jasontachtech
diff --git a/‎governance/third-generation/aws/test/restrict-ingress-sg-rule-rdp/mock-tfplan-fail.sentinel
Lines changed: 76 additions & 15 deletions b/‎governance/third-generation/aws/test/restrict-ingress-sg-rule-rdp/mock-tfplan-fail.sentinel
Lines changed: 76 additions & 15 deletions
diff --git a/‎governance/third-generation/aws/test/restrict-ingress-sg-rule-ssh/mock-tfplan-fail.sentinel
Lines changed: 74 additions & 13 deletions b/‎governance/third-generation/aws/test/restrict-ingress-sg-rule-ssh/mock-tfplan-fail.sentinel
Lines changed: 74 additions & 13 deletions
diff --git a/‎governance/third-generation/aws/filter_attribute_greater_than_equal_to_value.md renamed to ‎governance/third-generation/common-functions/tfplan-functions/docs/filter_attribute_greater_than_equal_to_value.md b/‎governance/third-generation/aws/filter_attribute_greater_than_equal_to_value.md renamed to ‎governance/third-generation/common-functions/tfplan-functions/docs/filter_attribute_greater_than_equal_to_value.md
diff --git a/‎governance/third-generation/aws/filter_attribute_less_than_equal_to_value.md renamed to ‎governance/third-generation/common-functions/tfplan-functions/docs/filter_attribute_less_than_equal_to_value.md b/‎governance/third-generation/aws/filter_attribute_less_than_equal_to_value.md renamed to ‎governance/third-generation/common-functions/tfplan-functions/docs/filter_attribute_less_than_equal_to_value.md
@@ -16,10 +16,10 @@ resource_changes = {
 						"from_port":        0,
 						"ipv6_cidr_blocks": [],
 						"prefix_list_ids":  [],
-						"protocol":         "-1",
+						"protocol":         "tcp",
 						"security_groups":  [],
 						"self":             false,
-						"to_port":          3389,
+						"to_port":          9443,
 					},
 				],
 				"name":                   "bar",
@@ -69,13 +69,13 @@ resource_changes = {
 							"0.0.0.0/0",
 						],
 						"description":      "baz",
-						"from_port":        0,
+						"from_port":        null,
 						"ipv6_cidr_blocks": [],
 						"prefix_list_ids":  [],
 						"protocol":         "tcp",
 						"security_groups":  [],
 						"self":             false,
-						"to_port":          9443,
+						"to_port":          3389,
 					},
 				],
 				"name":                   "baz",
@@ -174,18 +174,42 @@ resource_changes = {
 				"create",
 			],
 			"after": {
-				"description":            "seuss",
+				"description": "seuss",
+				"ingress": [
+					{
+						"cidr_blocks": [
+							"0.0.0.0/0",
+						],
+						"description":      "seuss",
+						"from_port":        3389,
+						"ipv6_cidr_blocks": [],
+						"prefix_list_ids":  [],
+						"protocol":         "tcp",
+						"security_groups":  [],
+						"self":             false,
+						"to_port":          null,
+					},
+				],
 				"name":                   "seuss",
 				"name_prefix":            null,
 				"revoke_rules_on_delete": false,
 				"tags":     null,
 				"timeouts": null,
 			},
 			"after_unknown": {
-				"arn":      true,
-				"egress":   true,
-				"id":       true,
-				"ingress":  true,
+				"arn":    true,
+				"egress": true,
+				"id":     true,
+				"ingress": [
+					{
+						"cidr_blocks": [
+							false,
+						],
+						"ipv6_cidr_blocks": [],
+						"prefix_list_ids":  [],
+						"security_groups":  [],
+					},
+				],
 				"owner_id": true,
 				"vpc_id":   true,
 			},
@@ -195,7 +219,7 @@ resource_changes = {
 		"index":          null,
 		"mode":           "managed",
 		"module_address": "",
-		"name":           "seuss",
+		"name":           "foo",
 		"provider_name":  "aws",
 		"type":           "aws_security_group",
 	},
@@ -215,7 +239,7 @@ resource_changes = {
 				"prefix_list_ids":  null,
 				"protocol":         "-1",
 				"self":             false,
-				"to_port":          0,
+				"to_port":          9443,
 				"type":             "ingress",
 			},
 			"after_unknown": {
@@ -247,7 +271,7 @@ resource_changes = {
 					"0.0.0.0/0",
 				],
 				"description":      "green",
-				"from_port":        0,
+				"from_port":        3389,
 				"ipv6_cidr_blocks": null,
 				"prefix_list_ids":  null,
 				"protocol":         "tcp",
@@ -284,12 +308,12 @@ resource_changes = {
 					"0.0.0.0/0",
 				],
 				"description":      "ham",
-				"from_port":        0,
+				"from_port":        null,
 				"ipv6_cidr_blocks": null,
 				"prefix_list_ids":  null,
 				"protocol":         "tcp",
 				"self":             false,
-				"to_port":          9443,
+				"to_port":          3389,
 				"type":             "ingress",
 			},
 			"after_unknown": {
@@ -310,4 +334,41 @@ resource_changes = {
 		"provider_name":  "aws",
 		"type":           "aws_security_group_rule",
 	},
-}
+	"aws_security_group_rule.bar": {
