package org.sonar.iac.terraform.checks.gcp;

import org.sonar.check.Rule;
import org.sonar.iac.common.api.checks.SecondaryLocation;
import org.sonar.iac.terraform.checks.AbstractNewResourceCheck;
import org.sonar.iac.terraform.symbols.ListSymbol;

@Rule(key = "S6414")
/* loaded from: input_file:org/sonar/iac/terraform/checks/gcp/AuditLogMemberExclusionCheck.class */
public class AuditLogMemberExclusionCheck extends AbstractNewResourceCheck {
    @Override // org.sonar.iac.terraform.checks.AbstractNewResourceCheck
    protected void registerResourceConsumer() {
        register("google_project_iam_audit_config", resourceSymbol -> {
            resourceSymbol.blocks("audit_log_config").forEach(blockSymbol -> {
                ListSymbol list = blockSymbol.list("exempted_members");
                if (list.isEmpty()) {
                    return;
                }
                list.report("Make sure excluding members activity from audit logs is safe here.", new SecondaryLocation[0]);
            });
        });
    }
}
