src/Invoke-PSWizCloudRegoRuleTestWithJson.ps1
function Invoke-PSWizCloudRegoRuleTestWithJson { <# .SYNOPSIS Invokes a PSWiz Cloud Rego rule test using the provided JSON configuration. .DESCRIPTION The Invoke-PSWizCloudRegoRuleTestWithJson function sends a GraphQL query to the PSWiz API to run a Cloud Rego rule test. It requires the Rego rule and the Terraform JSON configuration as input parameters. The function constructs the query using a template file and sends it to the PSWiz API endpoint. The JSON configuration is converted from JSON to a hashtable before being sent in the query. .PARAMETER RegoRule The Rego rule to be tested. This parameter is mandatory. .PARAMETER TFJson The Terraform JSON configuration to be tested against the Rego rule. This parameter is mandatory. .EXAMPLE PS C:\> $regoRule = "my-rego-rule" PS C:\> $tfJson = Get-Content -Path "C:\path\to\tf.json" -Raw PS C:\> Invoke-PSWizCloudRegoRuleTestWithJson -RegoRule $regoRule -TFJson $tfJson This command invokes the PSWiz Cloud Rego rule test using the specified Rego rule and Terraform JSON configuration. .EXAMPLE PS C:\> $regoRule = "another-rego-rule" PS C:\> $tfJson = '{"resource": {"aws_instance": {"example": {"ami": "ami-123456", "instance_type": "t2.micro"}}}}' PS C:\> Invoke-PSWizCloudRegoRuleTestWithJson -RegoRule $regoRule -TFJson $tfJson This command invokes the PSWiz Cloud Rego rule test using the specified Rego rule and an inline Terraform JSON configuration. .EXAMPLE PS C:\> Invoke-PSWizCloudRegoRuleTestWithJson -RegoRule $(Get-Content .\data\test.rego -Raw) -TFJson $(Get-Content .\data\plan.json -Raw) This command invokes the PSWiz Cloud Rego rule test using the specified Rego rule and an inline Terraform JSON configuration. .NOTES The function requires a GraphQL query template file named 'invokeCloudRegoRuleTest.graphql' located in a 'graphql' subfolder of the script's directory. It also requires that the script-level variables $Script:Data_Center and $Script:Access_Token be set with the appropriate values for the API endpoint and authentication. The JSON configuration is converted to a hashtable to ensure it is processed correctly by the GraphQL query. #> [CmdletBinding()] param ( [Parameter(Mandatory)] $RegoRule, [Parameter(Mandatory)] $TFJson ) $queryPath = $(Split-Path -Path $Script:MyInvocation.MyCommand.Path -Parent) $Query = [PSCustomObject]@{ operationName = "runCloudRegoRuleTestWithJson" query = $(Get-Content -Path "$($queryPath)\graphql\invokeCloudRegoRuleTest.graphql" -Raw) variables = @{ rule = $RegoRule json = $($TFJson | ConvertFrom-Json -AsHashtable) } } | ConvertTo-Json -Compress -Depth 9 $response = Invoke-RestMethod -Uri "https://api.$($Script:Data_Center).app.wiz.io/graphql" -Headers @{Authorization = "Bearer $($Script:Access_Token)" } -Method Post -Body $Query -ContentType 'application/json' if ($response.errors) { $response.errors } else { $response.data.cloudConfigurationRuleJsonTest } } |