Added exception check for resources

Added additional check for `addExceptionsToRuleSet` for rules that use `resources` without explicitly setting the `ResourceCategory` to `resources`. Conditional will check for whether the exception `ResourceType` in the rule `Resources`.

cli/app.go

@@ -147,7 +147,13 @@ func addExceptionsToRuleSet(ruleSet assertion.RuleSet, exceptions []RuleExceptio
 	rules := []assertion.Rule{}
 	for _, rule := range ruleSet.Rules {
 		for _, e := range exceptions {
-			if rule.ID == e.RuleID &&
+			if len(rule.Resources) > 0 {
+				if assertion.SliceContains(rule.Resources, e.ResourceType) &&
+					rule.ID == e.RuleID &&
+					(rule.Category == e.ResourceCategory || e.ResourceCategory == "resources") {
+					rule.Except = append(rule.Except, e.ResourceID)
+				}
+			} else if rule.ID == e.RuleID &&
 				rule.Resource == e.ResourceType &&
 				(rule.Category == e.ResourceCategory || rule.Category == "") {
 				rule.Except = append(rule.Except, e.ResourceID)