Hi, Some policies are producing alerts against SGs that are not associated with any resources. Can you please advise how to customize the query and exclude those SGs? For example, policy "AWS Security Groups allow internet traffic from internet to MYSQL port (3306)" is defined as follows: config where cloud.type = 'aws' AND api.name='aws-ec2-describe-security-groups' AND json.rule = (((ipPermissions[?(@.toPort > 3306 && @.fromPort < 3306)].ipRanges[*] contains 0.0.0.0/0) or (ipPermissions[?(@.toPort == 3306 || @.fromPort == 3306)].ipRanges[*] contains 0.0.0.0/0)) or ((ipPermissions[?(@.toPort > 3306 && @.fromPort < 3306)].ipv6Ranges[*].cidrIpv6 contains ::/0) or (ipPermissions[?(@.toPort == 3306 || @.fromPort == 3306)].ipv6Ranges[*].cidrIpv6 contains ::/0))) Thank you
... View more