+		"address": "aws_security_group_rule.bar",
+		"change": {
+			"actions": [
+				"create",
+			],
+			"after": {
+				"cidr_blocks": [
+					"0.0.0.0/0",
+				],
+				"description":      "bar",
+				"from_port":        3389,
+				"ipv6_cidr_blocks": null,
+				"prefix_list_ids":  null,
+				"protocol":         "tcp",
+				"self":             false,
+				"to_port":          null,
+				"type":             "ingress",
+			},
+			"after_unknown": {
+				"cidr_blocks": [
+					false,
+				],
+				"id":                       true,
+				"security_group_id":        true,
+				"source_security_group_id": true,
+			},
+			"before": null,
+		},
+		"deposed":        "",
+		"index":          null,
+		"mode":           "managed",
+		"module_address": "",
+		"name":           "bar",
+		"provider_name":  "aws",
+		"type":           "aws_security_group_rule",
+	},
+}
@@ -16,10 +16,10 @@ resource_changes = {
 						"from_port":        0,
 						"ipv6_cidr_blocks": [],
 						"prefix_list_ids":  [],
-						"protocol":         "-1",
+						"protocol":         "tcp",
 						"security_groups":  [],
 						"self":             false,
-						"to_port":          22,
+						"to_port":          1024,
 					},
 				],
 				"name":                   "bar",
@@ -69,13 +69,13 @@ resource_changes = {
 							"0.0.0.0/0",
 						],
 						"description":      "baz",
-						"from_port":        0,
+						"from_port":        null,
 						"ipv6_cidr_blocks": [],
 						"prefix_list_ids":  [],
 						"protocol":         "tcp",
 						"security_groups":  [],
 						"self":             false,
-						"to_port":          1024,
+						"to_port":          22,
 					},
 				],
 				"name":                   "baz",
@@ -174,18 +174,42 @@ resource_changes = {
 				"create",
 			],
 			"after": {
-				"description":            "seuss",
+				"description": "seuss",
+				"ingress": [
+					{
+						"cidr_blocks": [
+							"0.0.0.0/0",
+						],
+						"description":      "seuss",
+						"from_port":        22,
+						"ipv6_cidr_blocks": [],
+						"prefix_list_ids":  [],
+						"protocol":         "tcp",
+						"security_groups":  [],
+						"self":             false,
+						"to_port":          null,
+					},
+				],
 				"name":                   "seuss",
 				"name_prefix":            null,
 				"revoke_rules_on_delete": false,
 				"tags":     null,
 				"timeouts": null,
 			},
 			"after_unknown": {
-				"arn":      true,
-				"egress":   true,
-				"id":       true,
-				"ingress":  true,
+				"arn":    true,
+				"egress": true,
+				"id":     true,
+				"ingress": [
+					{
+						"cidr_blocks": [
+							false,
+						],
+						"ipv6_cidr_blocks": [],
+						"prefix_list_ids":  [],
+						"security_groups":  [],
+					},
+				],
 				"owner_id": true,
 				"vpc_id":   true,
 			},
@@ -195,7 +219,7 @@ resource_changes = {
 		"index":          null,
 		"mode":           "managed",
 		"module_address": "",
-		"name":           "seuss",
+		"name":           "foo",
 		"provider_name":  "aws",
 		"type":           "aws_security_group",
 	},
@@ -215,7 +239,7 @@ resource_changes = {
 				"prefix_list_ids":  null,
 				"protocol":         "-1",
 				"self":             false,
-				"to_port":          0,
+				"to_port":          1024,
 				"type":             "ingress",
 			},
 			"after_unknown": {
@@ -284,12 +308,12 @@ resource_changes = {
 					"0.0.0.0/0",
 				],
 				"description":      "ham",
-				"from_port":        0,
+				"from_port":        null,
 				"ipv6_cidr_blocks": null,
 				"prefix_list_ids":  null,
 				"protocol":         "tcp",
 				"self":             false,
-				"to_port":          1024,
+				"to_port":          22,
 				"type":             "ingress",
 			},
 			"after_unknown": {
@@ -310,4 +334,41 @@ resource_changes = {
 		"provider_name":  "aws",
 		"type":           "aws_security_group_rule",
 	},
+	"aws_security_group_rule.bar": {
+		"address": "aws_security_group_rule.bar",
+		"change": {
+			"actions": [
+				"create",
+			],
+			"after": {
+				"cidr_blocks": [
+					"0.0.0.0/0",
+				],
+				"description":      "bar",
+				"from_port":        22,
+				"ipv6_cidr_blocks": null,
+				"prefix_list_ids":  null,
+				"protocol":         "tcp",
+				"self":             false,
+				"to_port":          null,
+				"type":             "ingress",
+			},
+			"after_unknown": {
+				"cidr_blocks": [
+					false,
+				],
+				"id":                       true,
+				"security_group_id":        true,
+				"source_security_group_id": true,
+			},
+			"before": null,
+		},
+		"deposed":        "",
+		"index":          null,
+		"mode":           "managed",
+		"module_address": "",
+		"name":           "bar",
+		"provider_name":  "aws",
+		"type":           "aws_security_group_rule",
+	},
 }