anderseknert/google_sql_database_instance.rego

## google_sql_database_instance.rego
package google_sql_database_instance

import rego.v1

violations contains db_instance.id if {
    some db_instance in input.google_sql_database_instance
    not valid_db_instance(db_instance)
}

valid_db_instance(db_instance) if every setting in db_instance.config.settings {
    every ip_configuration in setting.ip_configuration {
        ip_configuration.require_ssl == true
        not "0.0.0.0" in {authorized_network.value | some authorized_network in ip_configuration.authorized_networks}
    }
}
	package google_sql_database_instance

	import rego.v1

	violations contains db_instance.id if {
	some db_instance in input.google_sql_database_instance
	not valid_db_instance(db_instance)
	}

	valid_db_instance(db_instance) if every setting in db_instance.config.settings {
	every ip_configuration in setting.ip_configuration {
	ip_configuration.require_ssl == true
	not "0.0.0.0" in {authorized_network.value \| some authorized_network in ip_configuration.authorized_networks}
	}
	}