema is not supported)
Its possible to create a nested custom rule with api (in json)
// custom rule configuration json
"rules": [
{
"conditions": {
"any": [
{
"all": [
// condition 1
]
},
{
"all": [
// condition 2
,
// condition 3
]
}
]
},
// event
}
]
This rule cannot be translated directly into HCL conformity_custom_rule rules block.
Proposal
One way of solving this would be to:
- remove the
operationfrom therulesattributes conditionstype is string(validated as a json) that can be generated- passthrough the value of
conditionsto api request payload without extra processing
// conformity_custom_rule
rules {
event_type = ""
conditions = jsonencode(
{
any = [{
all = [
{
fact = ""
operator = ""
value = ""
}
]
},
{
all = [
{
fact = ""
operator = ""
value = ""
},
{
fact = ""
operator = ""
value = ""
}
]
}]
}
)
}
I don't hold this for the best solution but I would still like to hear your opinion