--- inputType: "CA10O1__CaOracleIaasSecurityList__c" testData: - file: "test-data.json" conditions: - status: "INCOMPLIANT" currentStateMessage: "The security list has ingress rules that allow unrestricted RDP access." remediationMessage: "Remove public RDP ingress or restrict it to approved source CIDRs." check: RELATED_LIST_HAS: status: "INCOMPLIANT" relationshipName: "CA10O1__Oracle_IAAS_Security_List_Rules1__r" otherwise: status: "COMPLIANT" currentStateMessage: "The security list does not allow unrestricted RDP access." relatedLists: - relationshipName: "CA10O1__Oracle_IAAS_Security_List_Rules1__r" importExtracts: - file: "/types/CA10O1__CaOracleIaasSecurityListRule__c/object.extracts.yaml" conditions: - status: "INAPPLICABLE" currentStateMessage: "This is not an ingress rule." check: NOT_EQUAL: left: EXTRACT: "CA10O1__direction__c" right: TEXT: "Ingress" - status: "INAPPLICABLE" currentStateMessage: "This ingress rule is not sourced from the internet." check: AND: args: - NOT_EQUAL: left: EXTRACT: "CA10O1__source__c" right: TEXT: "0.0.0.0/0" - NOT_EQUAL: left: EXTRACT: "CA10O1__source__c" right: TEXT: "::/0" - status: "INAPPLICABLE" currentStateMessage: "This ingress rule does not use ALL or TCP protocol." check: NOT: arg: CONTAINS: arg: SET: itemType: "TEXT" items: - "ALL" - "TCP" search: EXTRACT: "CA10O1__protocol__c" - status: "INCOMPLIANT" currentStateMessage: "This ingress rule allows RDP access from the internet." remediationMessage: "Remove this rule or restrict the source CIDR to approved administrative ranges." check: OR: args: - AND: args: - IS_EMPTY: arg: EXTRACT: "CA10O1__destinationPortMin__c" - IS_EMPTY: arg: EXTRACT: "CA10O1__destinationPortMax__c" - AND: args: - LESS_THAN_EQUAL: left: EXTRACT: "CA10O1__destinationPortMin__c" right: NUMBER: 3389.0 - GREATER_THAN_EQUAL: left: EXTRACT: "CA10O1__destinationPortMax__c" right: NUMBER: 3389.0 otherwise: status: "COMPLIANT" currentStateMessage: "This ingress rule does not allow unrestricted RDP access."