From 39067c733bedf77d388956a8ef001a5326e7e90e Mon Sep 17 00:00:00 2001
From: harkirat22 <harkiratbhardwaj@gmail.com>
Date: Sat, 9 Jan 2021 08:12:49 -0500
Subject: [PATCH] adding an else condition to relate the flow log with vpc

---
 pkg/policies/opa/rego/aws/aws_vpc/vpcFlowLogsNotEnabled.rego | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/policies/opa/rego/aws/aws_vpc/vpcFlowLogsNotEnabled.rego b/pkg/policies/opa/rego/aws/aws_vpc/vpcFlowLogsNotEnabled.rego
index 64e497146..c246e01ba 100755
--- a/pkg/policies/opa/rego/aws/aws_vpc/vpcFlowLogsNotEnabled.rego
+++ b/pkg/policies/opa/rego/aws/aws_vpc/vpcFlowLogsNotEnabled.rego
@@ -24,4 +24,8 @@ flowLogExist(vpc, vpc_input) = exists {
     vpc_name := sprintf("aws_vpc.%s", [vpc.name])
 	flow_log_tags_set[vpc_name]
     exists = true
+} else = exists {
+	flow_log_vpcs_set := { vpc_id | input.aws_flow_log[i].type == "aws_flow_log"; vpc_id := split(input.aws_flow_log[i].config.vpc_id, ".")[1] }
+	flow_log_vpcs_set[vpc.name]
+    exists = true
 }
\ No newline at end of file