Hi there,
I would like to output the delta between two maps in Sentinel. There is a map with arpFlood set to “yes” and others without. I would like to dynamically get keys of the objects that do not have arp_flood set to “yes”
import "tfplan/v2" as tfplan
bds = filter tfplan.planned_values.resources as _, rc {
rc.type is "aci_rest_managed" and rc.values.class_name is "fvBD"
}
ok_bds = filter bds as _, rc {
rc.values.content.arpFlood is "yes"
}
mandatory_flood = rule {
length(ok_bds) == length(bds)
}
main = rule {
mandatory_flood
}
The objective is to return any keys that violate the rule. Or is there a better way to return the specific keys that do not match the rule?
Here is an example of the mock:
planned_values = {
"outputs": {},
"resources": {
"module.tenant[\"dev\"].module.aci_bridge_domain[\"10.1.10.0_24\"].aci_rest_managed.fvBD": {
"address": "module.tenant[\"dev\"].module.aci_bridge_domain[\"10.1.10.0_24\"].aci_rest_managed.fvBD",
"depends_on": [],
"deposed_key": "",
"index": null,
"mode": "managed",
"module_address": "module.tenant[\"dev\"].module.aci_bridge_domain[\"10.1.10.0_24\"]",
"name": "fvBD",
"provider_name": "registry.terraform.io/ciscodevnet/aci",
"tainted": false,
"type": "aci_rest_managed",
"values": {
"child": [],
"class_name": "fvBD",
"content": {
"arpFlood": "yes",
"descr": "",
"hostBasedRouting": "no",
}
Thanks in advance,
Rob